catching a hacker?
RobertW_at_danjonengineering.com
Date: 02/25/05
- Next message: Steven L Umbach: "Re: usb storage device could not installed"
- Previous message: Know1: "Group Policy Problem"
- Next in thread: Steven L Umbach: "Re: catching a hacker?"
- Reply: Steven L Umbach: "Re: catching a hacker?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 24 Feb 2005 15:31:02 -0800
I am looking through my Security Event Logs in SBS2000, and I am seeing
groups of "Failure Audit" lines. As I am looking through them, I notice that
the attempts are being made from a network connection (from where I don't
know). The hacker is trying user names like "windows", "crack", "cracker",
etc. so I know he's an idiot, but my question is how can I catch the little
F*@(er in the act? And how can I get his IP Address? I do keep logs on all
of this, I also keep logs on all of my SMTP, W3SCV, and MSFTP services. Is
there a way to cross reference this sort of information?
Thanks, Rob
- Next message: Steven L Umbach: "Re: usb storage device could not installed"
- Previous message: Know1: "Group Policy Problem"
- Next in thread: Steven L Umbach: "Re: catching a hacker?"
- Reply: Steven L Umbach: "Re: catching a hacker?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
