Solved

Network intrusion

Posted on 2013-01-08
2
476 Views
Last Modified: 2013-01-08
Hi  - There have been rumours in our office about an employee who apparently has access to the private network from an external location.

Is there any means of discovering evidence of network intrusion from the inside. We are running Windows SBS 2011, Exchange 2010. Running Netgear FVS 124G Firewall.

Where should I start looking?
0
Comment
Question by:paulmac110
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 37

Accepted Solution

by:
Neil Russell earned 250 total points
ID: 38753832
The most obvious thought when somebody mentions this is the likes of LogMeIn.  If this is installed on a client PC inside your building and is allowed to get out to the internet then yes, the individual can now gain access to that computer from the outside world.

If you know who the individual is then I would start by looking at what software is installed on their work computer.

Also of course there is the posibility that your firewall and server allow RDP connections from the outside world.
0
 
LVL 35

Assisted Solution

by:Ernie Beek
Ernie Beek earned 250 total points
ID: 38753842
Agree, check for software like logmein, teamviewer, etc.
The next step is to monitor the firewall to see what connections are there from the outside to machines on the inside.
If you know who the user is you can check on the server for logins from that user at the moment he/she is not in the office.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you know what to look for when considering cloud computing? Should you hire someone or try to do it yourself? I'll be covering these questions and looking at the best options for you and your business.
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question