People accessing my machine

G

Guest

Is it possbile to find out whether other users at work have accessed my work
machine via a mapped drive etc? We all have access to Windows messenger and
with that comes the option of storing your chat logs. My Question is can I
find out if anyone has mapped to my D drive and 'had a nose about'?

Thanks

Darran
 
G

Guest

If you are a normal user not an Admin you can't do anything about, talk to
your IT Admin and tell him/her about your suspicin and have a password for
your account.
HTH
nass
 
S

Steven L Umbach

The security log would keep track of who accessed your computer from the
network but you need to be a local administrator to open it with Event
Viewer. A user also needs the user right for "access this computer from the
network" in order to do such which also can be modified by a local
administrator unless the computer is a member of an Active Directory domain
and has that user right enforced at the domain level. The Windows Firewall
can also block access to shares on your computer if it does not have the
file and print sharing exception enabled. --- Steve
 
G

Guest

Typing

NET VIEW \\Computername

at a commandprompt may give useful info about shares visible on your
computer. Preferably do this at another networked computer.

One of the key security-issues in this respect is the "Administrative
shares" - C$, D$, etc. Unless your network-admin has removed these, they
provide a ready means for any user with Admin priveleges to snoop (or modify
files!) literally anywhwere on your computer without your permission or
knowledge. I strongly advise their removal.

The other very useful security-measue you can take (provided you don't need
to share-out any files or printers) is to unbind File and Printer Sharing
from the LAN connection.

Or, you can take it a step further and stop the Server service - Though this
will also prevent you browsing for shares in Network Places. (Not an issue if
shares are provided by a policy or script, as they should be on a managed
LAN)
 
S

Steven L Umbach

Ian said:
Typing

NET VIEW \\Computername

at a commandprompt may give useful info about shares visible on your
computer. Preferably do this at another networked computer.

One of the key security-issues in this respect is the "Administrative
shares" - C$, D$, etc. Unless your network-admin has removed these, they
provide a ready means for any user with Admin priveleges to snoop (or
modify
files!) literally anywhwere on your computer without your permission or
knowledge. I strongly advise their removal.

The other very useful security-measue you can take (provided you don't
need
to share-out any files or printers) is to unbind File and Printer Sharing
from the LAN connection.

Or, you can take it a step further and stop the Server service - Though
this
will also prevent you browsing for shares in Network Places. (Not an issue
if
shares are provided by a policy or script, as they should be on a managed
LAN)
Click to expand...
Not quite. Possibly you mean the effect of disabling netbios over tcp/ip on
the client computer. -- Steve
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

"Access Denied" with encrypted USB device 3
Network drives not accessible 3
Trouble with MAP DRIVES 2
Any danger from people free riding on my wireless router? 6
IPad Multiple Users 0
After user changes pw, asks for the password again after logging on 6
Windows XP Dir of remote machine - RunAs? 0
deleted "Everyone" on c$ Lost all Access to Drive 1

Top