Solved

network monitoring

Posted on 2006-06-29
9
305 Views
Last Modified: 2013-12-07
Hi, does any one know of some software that can record who log's onto the network internally and externally via a MS 2000 server VPN.
And record when they have logged off.
doesn't have to be much more complex.
cheers
0
Comment
Question by:total123
9 Comments
 
LVL 5

Expert Comment

by:NAORC
Comment Utility
why bother paying for 3rd party software???

Open event viewer on the server and look in the security log.  if your using a domain, it will show logon and logoff information.

If you look for events with the catagory "logon/logoff" and a username thats not "system" it will show the info you need...

any use?
0
 

Author Comment

by:total123
Comment Utility
yeh, but will it log vpn logon's ?
0
 
LVL 5

Expert Comment

by:NAORC
Comment Utility
yes
0
 
LVL 5

Expert Comment

by:NAORC
Comment Utility
*To Elabourate -

It logs any login attempt to that server.  Be it VPN, local or whatever.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:total123
Comment Utility
just looked at the security in event viewer, it doesn't show it. but it does on the 2003 terminal server. which doesn't control the domain.
Do i have to enable something on the SBS 2000
0
 
LVL 5

Expert Comment

by:NAORC
Comment Utility
No, not that i know of....

Sorry, out of ideas... it works for us and i dont know what else to suggest
0
 

Author Comment

by:total123
Comment Utility
do you use 2000 ?
0
 
LVL 1

Expert Comment

by:Dave-sysadm
Comment Utility

Start > Run > Type

secpol.msc

Expand "Local Policies", and select audit.   The options on the right allow you select what is recorded in event viewer.   That should be sufficient.

Typing

usrmgr.exe

I believe will allow you to do the same for Domains, (under Policies > Audit).   I work on a NT4 Domain, so I could be wrong.   This option tracks events on all domain clients, rather than server interaction, so shouldn't apply in your case.
0
 
LVL 2

Accepted Solution

by:
skags442 earned 125 total points
Comment Utility
if you go into routing and remote access, there should be a remote access logging folder in the tree un remote access policies. there you should be able to turn on the logging, this should provid what you need, turn on all the logging options, and set your log file settings to your disire.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

As dyndns has reduced the capabilities of the free service, I looked around for other free providers of Dynamic DNS service. After testing several I decided to move my DNS hosting to Hurricane Electric as then domains that require dynamic hostnam…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now