Ash57
asked on
Looking for a possible hacker..?
Hey all.
Let me give you a quick overview of the situation. We are in a windows 2000 environment: servers and desktops. We have an employee who runs queries via an access database to a db2 server offsite maintained by a third party vendor.
We have noticed that when this employee leaves the office durning the week; someone tries to view that access database and ends up locking the account out to the db2 server with repeated unsuccessful logins. We think it is someone internally who is doing this and just not confessing to it.
My question is this: Is there a way to track a user (inside or outside our domain) who might be accessing the particular access database and locking out the db2 account with their unsuccesful logon attemps? Is there something internally to Windows 2000 or a 3rd party software that can do this?
Thanks for anyone's help.
Let me give you a quick overview of the situation. We are in a windows 2000 environment: servers and desktops. We have an employee who runs queries via an access database to a db2 server offsite maintained by a third party vendor.
We have noticed that when this employee leaves the office durning the week; someone tries to view that access database and ends up locking the account out to the db2 server with repeated unsuccessful logins. We think it is someone internally who is doing this and just not confessing to it.
My question is this: Is there a way to track a user (inside or outside our domain) who might be accessing the particular access database and locking out the db2 account with their unsuccesful logon attemps? Is there something internally to Windows 2000 or a 3rd party software that can do this?
Thanks for anyone's help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
After you enable auditing, you can see the log in event viewer - security tab.
I would agree with AndresM. This will probably pick out your culprit.
Hi,
First u just enable Auding which is in windows nt inbuid.Just enable and view the details from Event Views.
And also try to get the Management software which will track inbout and out bound connections.
Go to google.com and type network management tools and download and enjoy...
narendra
First u just enable Auding which is in windows nt inbuid.Just enable and view the details from Event Views.
And also try to get the Management software which will track inbout and out bound connections.
Go to google.com and type network management tools and download and enjoy...
narendra
ASKER