Super User Asked by nstone101 on January 13, 2021
Is it possible to monitor RDP Sessions or Connections to a PC? I’m hyper-sensitive and a little paranoid about malware with dormant RDP and FTP-enabled code. Is there a good sessions monitoring program that will log the machine’s remote sessions or all network remote traffic, ideally something that couldn’t be programmed against with a cleanup functionality (ideally not as susceptible to log-wiping by malware payloads)? I just want to know exactly what happens and Endpoint Protection seems most ideal as a A/V solution, especially a Cloud Endpoint Protection (something like Vipre or any of the major ESET, Norton, etc. – Endpoint Protection) but how effective are these solutions for solving what I’m asking or is there a supplemental measure(s) that one should use to log and ID sessions from background programs and more complex malware particularly on Windows 10 and Windows Server. I’m fairly IT savvy but this is my weakness and of great concern, any explanation/solutions simple or otherwise would be greatly appreciated.
I figured it’s possible to cleanup these RDP events, this is what i’ve tried but it’s not as comprehensive and feels like it would be fairly easy to wipe on the way out, am I wrong?
Command
Microsoft-Windows-TerminalServices-RDPClient%4Operational.evtx
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP