[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 288
  • Last Modified:

How do i find who is connecting to my desktop remotely using 3rd party softwares?

Hi,

I suspect that someone is connecting to my desktop remotely (kind of spy) without my knowledge and i would like to know who it is... May be the username or the IP address of the PC trying to connect my desktop.

0
gilbertinigo
Asked:
gilbertinigo
  • 3
  • 3
  • 2
  • +3
2 Solutions
 
Toni UranjekConsultant/TrainerCommented:
Hi!

If you are not infected with rootkit chechk active network connections with:
"netstat -an"

to check open network connections.

If you are have rootkit installed, you would have to monitor traffic on your firewall or on dedicated machine on the same network with sniffer. If you have rootkit installed, the best thing would be to re-format computer.

"Rootkit revealer"
http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx

HTH

Toni
0
 
albuitraCommented:
If someone is spying the network, you can't find easily. Maybe he/she is using  a sniffer
But if he/she is connecting with VNC, terminal server, etc, you can use
netstat -n
and see who is connected to your pc
0
 
PeteJThomasCommented:
Search for any odd software on your machine - There needs to be something for the remote control software to connect to, usually an agent or something like that...

Nose about your PC a bit (look down in the system tray (bottom right corner) for icons you don't recognise, search through Add/Remove Programs in Control Panel etc. If you're not sure about the something, just post the name of it in here and someone will tell you what it is.

It's pretty darn hard to remote control someone's PC without a giveaway sign, as these pieces of software are not intended to be used as spying tools! That's where I'd start anyway...

It's also important to ask why you suspect this, as whether they're just looking at files, or actually remote controlling your desktop, use very different methods... :)

Pete
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
gilbertinigoAuthor Commented:
i suspect that someone is monitoring my screen activities remotely. Is there any way i can get a log of remote sessions to my PC for the last one week?
0
 
Toni UranjekConsultant/TrainerCommented:
I very honestly doubt, that someone who has unathorized access to your computer would leave log file behind.

0
 
Danny ChildIT ManagerCommented:
is this on a domain, or standalone?  Note, if this pc belongs to your employer, then their Security or IT Dept may be permitted to monitor your pc either overtly or covertly.  You should not attempt to stop this.

Are you responsible for IT Security ?  If not, you need to report this to your IT Dept.
0
 
gilbertinigoAuthor Commented:
This is on the domain. Yes i am responsible for IT security. WE have given delegated permission to our staffs for some admin related tasks. Could be one of them.
Also i got complains from some users that they suspect someone monitors their screen as well.

0
 
PeteJThomasCommented:
Well let's not jump the gun too soon - What exactly is it that makes you think someone is watching? Positive its not just paranoia?
0
 
aspen_propCommented:
I would ask the question "Why", as PeteJThomas did.

Why do you suspect that someone is monitoring information, whether be it by a trojan sending screenshots/keystrokes, an active remote session watching what you're doing, or a network sniffer. That answer might give a better indication as to where you should look/fix. Could it simply be an employee stealing documents with a USB thumbdrive? The answer to "why" will help us help you! :)

If it is a rootkit/trojan, I would suggest disinfecting using an uncompromised 3rd party source.
If it is a remote session, as many have said, you will see an open connection with you run netstat -n.
If it is a sniffer, then perhaps run a network audit tool to see what programs are installed over your entire domain. There are some free/trial versions out there. May not be practical for a very large network, but under 100 users is managable to break down.

Check for strange programs that may have been installed
Check your security event log to see who's credentials have been logged on your machine.(or, denied access multiple times)
0
 
gilbertinigoAuthor Commented:
I already checked the security log and i did not find anything.
while working on the computer, i suddenly noticed that my mouse is moving out of my control, just like someone moves remotely. The same felt by users too.

0
 
aspen_propCommented:
Wired or wireless mouse? Optical or rollerball? Kind of mousepad?

I may be barking up the wrong tree, but I know my wireless mouse scrolls all by itself if my cell phone is inbetween the IR sensor and my mouse when I receive a phonecall.

Also, does the mouse cursor actually do anything like access files? Erratic movement, or deliberate? If a security scan doesn't pick anything up, and there are no listening ports(maybe try working offline for a while to see if the problem is replicated), then it could be a software problem locally on your machine, or perhaps a physical problem.

0
 
PeteJThomasCommented:
Several of our mice at work do something similar... They're wired etc, but somehow occasionally they go haywire, and the pointer starts erratically jumping about... As soon you disconnect/reconnect it, it stabilises! Very strange but I'm 100% it's nothing sinister (in my case I mean), it's definitely just the mouse behaving badly... lol :)
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

  • 3
  • 3
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now