How do you catch a firewall intruder/extruder?
Posted on 2007-10-12
How can I tell what software or hardware that is used to get around or through our fire wall? We have someone at our office that has been bragging about going to any wed site he wants. We have Sonicwall in place at our location and our internet providers site. We have Symantec Enterprise for small businesses running on the server. We are finding reminants of web sites on the server. If we look at his coputer it is clean no cookies, trails or anything, just like he had never been on the internet. We installed Belarc on his computer and he found it and disabled it. With no proof what can I do? We have had 2 viruses in the last six months, the last one this week. We were shut down for a day and a half. Our IT guys have scoured his computer and can find nothing. Is there a way that I could set up, install or what ever to track his station IP? My boss says no proof them we can do nothing. When he leaves at night his computer is defragged, cleaned, it looks almost like a new installation.