Home page logo
/

basics logo Security Basics mailing list archives

Re: How to stop Admins from sniffing ?
From: Ruben Alves <ruben () multibase pt>
Date: Fri, 28 Jul 2006 16:41:01 +0100

I completely agree with Edmund, as an employee you have to respect the policies and the rules of the company you are working for. Anyway, if they are monitoring you with ethereal (oups.. wireshark) they have to spend a lot of time to see exactly what you are doing. And no one is doing this kind of hard work... Anyway, you should think this way: network admin is payed to do this job, and you are payed to do yours, not for establishing secure connection to your home in order to see websites that you shouldn't be visiting... Solution: talk with them/him, and try to resolve the best way (social one) and focus on your job...

Regards

//Ruben

cc wrote:
Didn't you write?:
I work in a small organisation and the system and network administrators here are constantly monitoring all data in the 
network. I have seen them running Etherreal on their systems and from their talks i am sure that they know who is doing 
what. I m using windows XP and i have a personal firewall installed which pop's up every few minutes saying that there 
is a port scan attack going on. And when i looked up that IP address it belongs to tbe system being used by the 
administrator. I have tried talking to my bosses about this but not happened ( maybe the admins convinced them that they are 
not doing anything like that or its happening by bosses permisson).  i know since they are in same network as me its easy 
for them to sniff all traffic and everything.


This all depends entirely on your company's policies (computer or
otherwise).  Are  the Sys and Net admins sanctioned by the management
to administer these monitors?

You are, after all, working in a company and not at home and thusly,
you'd have to follow the rules and regulations as dictated by
your company.  I am assuming that the computer you are using is
company property.  In my company,  employees are not told they
can't bring their own notebooks; but they are strictly prohibited
in plugging it into the company network.  The moment they do
that, it is a breach in the network.

Also, by encrypting your traffic, and knowing your sys/net admins are
watching, would you not think they'd suspect something is wrong and
take it as their job to investigate the reasons for your secrecy?
You are doing company-work, are you not?  They know your job nature.
If you feel that your job requires encrypted traffic, then it is
in your best interest to talk to the sys/net admins and the
management.

What i want to know from you ppl is that is there is anyway way to stop this ? is it possible for me to encrypt all traffic going out from my system ?

Take it up with the management and the sys/net admins.  It really
isn't our place to circumvent whatever computer system policies
and protections you have going in your company.


Edmund



---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------



---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]