Solved

auditing the users to logon the particular system

Posted on 2008-10-15
5
263 Views
Last Modified: 2010-04-19
I have a domain controller(windows server 2003 enterprise edition).all the user account is configured in that. One of the user said his system is hacked by somebody. How can i audit , if anybody using that particular system from remote or through lan?? What are the steps to be done for this??

0
Comment
Question by:rujinrajj
  • 3
5 Comments
 
LVL 9

Accepted Solution

by:
chingmd earned 500 total points
Comment Utility
look in the event viewer security log.  

Monitor netstat -a on the machine.  
run wireshark and dig through the traffic logs.

Run spyware, adaware scans, and antivirus.  (multiples)

Worst case scenario, reformat the client machine.  
0
 

Author Comment

by:rujinrajj
Comment Utility
is there any other method through group policy
0
 
LVL 9

Expert Comment

by:chingmd
Comment Utility
not that I'm aware of.

0
 
LVL 9

Expert Comment

by:chingmd
Comment Utility
look at the accounts on the accounts on the system, change password.  

If might be able to control logins through group policy.   But that's beyond my expertise.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now