The event lasted more than a minute. The mouse cursor movement was nonrandom with boxes being opened on the toolbar & intentional movements across screen.
The mouse is not wireless, nor is the PC configured for such - (replies on another list have pointed out that it is possible to control a PC through a victorian wall using a wireless mouse & has been reported in a practice - the GP registrars machine was being inadvertently being driven by GP trainer next door!).
None of the PC log files were configured to record this kind of access.
The machine has VNC (but not logmein) configured for access by supplier & local HIS - neither of whom have been accessing the system.
Currently a mystery, but reported to BT to check router logs (they record inappropriate access denials apparently not necessarily "appropriate" access).
Dai
________________________________
From: GP-UK on behalf of Alun Price
Sent: Tue 18/12/2007 07:41
To: [log in to unmask]
Subject: Re: Unauthorised remote access to system
If it's a ball mouse rather than an optical I would strongly suggest 'fluff'
is more likely than the CIA or MI5. I have had to clean our receptions mouse
more than once due to a randomly wandering pointer complaint.
Alun
-----Original Message-----
From: GP-UK [mailto:[log in to unmask]] On Behalf Of Evans Dai (M83071)
Sent: 17 December 2007 09:50
To: [log in to unmask]
Subject: Unauthorised remote access to system
One of our receptionists has just spotted someone has remotely accessed her
terminal & moved the mouse without either of the two usual screen messages
from our system supplier or permitted tunnelled access. We have checked with
our supplier & it wasnt them.
This appears to have come from outside the surgery.
Is there anyone who knows of a logfile in XP that may have clocked some
information about the access.
Thanks
Dai
|