Hello, I work for a small company (<100 people) as the network administrator. Recently, the CIO has become very suspicious of one of our employees. The CIO has good reason to believe that this individual is hacking around on our internal network and obtaining confidential information. The CIO has instructed me to see what I can do to catch this individual. We believe this person is using high-end keyloggers or other types of software to obtain user's passwords. We have found some evidence that this person has planted audio "bugs" too, but I am approaching that possibility from quite another direction. I have ran a variety of free anti-malware pieces of software against the computers in question, but I have not found anything certain as of yet. I am posting here hoping to gain some knowledge on how others have approached this problem and how they managed to catch internal hackers. The best thing I could do is set some sort of trap for this person and catch them in the act. The CIO is a strong believer in absolute proof before they act upon problems. We already have company policies in place for this sort of action, we just need ironclad information before we can proceed. Thank you for your time and assistance. Regards, Amateur IT Sleuth

Hi, As this is a security forum about PKI, CA, please visit related forum to get a better resolution. Thanks for your understanding! Best Regards Elytis ChengElytis Cheng TechNet Community Support

Elytis, So what forum do you suggest that I use? I have a security related question, so I went to a security related forum. I am unclear on which forum to use to ask a security related question. Thank you.