Hello,
I have small workgroup having 10 computers in my office. I do some personal work in office like using yahoo messenger, checking personal e-mails and some online banking site. But how does one of my senior knows it? I do everything lonely and securely so that nobody in the office knows it. But he knows everything about my sites I visit everyday. He has also cracked my yahoo password twice. He even knows it, if I open any site for a few seconds in a day.
My question is, is there any website or any program which can track the details of LAN computers?
I think he is using that to find out everything about my computer. I use win 2000 with service pack 4 and he uses win xp sp2. Windows defender is also installed in my computer.
Any help on this would be highly appreciated.
Thanks
BinooDas1234,
Stuffy as that last response was it's unfortunately true, your company has the right to monitor your use of their equipment. You mentioned that this person was your "Senior", as such they should be able to determine if you are misusing equipment. If they were just a colleague then you could complain to MIS since it's possible they are monitoring you with a keylogger or other spyware installed without your knowledge. If the monitoring is at the managerial level however there is no simple way to defeat it. They only have to review the firewall/router logs to see what sites you have used or the ports specific to yahoo IM. I'm not certain if Yahoo uses an encrypted protocol for authentication but it's probable that packet inspection allowed him to see your yahoo password directly and that he didn't have to *crack* it.
I would reserve your personal use of the internet for home and consider yourself fortunate that your senior told you he could monitor you before you accessed something that could result in legal issues or dismissal.
Yes, you're lucky that your senior is flaunting it in your face, that he's watching your activities. It is within the company's right to monitor it's own network traffic, though there should be a written policy that you should have to sign in acknowledgement.
Any freely available sniffing software such as Snort or WireShark would expose IM passwords as they are commonly sent in plain text or decipherable. The sniffer requires some network config to monitor an appropriate port, easily done, and it sounds like that's already in place. If you value your IM handles, just change passwords and discontinue use for now.
You should keep your personal activities to a minimum at work. The occasional necessary online banking would go unnoticed if there wasn't already a barrage of surfing and IM traffic all day. IM can be productive, but try to keep things short, sweet, and done. I recommend you cut all personal activities as much as possible, including receiving/resending emails with jokes/movies/etc as they can be easily monitored as well.
You could try to circumvent the monitoring efforts by using Hamachi or OpenVPN to connect to and surf on your home machine. Trouble is, you're obviously already on the radar, and a sudden increase in encrypted traffic would look incredibly suspicious. I can think of other possible ways, but is it worth risking your job?
Uh, could someone help me off this soapbox?
Thank you all for your advices. I have almost reduced all my personal work in office after that incident.
But I would like to know (technical points in details) how does he do that? I mean, which program or website is being used to track all these.
I would really appreciate some technical explanation.
Thanks again
If your internet access is through a proxy server then a lot of this information can be captured. The password for accounts can also be achieved through sniffing the network, using keylogging software or even brute force attacks. I would say that you may even have some serious network monitoring tools working that are able to track and report unusual activity to the IT department / your manager.
The means is quite elementary, and likely a combination of hardware and software, but specifics depend on your network. The key is that only one computer/device on your internal network talks directly to the Internet, the "gateway", and all other devices talk thru it, so there's a single point to monitor. There's a piece of software, a proxy or sniffer, that captures all traffic on the gateway for later review.
Examination of those logs reveal the IPaddress/name of your machine, where you are going (external IP), and what you are doing (port#). The capturing software may even log whole packets, streams of packets, or selected portions of packets, thru which is gleaned passwords, webpage or email content, etc.
If your curious, install Wireshark on your home machine and watch what's in the packets when you surf & IM. I haven't checked, but there might even be dissectors (plugins) that clearly label passwords or conversations from IM clients.
You'll also see *much* other packets that you didn't know was behind the scenes on your local network all the time, keeping things running.
WebTrends if he isn't wasting his time.
A keylogger for passwords...or maybe you just left save passwords set on your browser if your evidence of craking is finding you webmail open.
If you don't know how he is doing it you need to see a lawyer -- you just won the lottery! He is invading your privacy and committing a felony. US courts have pretty much ruled that the government or any other organizations must tell you EXACTLY how they monitor you and what they can use that info for.
You "own" anything you do on that computer that you did not explicitly sign away to the company. You could even hold so called "company data" for ransom -- if you thought it was worth more than your job. of course be careful about what you signed away. Take a copy to your friendly ACLU lawyer before saying anything.
If you can make a good case that you thought the company was giviing the computer on your desktop to you permanently -- you can probably convince a court to side with you -- because it has all your private stuff on it in hard to securely erase form.
There was a nice military case that ruled if you got a password it is private.
mortree -
I read the same military case and it specifically said that if the company has a policy in place stating that they monitor network usage and that all works derived on their networks/computers are monitored and owned by them then he has no case at all.
my employer has such a policy and we follow it from the CEO to the regular employee. even the IT employees are monitored. all traffic is logged and if anyone is blatantly breaking the rules then they are let go. his employer is NOT invading his privacy because it is their network and computers that the work is being done on. the employer does NOT have to divulge how they are doing it, just that they are doing it and that any breaking of policy can lead up to termination. unless he specifically signed a contract of ownership of work, anything he does on that computer while on the clock for that company is owned by the company.
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!
0 pts.
Discuss This Question: 7 Replies