?
Solved

Network intrusion

Posted on 2013-01-08
2
Medium Priority
?
497 Views
Last Modified: 2013-01-08
Hi  - There have been rumours in our office about an employee who apparently has access to the private network from an external location.

Is there any means of discovering evidence of network intrusion from the inside. We are running Windows SBS 2011, Exchange 2010. Running Netgear FVS 124G Firewall.

Where should I start looking?
0
Comment
Question by:paulmac110
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 37

Accepted Solution

by:
Neil Russell earned 1000 total points
ID: 38753832
The most obvious thought when somebody mentions this is the likes of LogMeIn.  If this is installed on a client PC inside your building and is allowed to get out to the internet then yes, the individual can now gain access to that computer from the outside world.

If you know who the individual is then I would start by looking at what software is installed on their work computer.

Also of course there is the posibility that your firewall and server allow RDP connections from the outside world.
0
 
LVL 35

Assisted Solution

by:Ernie Beek
Ernie Beek earned 1000 total points
ID: 38753842
Agree, check for software like logmein, teamviewer, etc.
The next step is to monitor the firewall to see what connections are there from the outside to machines on the inside.
If you know who the user is you can check on the server for logins from that user at the moment he/she is not in the office.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question