Dear
all,
We have a NT network that was hit the other day, in the sense that it was
remotely shutdown by an individual somehow. The person might have the passwords
and also sound technical expertise in remote utilities. Is there a way for me to
trace where the traffic was coming from that day and what IP address? Also, is
there a way to automatically capture the screen if it was remotely
controlled?
Please advise, thanks in advance.
Sincerely,
David Ng
