Cyber Monitoring, How easily can they actually dig?????

[Sparky Kronkite]

For all you compu-cyber brains out there -

To what extent can "they" (bosses, systems folks, the G-men) actually dig into yer shit?

You know, your average, business type folks, with average resources, for such a thing?

What can we/I do - other than the obvious - leading them on twisted paths, like logging onto sites via search engines through supposedly anonymous hotmail accounts?

Is simple prevention from our/my side even possible? Can they "easily" see everywhere you've been? Or do they have to spend some money and have folks who really know what they are doing?

Information and other threads on this matter requested please.

Thanks, Sparky.

 

[KillerMuffin]

It's pretty darned easy if you're on a company's intranet or LAN, they have system administrators for that purpose. The can access all of your mail on outlook express, though they can't get into say hotmail without a password. They can sit back and see every single thing you're doing if they want. And yes, they do hire people just for that purpose. It's not that difficult, you don't actually access the internet, you access the company's server which is on the internet. They don't consider this an invasion of privacy because you shouldn't be doing anything private at work anyway. I used to get to help do it cause I had a clearance and was jobless. Fun stuff, I watched the Master Chief toodle through an Ally Baggett webring once.

Anyway. There is privacy in numbers. If there are 3 system administrators the likelihood of more than one policing the company's intranet for porn users is low, particularly if you have a high number of employees.

 

[Ksss]

So far, from what I have learned, sites send you cookies, which are traced by other sites, hence spam email. Clearing out your cookie files helps stop these spams. Also, some sites, (i.e. cyberangels, which is a very good group to contact if you are having problems with being harrassed, stalked, etc.) have programs which can trace your IP, which then they can use to track other info on you. Things like place of employment, residence, credit cards, banking, etc.

 

[Sparky Kronkite]

So, on my computer......

On my NT bases sytem and being an administrator - can I eradicate any "cookies" or other possibly damaging info?

How? Step by step please - I'm a moron remember.

And, let me get this straight - they monitor "your e-mail/" Your company e-mail? Right? What if you only gain access to this stuff via your hotmail account, not your company e-mail?

 

[Ksss]

Okay...place your cursor on the start button, RIGHT click on it once. A small menu should appear,reading, Open, Explore,Find, Scan for Viruses. Click on explore. A window will open up. It will list everything in your puter (you may have to click on the folder which says windows). Scroll up until you see where it says cookies. Double click on that. Another window will open up. Go to edit and click on select all. Then go to file and click on delete, it will not allow you to delete the index, which you must have. Next scroll down to history. Delete everything out of your history files, mine goes as far back as 5 weeks, although I do clear my history trail every day/every other day. Next go to temporary internet files. Go to edit, select all; go to file and delete. Next go to your Recycle bin and empty it. Reboot your computer, all traces are gone.

Thye access your email through your cookies..Example, when you log on here it says Cookied yet?, then when you log off it says all cookies have been cleared. This is what they trace. If you don't delete them off your harddrive, sites trace these, hence the email.

 

[TonyG]

Actually, your method will still not get rid of all of the traces in the computer. If you use the "find" method on "temp internet" with *.* file type and then select and delete, it will get rid of 90% (same as your method). However, it will also list a few other files which you must open and delete the items also. These files are not deleted via your method. They are also not deleted if you use the "internet options" method in the "control panel".

Then there is the folder "recent" which must also be cleaned out. Plus, remember that even when you empty the recycle bin the files are still physically on the disk. They are only "marked" as removed. A specialist can retrieve these files if the company desires. There are programs which claim they "destroy" these marked files but they seem to do more damage than good.

 

[ranajja]

Another question, please

Okay, I'm with Sparky--I'm only slightly more computer literate than your average bear--

Say I'm using the company's laptop, which has been provided to me for use in and out of the office. At certain times during the day (breaks, lunch), I visit literotica--on the company's laptop, using company telephone lines, but accessing my server. I've been doing this for months--can "they" tell where I've been? Or can they just "see" the telephone number of my server?

Clear as mud? Am I being paranoid? Any info would be greatly appreciated.

 

[Guest]

I am by no means an expert.

 

[Sparky Kronkite]

So, I'm on NT.....

Is it true that there is no way I can defrag?

Thanks all by the way - very helpful.

 

[Thor's Hammer]

Orwellian

I hate to admit it, but I have worked with computers since the first one crawled up out of the slime. I have managed them for more years than I care to admit.

Bottom line, if "we" really want to know, we can find out ANYTHING. Practically speaking, most organizations are somewhat lazziez (sp) faire (sp). Most of us in the business do not want to be the "thought police." Having said that, if someone (a disgruntled co-worker for example) complains - then we have to "look." Free advice - do not do anything on someone else's (translate - employer) computer that you would not want to be printed at high noon in your favorite square.

The REALLY sophisticated folks (intelligence agencies) have techniques that would make your head spin.

 

[Cyan BloodsBane]

Re: So, on my computer......

On my NT bases sytem and being an administrator - can I eradicate any "cookies" or other possibly damaging info?

How? Step by step please - I'm a moron remember.

And, let me get this straight - they monitor "your e-mail/" Your company e-mail? Right? What if you only gain access to this stuff via your hotmail account, not your company e-mail?

Spark,


Step by step,

1) Go to start button
2) Go to find, then to folders or files
3) Type in cookies
4) Look through the list that you have been given and find out wich ones you need to get rid of.
5) Delete cookie file, don't worry the file will be remade when you visit another site.

if you are using Netscape,

1) Click on the start button,
2) Go to programs,
3) Go to explore
5) Go to program files folder
6) Go to netscape folder
7) Choose which user you are, the click on folder
8) find the cookie file and delete it.


Always clear your cache, your history list, and thats about all you can do. Some adims, like myself, have to folders for online time, which copies the orgianal as it is beening used.

as for the defrag, yes you can defrag NT, how I will get back to you on that. I have to pull the book out.


Remember, the best why to prtect yourself is to have fire walls, they help. A really good free one is zonealarm which can be found at http://www.zonealarm.com or zonelabs.com

Cyan

 

[Curious Guy]

The best advice for company systems is do not go to a site the management would not approve of. No matter how careful you are, you leave tracks. A lot of people have lost good jobs for misuse of employers systems.

 

[Pepin]

The company I work for "hides" copies of Temp internet files, cookies, etc on another server, in another state... if you don't know where to look, yer fucked if you been surfin porn.

Keep in mind.. they can install whatever they want, watch, look at, follow, stalk, etc.. that is what system administrators are paid to do.

Among others I have seen them drink coffee, give dumb looks, write web pages for thier own personal gain... the possibilities are endless.

As an administrator of my OWN LAN here at home.. I let the lil woman do what she wants... as long as bo-bo gets a honkin!



Pepin

 

[fgarvb1]

reading tracks

Good subject..good anserws...have question..please advise.

how about deleting with wiping using the DOD method with the program BC WIPE.??

.........WARNING.!!.....if you have this program do not use it on anything you may want to recover later.

 

[Weird Harold]

Re: I am by no means an expert.

In the matter of seeing where you have been I wield yield to anyone with half a brain but here is what I think I know. Harold help us:

I find internet traces in the following folders; "Temp", "temp internet", "cookies", "history", "recent" and of course the recycle bin after you are done. I believe "shift-delete" bypasses the recycle bin but I dump the recycle bin anyway. Be sure to look under profiles also. I go thru windows explorer to find and delete files within those folders.

Norton Utilities had a very good security program for DOS and Windows 3.1 named WIPEFILE that could be configured as the default method to delete files. I don't know if it was upgraded to work under Windows 95 or later.

Short of using such a security program, I don't know of any way to be absolutely sure of removing all traces of what you've been doing on your computer. In the case of a corporate network that saves duplicate files off-site, even that won't work.

Defrag will overwrite deleted information in the "holes" and at the very end of the drive. Depending on how full your hard drive is, it can overwrite every trace of deleted files. (Example: My C: partition is only 1 GB, and 60% full. Defragging it uses every block on the drive at least once, so everything on that drive gets overwritten. My F: partition is 5 GB and only 5% full. Defragging that drive only overwrites information on the first 5% and last 5% of the drive -- The remaining 90% of the drive is untouched by Defrag.

(Note: any drive which is a "network" drive, like most of those under Windows NT, can't be defragged unless it is separated from the network. eg booted in "safe mode" with no network connections.)

The only absolutely positive method available to keep your employer from knowing that you read porn, is to not read it on any machine he has access to.

If you have a file that you want to erase so it can't be recovered and have no specialized program to wipe the bolcks it used, You can use Word, WordPad, or any other program that can manage a file the size of your drive.

Create a file that consists of a series of spaces.
"Select all" and copy to the clipboard.
Insert the copied block of spaces into the same file.
Repeat until you are told you've run out of disk space.
Delete the last inserted block, and save the file.
Delete the file and purge the wastebin.

That writes spaces to every unused block of the drive.

One neglected file that can tip off snoops to your computer usage, is the virtual memory swap file. To purge it, you need to reassign it to another drive, wipe the disk, move it back, and wipe the other disk. Even then, some of the information on what windows has been used for is going to move with the file and be accessible to snoops.

One final thought: If I were monitoring a system, and saw a lot of deletions and file wiping going on, I would get very interested in what that person was trying to hide.

 

[TonyG]

Be careful with programs that claim to remove deleted files. Most deleted files have had the first character of the file name changed to a ~ character. These programs look for this character as a signal that it is a deleted file. The problem is that some programs actually use the ~ to mark special data files. It is an old programming technique but still widely utilized. I know because I used First Aid to clean up my disk and lost 3 important files.

 

[Weird Harold]

The problem is that some programs actually use the ~ to mark special data files. It is an old programming technique but still widely utilized. I know because I used First Aid to clean up my disk and lost 3 important files.

This is a problem of a conflict between older programs and the new long file names available under Windows 98.

If you use a prgram to "wipe" deleted files, make sure it is compatible with Windows 98's long file names. Most DOS based programs can't handle the long file even if they are "Windows 98 comaptible" because the long file names aren't "linked" to the file on the disk, but converted by windows from a shorter name that uses the tilde (~) to distinguish the long names from "standard" (old style) names.

 

[Guest]

windows NT

 

[Weird Harold]

Re: windows NT

I also asked the system administrator to help me with a problem once and I asked if he could access my computer from remote since he could access the server, he said no he couldn't. He said the only thing he could access were items placed on the "k" drive not the "C". The k is just a partition on the server I presume.

Sounds like you are configured as a "Client" on a server. In other words, the drives on your computer are not shared with the network.

You will probably still have to boot without any networking software loaded to do a defrag. While your drive is not accessible to other users, it's still being used for buffering and other network related background work.

As far as the rest of the network is concerned, your system doesn't have any drives, because your system is not configured to share it's resources.

Now, that doesn't mean that with the right software, and in the absence of a firewall on your system, that someone can't log in anonymously to your system and take whatever they want from your C: drive. They can do that to my system, and I don't have any networking software installed. (Fortunately, I have my system configured so that an anonymous login can't do anything.)

They can login through the modem or through the network link with the right software. I would guess that your system administrator either doesn't have the software, or is under-qualified for his job. (probably the latter, although that's not necessarily a knock on his abilities. Most system administrators aren't as knowledgable as they could be.)

In short, any time you are connected to another computer, it's usually possible to get anything they want from your system unless you've taken specific steps to prevent it. It's also probable that you don't particualrly need to block access via the network, because system administrator's are usually too busy to be poking about at random -- even if they know enough to be poking around.

 

[Juspar Emvan]

Just Say No

I gott agree with Thor and Shy Guy - if you are using company resources to be here, and the company frowns on porn, then stop. They can and they will fuck you up.

I have been using computers since I was 8 (18 years), I know quite a bit about them. A while ago I went through a rough patch and started surfing the net when I wasn't supposed to at work. Including porn. I rerouted, I changed user names, I deleted, I defraged, I got fired.

NT - you can do nothing.
Company LAN connection to the internet - you can do nothing.
Company lap top - you might get away with this if you use your own ISP, an third party e-mail addres and manage to find every last one of the 'footprints' that surfing leaves. Trust me these footprints are in places many, varied, and well hidden.

Just Say No - it's not worth it.

 

[BigJMan1281]

Reply from an Admin

Take it FROM A SYSTEM ADMIN; don't think you can cover your tracks. I get paid to manage a network and I have to dig up stuff on people all the time. I don't care if you are on a desktop, laptop, your ISP, our email, whatever. I can still catch you.