Solved

User Accessing Server 2008 R2

Posted on 2013-01-31
6
173 Views
Last Modified: 2013-05-02
I suspect a user might be playing around in Active Directory and wondering if there is a way to find out who has been logging on to the server? She had reset her password for the domain and I think she may have done that on her own without my permission - so want to see if she is indeed getting into the server somehow....is there a way to find out?
0
Comment
Question by:SinginVic
  • 2
  • 2
  • 2
6 Comments
 
LVL 23

Expert Comment

by:Thomas Grassi
ID: 38840189
0
 
LVL 1

Author Comment

by:SinginVic
ID: 38840223
wow a free tool that might help me figure this out- awesome - thanks - will try it out and see if it gives me the information I am looking for.
0
 
LVL 16

Expert Comment

by:choward16980
ID: 38840299
How are they accessing?  RDP, VNC, Logmein, or physically?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 1

Author Comment

by:SinginVic
ID: 38840308
I don't know for sure  - not physically logging in - would have to be RDP or VNC  - something like that probably.
0
 
LVL 23

Expert Comment

by:Thomas Grassi
ID: 38841069
When the RDP in the user account should not have administrator priviledges.

Also time to change the VNC password. If they need to VNC setup VNC with a read only password give them that one.
0
 
LVL 16

Accepted Solution

by:
choward16980 earned 500 total points
ID: 38841142
Something that malicious should be documented.  Just record their user sessions on their workstations and catch them in the act:

Install UltraVNC:
http://www.uvnc.com/downloads

Record their sessions:
http://www.uvnc.com/screenrecorder/

HIde the VNC icon:
http://forum.ultravnc.info/viewtopic.php?p=36056
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now