It started with an incident being logged for a client [i hate calling users “user”…to me its very unprofessional] …anyway the client works in the finance section and she needed to log onto her NT box to run ORACLE. She could log in alright, but only using her cached credentials. Then another call comes in fro her work colleague sitting next to her. Initial analysis revealed that the IP address for her NT box is 192.168.1.12. Hold on, i say to myself, this cannot be right. The company’s NT network is on 10.212.x.x.
Considering the nature of the call, i pass it over to networks to have a dig into this. After a lot of faffing about, we track the culprit to a ADSL router. For some strange reason, someone had plugged into the router a network cable from the company’s NT network switch.