Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can I see if somone has been logging in to my account remotely?

Status
Not open for further replies.
PennyLane1

PennyLane1

Technical User
May 23, 2005
1
US
Hi - sorry if I am on the wrong board. I am not a techie, just a user. I have been suspecting someone is logging into my Groupwise account remotely - if I consult with my IT department, is there a way for them to determine this or not? Obviously I will change my password as well. If you CAN tell that someone logged in, is there any evidence that can identify who it was (IP address?) or when they logged in?

Thanks much.
 
Sort by date Sort by votes
depends on the logging setup on the system. If the agents are logging verbosely, you will see, for ex, on the Post office logs the IP and ID of the connections as they are made. If we're talking about webaccess, Apache should have logs of the IP's which have connected and the Web Access Agent keeps track of who is connected and what they're doing. If the servers are running NTP (time protocol) the time on the various logs will sync up and you can positively tell what happened when in many cases. Where the display can sometimes fall apart is when the source is NATted; oftentimes I see the private IP the user came from and not the public IP which makes it much tougher to ID (although it could confirm that someone other than you was accessing your account)
hope that helps!
 
Upvote 0 Downvote
Penny,

Change your password and don't tell anyone what it is. Don't write it down on a piece of paper or put it in a file on your computer. Keep your password in your head.

Check your proxy rights. Using the GroupWise client, go to Tools > Options... > Security > Proxy Access. Click "All User Access" and make sure that no checkmarks are present. All options should be unchecked. Check any other users who appear in your proxy list. Remove the proxy rights for users who don't need it.

If nobody knows your password, and nobody has proxy rights to your mailbox, it's extremely unlikely that someone has been logging into your mailbox. It's very difficult to "break into" a GroupWise mailbox, even for an admin.

If you're into paranoia, it's also plausible that someone has installed a key-logger on your computer and is gathering your password each time you change it. Or, someone could be monitoring web traffic on your WebAccess server and stealing passwords via a less-than-secure login page.

These things are extremely unlikely, but plausible.

Anyhow, I'd start by changing your password and checking your proxy rights.

Hope that helps,
Ron

P.S. If you use WebAccess, be sure NOT to save your password in the browser. This, too, is a very bad practice.

“If you are irritated by every rub, how will you be polished?” ~ Mevlana Rumi


Do you live in Michigan? Join us in the Tek-Tips in Michigan forum.
 
Upvote 0 Downvote
MichiganRon said:
It's very difficult to "break into" a GroupWise mailbox, even for an admin.
Click to expand...
I second that statement. GW mailboxes are more secure than any other system I've ever seen.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Kenneth Paul
  • Locked
  • Question
GroupWise to Outlook Conversion tool?
Replies
0
Views
6K
Kenneth Paul
Kenneth Paul
Kenneth Paul
  • Locked
  • Question
GroupWise to PST Converter
Replies
0
Views
6K
Kenneth Paul
Kenneth Paul
Kenneth Paul
  • Locked
  • Question
How to Migrate GroupWise to Office 365?
Replies
0
Views
6K
Kenneth Paul
Kenneth Paul
dwolfson
  • Locked
  • Question
Where do my emails reside on my desktop??
Replies
0
Views
6K
dwolfson
dwolfson
Menon181
  • Locked
  • Question
Upgrading Micros 3700 from 5.2 to 5.5
Replies
0
Views
6K
Menon181
Menon181

Part and Inventory Search

Sponsor

Back
Top