Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - How can you safely confirm breach without details?

Submitted by crawdaddy
crawdaddy (344241) writes "A friend suspects some of his employees (that access the network using remote desktop connections over a VPN) may be up to no good, due to certain suspicious activities. The business has an Active Directory domain setup on a Windows Server box, as well as several desktops. What are some things I can look for that might indicate whether or not further investigation (ie. professional forensic analysis) is warranted? What tools are recommended for accomplishing those tasks without compromising the courtroom validity of the data? Would it be better/safer, in terms of preserving the data, to install stealth monitoring software to track the users' movements and simply analyze that, instead?"
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

How can you safely confirm breach without details?

Comments Filter:

"An organization dries up if you don't challenge it with growth." -- Mark Shepherd, former President and CEO of Texas Instruments

Working...