I need to know if anyone is using our file server's IP address to access instead of the name. Any ideas?

file-sharing windows-server-2008 network-share

Solution 1:

You could add a second IP address to the system and point the DNS name at that new IP address. The server will still talk on both IPs, so none of your users will be disrupted, but you will know that anyone connecting on the old IP is not using DNS.

Solution 2:

I actually looked into this at $job-1. I never did find a way to address this in the windows event logs natively but I did come up with an interesting workaround which may be of some use. Using file system auditing you can get the source IP and username for each access that takes place. I'm assuming you are running AD with integrated DNS with WINS disabled. If so you can export the logs for your DNS queries.

It is possible to pump both of these logs into a Splunk instance and cross correlate any source IPs which haven't made a DNS request but that have hit your file server. From there all you need to do is verify that there isnt HOSTS file in use.

All that being said in mist environments it is way easier to just make the change and see who complains.

Related

Load key "privkey.ppk" invalid format
Move Windows hibernation file to a different drive
how to disable a NIC in centos
How to detect a hidden process in linux?
How do I know if my server has SSH?
What is more important for a database server? Mem? Mem speed? Cores?
DNS searching with wildcards?
Can I use Public-Key-Pins with LetsEncrypt?
Elastic Beanstalk stuck for more than 12 hrs
Run virtual machines without a host
Method not found: '!!0[] System.Array.Empty()'
extra qualification error in C++