User not logged in - login - register
Home Calendar Books School Tool Photo Gallery Message Boards Users Statistics Advertise Site Info
go to bottom | |
 Message Boards » » Corporate Network Monitoring Page [1]  
soso
All American
1168 Posts
user info
edit post

I have a question for the sys admins out there. My company monitors ALL traffic in and out of the office. Of course they monitor what URLs people visit. A more interesting thing, they can read strings typed from multiple protocols. i.e. they can read IM conversations.

My question is, can they interpret traffic that is encrypted? Ex: gmail that is secured.

I know the simplest solution is to use remote desktop but is this really secure?

11/5/2008 7:35:38 AM

ScHpEnXeL
Suspended
32613 Posts
user info
edit post

VPN to your house + remote desktop is what i'd do..doubt they'll be seeing much from that one

11/5/2008 7:58:03 AM

cain
All American
7450 Posts
user info
edit post

you could stop reading pron emails at works, or stop doing non-work things at work.

Otherwise, vpn home and rdp

11/5/2008 8:02:20 AM

GraniteBalls
Aging fast
12262 Posts
user info
edit post

They don't give a damn what you're doing on your work computer. The IT dept has better things to worry about.

11/5/2008 8:47:11 AM

soso
All American
1168 Posts
user info
edit post

so a VPN is needed along with RDP? I thought RDP was somewhat secure??

11/5/2008 8:49:58 AM

smoothcrim
Universal Magnetic!
18966 Posts
user info
edit post

https is fine

11/5/2008 9:09:27 AM

GraniteBalls
Aging fast
12262 Posts
user info
edit post

if they've got vnc loaded on all the machines, they can see your screen and what you're doing whenever they want.

that means all options are futile.

11/5/2008 9:27:30 AM

Aficionado
Suspended
22518 Posts
user info
edit post

how about you just do work when you are at work and do all the shit that you want to do at work at home

11/5/2008 9:37:22 AM

BobbyDigital
Thots and Prayers
41777 Posts
user info
edit post

I'm glad I don't work for a big brotherish company.

11/5/2008 10:12:25 AM

Master_Yoda
All American
3626 Posts
user info
edit post

Im glad at my work, all the ppl are smarter then the guys in IT...and they know it, so they dont even try.

[Edited on November 5, 2008 at 11:25 AM. Reason : !]

11/5/2008 11:24:52 AM

GraniteBalls
Aging fast
12262 Posts
user info
edit post

That sounds like an HR issue.

11/5/2008 11:32:52 AM

SkankinMonky
All American
3344 Posts
user info
edit post

The key is to not tell people you're monitoring them because it's a waste of time and resources and that they have full unbridled internet access.

11/5/2008 11:57:35 AM

Seotaji
All American
34244 Posts
user info
edit post

or you could be high enough up that you have an outside connection in addition to your inside line...

11/5/2008 12:21:32 PM

mellocj
All American
1872 Posts
user info
edit post

technically HTTPS is NOT safe in that scenario. HTTPS is still vulnerable to man in the middle attacks, if the snooper sees the initial certificate/key exchange.

iirc SSHv2 is safe from MiTM attacks, if you want to setup an ssh tunnel.

11/5/2008 12:36:23 PM

Seotaji
All American
34244 Posts
user info
edit post

mellocj, please2setup my supersecret VPN.

11/5/2008 12:52:17 PM

raiden
All American
10505 Posts
user info
edit post

use AES.

11/5/2008 3:50:37 PM

SexyJesus
Suspended
1338 Posts
user info
edit post

1. SSH tunnel
2. VNC or RDP
3. Don't use the IT-provided images

Most organizations have a minimal compliance standard you can adhere to in lieu of using the IT-provided images. I'd recommend going that route as minimal compliance guarantees you freedom from the spyware as well as the general crapware preinstall.

11/5/2008 5:26:12 PM

evan
All American
27701 Posts
user info
edit post

SSHv2 is relatively safe from MITM attacks due to the RSA key protocols it employs, but nothing is 100% safe.

if you use gmail over https, i'd be willing to bet that you're fine - yes, if they tried very hard, they could intercept your traffic, but it's a pretty safe bet your IT group doesn't have the time nor the interest in doing so. they'll be able to see the URI you're visiting, but that's it.

they can see your IM traffic and whatnot because that's all plaintext. anything that's sent in plaintext can easily be sniffed, especially if you've got console access to the switch that's serving the person of interest. port mirroring is pretty awesome.

if you really want to be safe, set up a ssh tunnel between your box at work and your box at home, and tunnel all your web traffic and dns queries through it via socks5.

11/5/2008 8:37:49 PM

ncsuapex
SpaceForRent
37776 Posts
user info
edit post

and if they are using key loggers none of this will work

11/5/2008 8:39:27 PM

evan
All American
27701 Posts
user info
edit post

well, yes

but i'd be willing to bet most IT groups wouldn't do that.

11/5/2008 8:41:45 PM

joe17669
All American
22728 Posts
user info
edit post

is Vista's RDP by default secure/encrypted without having to go through a SSH tunnel? That's what I do at work; they don't care what we do, but it would be nice to keep my stuff from snooping eyes of possible.

11/5/2008 8:45:44 PM

evan
All American
27701 Posts
user info
edit post

Vista uses 128-bit RC4 encryption for RDP connections whenever it can.

if the other client doesn't support it, it'll yell at you. versions before v6 were quite vulnerable to MITM attacks if someone tried hard enough.

11/5/2008 8:52:56 PM

Aficionado
Suspended
22518 Posts
user info
edit post

i think that the only places that really care enough to watch you are the national labs

11/5/2008 9:02:32 PM

ncsuapex
SpaceForRent
37776 Posts
user info
edit post

Dont confuse:
IT guy sitting around all day watching everything you do.

With:
Logging websites/company emails/company IM for reading if you give them a reason.

11/6/2008 10:18:18 AM

 Message Boards » Tech Talk » Corporate Network Monitoring Page [1]  
go to top | |
Admin Options : move topic | lock topic

© 2024 by The Wolf Web - All Rights Reserved.
The material located at this site is not endorsed, sponsored or provided by or on behalf of North Carolina State University.
Powered by CrazyWeb v2.39 - our disclaimer.