how to configure kaspersky endpoint security to stop RAT

[Rida]

Dear All i installed kaspersky endpoint security on my server Win2016 "stand alone", it is connected to (LAN Server WAN) , i noticed that , someone remoted my server i saw the he/she tried to open my applications and atempted to login , my kaspersky updated , i do scan but nothing detected, anybody can help me how to stop (this Remote Access), from unauthorized user/app . it is very critical , best regards

[Konstantin Antonov]

Hi, Could you please specify versions that you use. How did you see that someone remoted your server, describe it in more details. Thank you!

[Rida]

the version is Kaspersky Endpoint Security Ver : 11.1.0.15919 , the mose moves and switch windows , also he/it try to login to one of my web applications (attempt to login but login failed) !!! i am sure it is remote access (some how it could access my GUI) , my windows is Server 2016 std,

[Dmitry Parshutin]

the version is Kaspersky Endpoint Security Ver : 11.1.0.15919 , the mose moves and switch windows , also he/it try to login to one of my web applications (attempt to login but login failed) !!! i am sure it is remote access (some how it could access my GUI) , my windows is Server 2016 std,

Hello! Do you have any applications for remote control on this machine or you cannot determinate the application that provided the access to your host? Thank you!

[Rida]

Hi! No remote control app. installed in my server, i used only windows Remote desktop. anyway this program/trojan (RAT), unautorized , they are trying to used my application its kind of financial application, i told you i need to know how to detect/know (who is this) and protect my server, i suspect in internal attack (from my LAN). waiting for your help ppl.

[Nikolay Arinchev]

Hi, You can configure KES firewall to drop unwanted network packets or if you suspect some particular application move it to untrusted