Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Security and Paranoia. HELP!


  • Please log in to reply
6 replies to this topic

#1 coolJim

coolJim

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 05 August 2009 - 07:45 PM

Hi... Guys... I need some honest advice... all are welcome.

Intro.
======================================================================================
Im a moderate computer guy, plenty of project and team skills, learning skills and good attitude...
Im a hard worker, I get it done and guess what Im nice. :thumbsup:

But I just dont have much clue when it comes to NETWORKING, setwork security and all the myths surrounding...


Dumb story. (But u should read..)
======================================================================================
I got a new job, needs remote support, use OpenVPN, my company gets my IP.

Now here is where your phycho analysis skills help .... lol! :flowers:

I regularly reset my router and change my IP, 2 -3 times a week. (I have had viruses and a few bad times with Dodgy Vista ISO's, and peps stealing my RS account.)
ok Im a bit paranoid! OK i admit it dont stone me!!!! :trumpet:

Anyway iv been working nights... trying to get a webserver up and done two nites, on the VPN.. I log out. All is ok...
- I think i reset my router to get a new IP..... the following nite... and surfed on Monster and NIjobs till 2am looking at better jobs... cos mine is know to be .... well its very hard... loads of overtime highly stressed etc..

The next day at 3pm in a meeting my boss (who does not care for procedure) made a comment about the team needing to pull in and stop staying up to 2am looking for new jobs!!!!

It was not so blatent, it was off the cuff and to the office pet, in a kinda.. 'im gonna say anyway!' approach.. In the start of the meeting...
The thing that shocked me is that he does this behaviour all the time is a cowardly way to say "i know what u are at, stop it!"
He is very very impulsive too. and is very in the know with all the office stuff.


The techie bit
=====================================================================================
Now...

Im not stupid...

I realise if this is real its not legal, but forget that. Is it possible for anyone, even the admin of another leased line(s) to monitor or check internet usage?

Ok log into the ISP controller, grep for the customerID and there its is.... monster.com--01.15--84.112.x.x-- whatever...

But how can they do this.. is it possble? Can he get my MAC from the VPN logs and keep finding me and monitoring me forever?

My company... are a security company... its all tunnels and vpns and logs and telephony.... There are many tallented people and many that are.... flexible about rules.

I am very worried that if I want to leave in 6 months they will be made very difficult. Saddly there is no trust and also these people are extreemly extreemly aggressive and harse...( thats life i know)

Edited by coolJim, 06 August 2009 - 06:07 PM.


BC AdBot (Login to Remove)

 


#2 Wildabeast

Wildabeast

    Bleeping Lurker...


  • Members
  • 1,253 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Nebraska, USA
  • Local time:06:40 PM

Posted 06 August 2009 - 12:12 AM

Is this a company computer? If it is, then yes, they have ways of knowing everywhere you've been and how long you were there. My wife works for PayPal and they constantly monitor employees, they can tell where on the web they are, have been, how long since any activity has happened on the computer..

If it's your home computer, then I don't know. But if it is and they are tapped into it, I don't believe that is legal.. :thumbsup:
"The nine most feared words in the english language, 'I'm from the government, and I'm here to help'..."
Ronald Reagan

#3 Galadriel

Galadriel

    Bleepin Elf


  • Malware Response Team
  • 2,753 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Missouri, USA
  • Local time:05:40 PM

Posted 06 August 2009 - 01:16 AM

If you're using the VPN to surf, then yes, it's not only legal, but it is their right. You are after all using their connection, even if it is through a tunnel. It is very simple to log traffic and analyse packets once you have the tools in place (which they 100% sure do, being a security company as you mentioned).
I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'

Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook

#4 coolJim

coolJim
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 06 August 2009 - 08:05 AM

no I never use a companies line or VPN to surf, I'm not that stupid.... I'm talking about my home personal line which I had on ocassion used for remote work days previous.

I'm thinking can they take the MAC and then just find me from now on even when I change my ip. Cos I guess the physical phone line never changes !

Maybe I watch too many movies, but if James bond dialed in from a location would that location be compromised? But I'm just wondering in the world of tech is it possible to see a persons web traffic just from a previous dial in to a VPN?

Actually now I delve further into this it must be possible, if some hacker kid hits a company they trace it no problem, I'm really just guessing and scrambling in the dark on this one.

Any thoughts?

#5 Galadriel

Galadriel

    Bleepin Elf


  • Malware Response Team
  • 2,753 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Missouri, USA
  • Local time:05:40 PM

Posted 06 August 2009 - 11:14 AM

Hello again coolJim :thumbsup:

There are ways for the company to log your traffic, but unless they either have physical access to the machine, or have installed a monitoring program (or a backdoor), once you log out of the VPN, they lose the contact.

The MAC address doesn't give them much. The limitations of what you can do remotely without having a backdoor, or some other monitoring tool would prevent them from seeing anything you do with the box while disconnected.

Wildabeast's question is still valid: Is this a personal computer (yours) or the company's property? If it's the company's box, then it is very likely they have some type of keylogger/backdoor installed or something logging your web traffic. It is actually possible to monitor web history/keystrokes for them while disconnected (in theory, I can't say whether this is the case or not) by using a monitoring tool that saves the log and upon connecting to the VPN, sends its contents back to the server. Or it could even send the contents to a web server outside of the VPN.

To be sure, you'd have to monitor your own traffic with a packet sniffer to see.

So in short, yes they can monitor what you do, and depending on the methods used, and whether or not it is a company computer, can be legal. As long as you don't use the VPN to surf, they cannot track you remotely without having some kind of monitoring program installed on the computer itself.

As for the movie comment, I'm sure you're aware that what happens in a movie, is done for entertainment, and rarely accurate. In order to remote to another computer, you have to have the IP (the MAC's pretty much useless on its own over WAN for them as it is designed for use in LANs) and you have to either be allowed in or use a security hole somewhere.
I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'

Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook

#6 coolJim

coolJim
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 06 August 2009 - 06:29 PM

lol Galadriel, why the smilie apres my name? Are u saying im not cool????? ---------> :thumbsup: Take that! hehehe.

Anyway...
Sorry i cant seem to be concise.

Yeah......... I use a completely separate/different home computer for surfing or searching for 'better' jobs.

All im saying is because ive used this companies laptop and VPN at home on my line.... can they monitor my own stuff on my pc from now on.

I do reboot my router and change the IP regularly....

But still how did he know that I stayed up picking out jobs from monster. The chances are Monster.com IS the most generic and it was a coincidence.... i mean someone at that meeting probably would have been on there lately.

Anyway... just wondered if it was in anyway feasible?

Like... if they sniffed my connection when I used the company laptop, they gather all the info like router name, id, etc... could they see my route and then just constantly monitor that for my home MACs?

My suspicion is it is possible but is it actually feasible because of 3rd party restrictions.

#7 Galadriel

Galadriel

    Bleepin Elf


  • Malware Response Team
  • 2,753 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Missouri, USA
  • Local time:05:40 PM

Posted 06 August 2009 - 07:22 PM

Hi again, :thumbsup:

Concretely, they can't, unless they've setup some type of monitoring software on your computer, or they are located somewhere in your routing path. In short, they can't 'bug' the computer without your permission. Like I said above, there are ways, but not necessarily the ones you are thinking of. Typically routers have built in hardware firewalls, to prevent unauthorized access from outside the LAN. So, no. They couldn't log your traffic if no monitoring program is running on your machine that does the logging for them.

Even if they somehow managed it, (which is extremely unlikely), why on earth would they go to all that effort? If they suspected wrongdoing, they could require you to have a monitoring program installed. That would cover their butt legally. But I seriously doubt any company would use underhanded or black hat tactics to monitor usage outside of their own systems. It's just not profitable, too time consuming to do by hand (even if they somehow managed to pull off the impossible) and overall not worth the return. Now this would indeed be a different story if it had been a company computer and/or internet service provider, for obvious reasons.

Chances are, the boss got lucky, like you said, Monster is a very popular site.
I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'

Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users