We have a hacker who is attempting to login as Admin late in the evening. I have been able to determine that the attempts are not coming through our Gateway/Router. Therefore the attempts are taking place on one of the computers within the school.
We have assigned IP addresses for all systems. Can I audit the Admin account and learn which workstation IP address the hacker is using? Or, is there another tool I can use to find this individual?
I feel the Admin password is secure and has not been compromised. But I still need to find this person and terminate these attempts. Any suggestions would be helpful Thanks.
We have assigned IP addresses for all systems. Can I audit the Admin account and learn which workstation IP address the hacker is using? Or, is there another tool I can use to find this individual?
I feel the Admin password is secure and has not been compromised. But I still need to find this person and terminate these attempts. Any suggestions would be helpful Thanks.