Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Windodws 7

Posted on 2015-01-20
6
Medium Priority
?
79 Views
Last Modified: 2015-02-18
How can I audit what IP's are remotely logging in to the computer?  Also, is it available to track both ip and user name?
0
Comment
Question by:Jack_son_
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 98

Expert Comment

by:John Hurst
ID: 40559632
You cannot log onto a computer without a user name and password. Knowing the IP of a computer does not permit log on.

What is happening to you?  

If you are looking for web traffic talking to your computer, you can run Wire Shark or Comm View (tamsoft.com) to see what packets are going in and out. You can track this traffic by IP address.
0
 
LVL 9

Expert Comment

by:dlb6597
ID: 40559657
first confirm auditing is enabled. run secpol.msc, expand Local Policies, Audit Policy. Make sure the security setting is at minimum set to Success (it is also good to audit Failures).

Then in the security event log you will see the  logon events. Event id 528 will signify local (logon Type 2) or terminal services (logon type 10) logons, event id 540 will indicate network logons (to shares, etc.)

event id's 529 through 539  signify various types of logon failures..Event 538 will signify a user logoff.


event ID's
0
 
LVL 4

Accepted Solution

by:
MarcusSjogren earned 2000 total points
ID: 40559660
Hi,

I don't have Windows 7 available for testing, but if you have the professional or enterprise version you can see it in the event log -> Windows Logs -> Security. Task Category = Logon

I have attached a screenshot, it was done on Server 2012 R2 since I did not have Windows 7 available, but it should be similar as I remember.

This is not a super-simple-solution, and there is no easier solution either.

I dont think there is any way of doing this if you are using WIndows 7 Home or similar versions.
Windows-Logon.png
0
 
LVL 59

Expert Comment

by:LeeTutor
ID: 40617840
I've requested that this question be deleted for the following reason:

Not enough information to confirm an answer.
0
 

Author Closing Comment

by:Jack_son_
ID: 40617841
This worked for me - thanks
0

Featured Post

ATEN's HDBaseT Presentation at InfoComm 2017

Hear ATEN Product Manager YT Liang review HDBaseT technology, highlighting ATEN’s latest solutions as they relate to real-world applications during her presentation at the HDBaseT booth at InfoComm 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On some Windows 7 (SP1) computers, Windows Update becomes super slow even the computer is reasonably fast.  There's one solution that seemed to have worked well for me (after trying a few other suggested solutions).
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question