Catching peeping toms
Posted on 2009-02-19
Involved in maintaining internal security, what are my options if we want to make sure that some 'high value' desktops are adequately protected from all 'peeping toms' within our organisation, even if they include our internal IT members having local admin rights on those desktops.
The desktops belong to senior management and I would like to keep them secure from all unwanted snoopers.
I cannot detach them from the windows domain, so domain admins remain within the trusted zone. I was looking for some utility that logs all incoming IP requests for terminal connection (not only mstsc) and the time spent by these sniffers ? Something that would enable me to log all remote activities being performed on these specific systems and available for analysis later, would be very helpful.