E-mail me if you decided to do it. I would be interested in hearing the results of this operation. -Chris
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Pillai, Raj Sent: Friday, April 12, 2002 3:08 PM To: Exchange Discussions Subject: RE: Unauthorized user accessing mail Sounds like a plan. Thanks. -----Original Message----- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Friday, April 12, 2002 4:55 PM To: Exchange Discussions Subject: RE: Unauthorized user accessing mail Yea like a booby trap. Create a script that send you a message that the user has logged on. But change userA's username to something else. Change the password back to the original compromised password for the original account. Then set a logon script to notify you of the unauthorized access. When user B logs in as user A it will alert you and you can go confront them about it, catch them red handed -Chris -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Pillai, Raj Sent: Friday, April 12, 2002 2:51 PM To: Exchange Discussions Subject: RE: Unauthorized user accessing mail You mean like a booby trap? ;-) The password has been changed. Setting up a camera is not an option. Thanks -----Original Message----- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Friday, April 12, 2002 4:34 PM To: Exchange Discussions Subject: RE: Unauthorized user accessing mail How about setting up a trap for user B or just changing the password, setting up a camera on the suspected location and looking for a bad password event in the event log? -Chris -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Pillai, Raj Sent: Friday, April 12, 2002 2:08 PM To: Exchange Discussions Subject: Unauthorized user accessing mail Hello all, Exchange 5.5, Sp4. Win NT Sp6a. Outlook 98. I have a user(A) who suspects that another user(B)is accessing her outlook account on a different PC(X). I have checked the NT security log to confirm that userA logged in multiple number of times on a certain date, when she claims she has logged in only once in the AM. This confirms that someone else is using User A login and password to log in to the network. What log can I view to check if UserB did illegally access User A's mail ? Thanks Raj ************************************************************************ **** **This e-mail message, including any attachments, contains information that is confidential, may be protected by the attorney/client or other applicable privileges, and may constitute non-public information. This message is intended to be conveyed only to the designated recipient(s). If you are not the intended recipient of this message, do not read it; please immediately notify the sender that you have received this message in error and delete this message. Unauthorized use, disclosure, dissemination, distribution or reproduction of this message or the information contained in this message or the taking of any action in reliance on it is strictly prohibited and may be unlawful. Thank you for your cooperation.************************************************************ **** ************** _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] ************************************************************************ **** **This e-mail message, including any attachments, contains information that is confidential, may be protected by the attorney/client or other applicable privileges, and may constitute non-public information. This message is intended to be conveyed only to the designated recipient(s). If you are not the intended recipient of this message, do not read it; please immediately notify the sender that you have received this message in error and delete this message. Unauthorized use, disclosure, dissemination, distribution or reproduction of this message or the information contained in this message or the taking of any action in reliance on it is strictly prohibited and may be unlawful. Thank you for your cooperation.************************************************************ **** ************** _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] ************************************************************************ **** **This e-mail message, including any attachments, contains information that is confidential, may be protected by the attorney/client or other applicable privileges, and may constitute non-public information. This message is intended to be conveyed only to the designated recipient(s). If you are not the intended recipient of this message, do not read it; please immediately notify the sender that you have received this message in error and delete this message. Unauthorized use, disclosure, dissemination, distribution or reproduction of this message or the information contained in this message or the taking of any action in reliance on it is strictly prohibited and may be unlawful. Thank you for your cooperation.************************************************************ **** ************** _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
