Solved

Catch Rogue User: Send SMS to Mobile Phone when Logon Detected

Posted on 2003-11-22
4
206 Views
Last Modified: 2013-12-04
Question:
I would like to know how to have an SMS sent to my mobile phone when a certain user attempts to logon to a PC in our Win2k domain.

Background/Why/Problem:
I have changed the local and domain Administrator accounts to have only user privledges. I use a different user name to administer. I wish to catch the person who is trying to logon as "Administrator" (domain admin not local).  Even though they are wasting their time I feel the person must be spoken to. I have examined the logs but am always a few minutes behind... I need instant notification to my mobile as our users move between PC's quite frequently.

Our Setup:
3 x Windows 2000 Server Active Directory Domain Filesevers. Over 190 Windows 2000 Professional Clients joined to the domain. Users can logon using their own individual user account on any PC (roaming profiles).

Here is an example of the SMS I would like sent to my mobile phone:

22/11/2003 - 10:12am
PC NAME: "IPS-E4-LAB-26"
USER NAME: "Administrator"
MESSAGE: Failed Logon Attempt


Finally, I am willing to use a third party solution as long as you can recommend it and not just post a link.
0
Comment
Question by:Matite
  • 2
4 Comments
 
LVL 4

Accepted Solution

by:
ferg-o earned 500 total points
ID: 9809172

If you enable SNMP on the server and have it pump auditing events to OpenNMS ( http://www.opennms.org ) you can use an SMS modem to send you through the messages. I know of a company using this solution for all their network management stuff. They use a Siemens SMS modem.

Another way to do it, which may be tidier would be to use an IDS system like ISS or Manhunt which can send failed login messages via SNMP to OpenNMS.

If you have money you could use HP OpenView which has an SMS alerting add on option.
0
 
LVL 4

Expert Comment

by:ferg-o
ID: 9809173

If you enable SNMP on the server and have it pump auditing events to OpenNMS ( http://www.opennms.org ) you can use an SMS modem to send you through the messages. I know of a company using this solution for all their network management stuff. They use a Siemens SMS modem.

Another way to do it, which may be tidier would be to use an IDS system like ISS or Manhunt which can send failed login messages via SNMP to OpenNMS.

If you have money you could use HP OpenView which has an SMS alerting add on option.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question