Solved

Network intrusion

Posted on 2013-01-08
2
431 Views
Last Modified: 2013-01-08
Hi  - There have been rumours in our office about an employee who apparently has access to the private network from an external location.

Is there any means of discovering evidence of network intrusion from the inside. We are running Windows SBS 2011, Exchange 2010. Running Netgear FVS 124G Firewall.

Where should I start looking?
0
Comment
Question by:paulmac110
2 Comments
 
LVL 37

Accepted Solution

by:
Neil Russell earned 250 total points
Comment Utility
The most obvious thought when somebody mentions this is the likes of LogMeIn.  If this is installed on a client PC inside your building and is allowed to get out to the internet then yes, the individual can now gain access to that computer from the outside world.

If you know who the individual is then I would start by looking at what software is installed on their work computer.

Also of course there is the posibility that your firewall and server allow RDP connections from the outside world.
0
 
LVL 35

Assisted Solution

by:Ernie Beek
Ernie Beek earned 250 total points
Comment Utility
Agree, check for software like logmein, teamviewer, etc.
The next step is to monitor the firewall to see what connections are there from the outside to machines on the inside.
If you know who the user is you can check on the server for logins from that user at the moment he/she is not in the office.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now