• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Question about the watchful eye of Big Brother?

N

Nailbunny

Senior member
For you large corporate network gurus out there (or anyone that knows the answer)...I was just wondering....

I work for an extremly large corporation with a HUGE national domain network. I know the IT guys at HQ in CA can "see" what website I go to, etc but can they see my conversations in my chat programs? Can they also "see" any passwords I put in to check my on-line bank statement or if I check my hotmail account through hotmail.com can they see those emails?



 
If its not encrypted there is no reason why they couldn't see that. Same for passwords sent in clear text (telnet, pop, websites, etc). If the site is secure (say https) or you're using encryption your information should be safe. That said they're probably far too busy to worry about reading your IM's.
 
Oops, sorry about the previous empty post.

Basically, I assume your corporate environment goes through a proxy server to access internet services (web browsing, chating, etc.) Now, it depends on the type of software/hardware at that layer. If the IT guys have those tools to monitor the applications, then yes, they can monitor your traffic. However, keep in mind that it is a HUGE task to do so to track and monitor every user's habits, without such tools. Alternatively, they can set up packet sniffers and stuff.

With regards to on-link banking with passwords, as long as you are banking with SSL (https) enabled websites, then the traffic is encrypted all the way to the banking server.

There's been a huge push for the corporate environment to have all instant messenging go through a "messenging server" so that all the messages are centrally logged using a single point/tool for audit and security purposes.

So, basically the answer is yes the IT guys can, if they really put a lot of effort, track your usage but it's not very manageable unless they rolled out these specific tracking tools to make it worthwhile.

I hope this sheds some light.
 
If its not encrypted then yes we can see everything you do and frequently log it. Even if it is encrypted we still know where you went, just not what you did.

But peeping in on IM conversations is a little extreme.
 
Thanks for all the input.

Being that my company does a lot of government work, I'm sure they have the tools to sniff around what's being put in IM...but as soybomb said, I'm sure they are far too busy to be snooping around it.
 
Never underestimate a bored IT guy at lunch though 😀 If you want any privacy don't just think they're too busy, be sure its encrypted just in case. I believe the trillian IM client for windows supports direct connections with encryption
 
A buddy of mine had firewall blockings at his company so his workaround was to set up his server at home with SSH and Squid so that he could remotely log in with encryption and then proxy out through home and have full access that way. It is a bit slower because of the extra hops and a pain if his home connection goes down but it allows him to visit any site he wants and talk freely with me on AIM without worrying about it being monitored.
 
most of us don't care enough to do something like that...unless a VP or someone on up the hill says something...the old saying 'chit runs down hill' applies...
 
I worked many years as a fairly high level IT guy for a 'HUGE" company for many years. We had the tools to see EVERYTHING that was happening on our network. (except encrypted stuff) Honestly, we could care less about watching individuals. Occasionally, though, we were asked by monitor certain people by corporate security if the person was suspected of being up to no good. Local IT people were often asked to monitor certain people if their managers thought they were goofing around too much, etc.


 
There are programs that automatically make a log file of all your keystrokes so technically yes, they know who you've been typing to and what.
 
what bozo1 said. I'm presently at work in a large IT company and I'm monitoring network activity on 8 monitors. In my 5 years here I can only remember one case where someone did something wrong but only after he filled his network quota with questionable materials. If it doesn't cause any flags then we don't care.
 
I am finsihing up the sansfire conference in D.C. today (www.sans.org) and I can assure you that EVERYTHING u are doing can and is not only being monitored but logged. A night time discussion involved correlation of ALL data from firewall syslogs, to Snort (IDS) logs, etc. Unless it is encrypted, they can read everything you are doing as well.
I was just doing it myself other day 🙂
You would be AMAZED at what is available out there to use. And free to boot!
 
I am, literally, big brother at my company. If you work in a big bank, I might be watching you. Here's how it works.

We generally have passive monitors on - Intrusion detection systems, web content filters, firewalls, etc. They keep track of what you do and where you go, but not the details of what goes on. These things generally "actively" tell us what's going on. i.e., a daily report of "John Doe tried to access a prohibited site in category Sex: www.penthouse.com"

We then have our logs to go through. Our firewalls log all traffic, with source and destination. Our proxies log ALL requests, with all the info you can imagine. We still, however, don't actually save any content. With 60+ million web requests per day an 70+mb/s of browser traffic to the Internet, keeping up with access logs is hard enough.

Lastly.. If we think something is very, very wrong and/or we're alerted by a security organization, we can enable full logging, primarily on the browser traffic. It'll see everything you do, with the exception of encrypted traffic.

So, yes, we know. If you do something you shouldn't and your company has a staff that's on top of things, they probably know about it.

- G
 
You must log in or register to reply here.
Back
Top