hi
i have rdp server. i have many rdp users. the users try to abuse system for their hacking purpose to other sites or servers. is there any ways to figure out which rdp users was for hacking purposes. thank you

Need to support users over the internet? click here try our remote control online beta

Hi,

Configure your firewall or IPSec to accept RDP connections from your own IP addresses only.
Also you may more restritively configure your RDP clients using 2x SecureRDP -

http://www.2x.com/securerdp/downloadlinks.html


The following articles could be helpful:



Help: I Got Hacked. Now What Do I Do?

http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx




Help: I Got Hacked. Now What Do I Do? Part II

http://www.microsoft.com/technet/community/columns/secmgmt/sm0704.mspx




How A Criminal Might Infiltrate Your Network

http://www.microsoft.com/technet/technetmag/issues/2005/01/AnatomyofaHack/default.aspx



Hope this helps!

Best Regards
Elytis ChengElytis Cheng
TechNet Community Support

There is an amazing pack of free network admin tools. click here to download it

i mean my rdp users abuse the server for their hacking activities to other sites or servers though web browsers. then i got report hacking by my server ip from other sites, business in my abuse emails. my question is how do i track down which rdp
user did the hacking????? i really need some ideas. thank you in advance

Need to support users over the internet? click here try our remote control online beta