following codemonkey's lead….read the manuals. I have experience with tools such as SolarWinds Orion, and with SolarWinds' products specifically.

so, anons, I'm not sure if you grasp the absolute big deal it is that SolarWinds is admitting to with this "hack".

Have used their products from the administration side and can tell you all, you can basically do whatever you want to any computer you want (except Macs, though most files are available via the admin console when the machine is on and someone is logged in). You can see whatever you want, you can configure the tool however you want (no notification to the user - ie. completely invisible to the user).

If that computer is powered on and connected to the internet, I would have full control of it and all of its data, if it was a Windows machine.

another anon is correct about the logging; hopefully it was turned on longer than the default, which is 30 days; minimum period is 3 days. Sauce:

https://documentation.solarwinds.com/en/Success_Center/NTA/Content/NTA-NTA-Flow-Storage-Database-sw397.htm

also just noticed, SolarWinds' NTA (Netflow Traffic Analyzer) Admin guide, available in Chinese and Japanese…? Oh, and Engrish.

hmmmmmmmmmmmmm

https://documentation.solarwinds.com/en/Success_Center/NTA/Content/NTA-Viewing-NetFlow-Traffic-Analyzer-Data-in-the-Orion-Web-Console-sw478.htm

>>12033271

Here's the flow diagram for how they collect the Network data with SolarWinds NTA (which requires the Orion platform)

https://documentation.solarwinds.com/en/Success_Center/NTA/Content/NTA-How-NTA-Works.htm