Hello, we had a workstation taken over by an admin from evv.wideopenwest.com which is not the account this unit's LogMeIn client was registered to. Obviously, this is a significant security breach that needs to have a full blown Incident Report but GoTo support says they have no means to help figure out how one LMI Central account was able to take control of another account's asset.
Does anyone have a suggestion on how we can gather information on the access? Log files, etc.?
Hi @bluewt ,
This account that accessed your machine could have been added as a user in your Central account, or someone may have used Central Desktop Sharing feature to start a remote access session with this outside account. Central doesn't allow for you to remote access the same machine at the same time.
To disable desktop sharing, login to your Central account, go to Configuration>Host Preferences, then you create a package or edit one and in the "Remote Control" category, you will see an option to disable desktop sharing. Check on the box, click on "Save", then "Finish and Save all". Now you can assign this package to all machines in your Central account and block this Central feature.
We have the Central Office Hours every Thursday at 2:00pm EDT. If you can, join them today to learn more about the product: https://attendee.gototraining.com/rt/7934947141476253186
Thank you, I will try that.