Help can It spy on me during work

Hi guys
I know it sound like a stupid question but i wish if someone can help
me
My company send memo asking the employee to stop using the internet for
personal purpose.

I know they can know all the web site i visit. I want to know if I used
a remote desktop to connect to my computer at home. Can they still spy
on me and if i am chating or no? or what i type on chating.


I work for long hours and it is nice to check email or chat with friend
from time to time.

Help

"David" <iamforu69@yahoo.com> writes:

>Hi guys
>I know it sound like a stupid question but i wish if someone can help
>me
>My company send memo asking the employee to stop using the internet for
>personal purpose.

First find out what they mean "personal purposes". Ie, is sending a friend
and email fall under that? Or do they primarily mean web surfing?


>I know they can know all the web site i visit. I want to know if I used
>a remote desktop to connect to my computer at home. Can they still spy
>on me and if i am chating or no? or what i type on chating.


Not sure what you mean. But yes, depending on how much they want to know,
they can find out. They could intercept the packets coming out of your
machine and read them for example. They could install desktop mirroring
software so at any time they could bring up your desktop on their machine
and see what is being displayed.



>I work for long hours and it is nice to check email or chat with friend
>from time to time.

Yes, and they may or they may not object to that. do they pay you double
time for your overtime-- if so they might well want to make sure they are
getting their money's worth. Or do they expect you to work lots of overtime
for free?


>Help

On 2005-07-20, David <iamforu69@yahoo.com> wrote:

> I know it sound like a stupid question but i wish if someone can help
> me
> My company send memo asking the employee to stop using the internet for
> personal purpose.
>
> I know they can know all the web site i visit. I want to know if I used
> a remote desktop to connect to my computer at home. Can they still spy
> on me and if i am chating or no? or what i type on chating.

That would depend on how you're accessing the remote desktop. If you're
just using a simple VNC or X session, everything is pretty much in the
open. If you're tunneling these services through ssh, then the whole
session will be encrypted and much more difficult to snoop.

--

-John (john@os2.dhs.org)

In comp.os.linux.security Dave {Reply Address in.sig} <noone$$@llondel.org>:
> In message <slrnddtp7h.3004.john@amayatra.os2.dhs.org>, John Thompson wrote:

>> On 2005-07-20, David <iamforu69@yahoo.com> wrote:
>>
>>> I know it sound like a stupid question but i wish if someone can help
>>> me
>>> My company send memo asking the employee to stop using the internet for
>>> personal purpose.
>>>
>>> I know they can know all the web site i visit. I want to know if I used
>>> a remote desktop to connect to my computer at home. Can they still spy

?
Sounds like doze?

>>> on me and if i am chating or no? or what i type on chating.


>> That would depend on how you're accessing the remote desktop. If you're
>> just using a simple VNC or X session, everything is pretty much in the
>> open. If you're tunneling these services through ssh, then the whole
>> session will be encrypted and much more difficult to snoop.
>>
> But they can still spot that you are accessing the outside world even if
> they don't know what you're doing. I've always assumed that my company is
> aware of my activity at least at the "he's accessed this port on this IP
> address" level even if it's ssh on a non-standard port or secure IMAP to
> read my home email.

Some fw allow to look at the data stream and know which
service/protocol version is used no matter on which port it runs.

--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 389: /dev/clue was linked to /dev/null

David wrote:
> Hi guys
> I know it sound like a stupid question but i wish if someone can help
> me
> My company send memo asking the employee to stop using the internet for
> personal purpose.
>
> I know they can know all the web site i visit. I want to know if I used
> a remote desktop to connect to my computer at home. Can they still spy
> on me and if i am chating or no? or what i type on chating.

Technologically speaking ... yes.

And legally speaking, in most countries, yes again.

>
>
> I work for long hours and it is nice to check email or chat with friend
> from time to time.

Ethically (and possibly legally .. depends where you live/work) if you
use the company's equipment, everything belongs to them... if you
abuse their policies, it can be grounds for termination.

But just as many make a copy or two using the work copiers, or may have
taken a pen or two home, many companies will turn a blind eye to it
unless it becomes excessive to the point of causing more serious
problems for the company.

>
> Help
>

"Dave {Reply Address in.sig}" <noone$$@llondel.org> writes:

>In message <44u3r2-j9t.ln1@news.heiming.de>, Michael Heiming wrote:

>> In comp.os.linux.security Dave {Reply Address in.sig}
>> <noone$$@llondel.org>:
>>>>
>>> But they can still spot that you are accessing the outside world even if
>>> they don't know what you're doing. I've always assumed that my company is
>>> aware of my activity at least at the "he's accessed this port on this IP
>>> address" level even if it's ssh on a non-standard port or secure IMAP to
>>> read my home email.
>>
>> Some fw allow to look at the data stream and know which
>> service/protocol version is used no matter on which port it runs.
>>
>If you're tunnelling stuff through ssh then hopefully all that can be
>deduced by intercepting the traffic stream is that it's an ssh session.
>Otherwise it sort of defeats the point of using ssh.

These are company machines. They can put onto it whatever software they
want. They can get your ssh private keys and decrypt the ssh stream. They
can put mirroring software on so they can read exactly what is shown on
your desktop as you run it.

In the Usenet newsgroup comp.os.linux.security, in article
<slrnddtp7h.3004.john@amayatra.os2.dhs.org>, John Thompson wrote:

>On 2005-07-20, David <iamforu69@yahoo.com> wrote:

>> My company send memo asking the employee to stop using the internet for
>> personal purpose.

Then don't. The memo _should_ explain what they meant, and when they
ask you to stop doing this or that, they probably mean it. If you don't
understand what they mean, ASK THEM. There are any number of reasons they
might have decreed this. It could be someone abusing the connection, or
someone downloading pr0n (and being seen by someone else - can you say
"Sexual Harassment Lawsuit" - I thought you could), or merely advise by
the legal council... it doesn't matter. They own the equipment, they
make the rules.

>> I know they can know all the web site i visit. I want to know if I used
>> a remote desktop to connect to my computer at home. Can they still spy
>> on me and if i am chating or no? or what i type on chating.
>
>That would depend on how you're accessing the remote desktop. If you're
>just using a simple VNC or X session, everything is pretty much in the
>open. If you're tunneling these services through ssh, then the whole
>session will be encrypted and much more difficult to snoop.

I am constantly amazed by the perception that if a session is encrypted,
it will be less vulnerable to snooping by IT or Security staff.

Do people honestly think we say "Oh, it's encrypted - we can't figure
out what it is, so just ignore it." I have no idea what you might
be smoking, but get _that_ idea out of your head RIGHT NOW! If I see
traffic on my wires that I can't identify, I WILL INVESTIGATE IT - even
going to the source computer and asking "WTF?".

Old guy

In the Usenet newsgroup comp.os.linux.security, in article
<2300799.SDSaZ2bgLf@robinton.llondel.org>, Dave {Reply Address in.sig} wrote:

>If you're tunnelling stuff through ssh then hopefully all that can be
>deduced by intercepting the traffic stream is that it's an ssh session.
>Otherwise it sort of defeats the point of using ssh.

Do you think because it's encrypted, IT or Security is going to ignore it?

What color is the sky on your planet?

Old guy

In comp.os.linux.security Moe Trin <ibuprofin@painkiller.example.tld>:
> In the Usenet newsgroup comp.os.linux.security, in article
> <slrnddtp7h.3004.john@amayatra.os2.dhs.org>, John Thompson wrote:

>>On 2005-07-20, David <iamforu69@yahoo.com> wrote:

>>> My company send memo asking the employee to stop using the internet for
>>> personal purpose.

> Then don't. The memo _should_ explain what they meant, and when they
> ask you to stop doing this or that, they probably mean it. If you don't
> understand what they mean, ASK THEM. There are any number of reasons they
> might have decreed this. It could be someone abusing the connection, or
> someone downloading pr0n (and being seen by someone else - can you say
> "Sexual Harassment Lawsuit" - I thought you could), or merely advise by
> the legal council... it doesn't matter. They own the equipment, they
> make the rules.

It's likely the memo just said that, stop surfing p0rn from your
corporate desktop asap! For whatever reason we are uncapable/unwilling
to spend any time/money on mantaining surf filters. So simply
stop it.

>>> I know they can know all the web site i visit. I want to know if I used
>>> a remote desktop to connect to my computer at home. Can they still spy
>>> on me and if i am chating or no? or what i type on chating.
>>
>>That would depend on how you're accessing the remote desktop. If you're
>>just using a simple VNC or X session, everything is pretty much in the
>>open. If you're tunneling these services through ssh, then the whole
>>session will be encrypted and much more difficult to snoop.

> I am constantly amazed by the perception that if a session is encrypted,
> it will be less vulnerable to snooping by IT or Security staff.

;)

> Do people honestly think we say "Oh, it's encrypted - we can't figure
> out what it is, so just ignore it." I have no idea what you might
> be smoking, but get _that_ idea out of your head RIGHT NOW! If I see
> traffic on my wires that I can't identify, I WILL INVESTIGATE IT - even
> going to the source computer and asking "WTF?".

Sounds reasonable.

--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 65: system needs to be rebooted

"Dave {Reply Address in.sig}" <noone$$@llondel.org> writes:

>In message <slrnde00hc.1t1.ibuprofin@compton.phx.az.us>, Moe Trin wrote:

>> In the Usenet newsgroup comp.os.linux.security, in article
>> <2300799.SDSaZ2bgLf@robinton.llondel.org>, Dave {Reply Address in.sig}
>> wrote:
>>
>>>If you're tunnelling stuff through ssh then hopefully all that can be
>>>deduced by intercepting the traffic stream is that it's an ssh session.
>>>Otherwise it sort of defeats the point of using ssh.
>>
>> Do you think because it's encrypted, IT or Security is going to ignore it?
>>
>I didn't say anything about ignoring it, merely that they wouldn't be able
>to tell what it was by looking at the traffic. Visits to the desk by large
>IT people with baseball bats is always a possibility. Or they might take
>the subtle approach and block the port in use to see if the user takes the
>hint first.

Why? The IT people presumably have access to the computer. No need to do
anything except copy over the private ssh key, or install a keylogger to
grab the password for it if it is encrypted.