Jump to content

"Spy" software


sirgregg
 Share

Recommended Posts

So here's the thing. My employer has a couple of workers he doesn't really trust. He asked me to try and find a way to monitor his actions on the PC. I tried to find an auditing software but everything I could find is either very expensive or not really stealthy. I thought about capturing the packets between the PC and the router (since I'm mostly interested in the web traffic) and filtering them on the fly to save only the important information. I am not however sure if that's possible, and if - how to do that.

How would you go about doing that? Any ideas, solutions?

Link to comment
Share on other sites

if you have a linux pc use ettercap to mitm the employees then use urlsnarf to see the urls they visit. for lols you use driftnet after mitm and see all the images going through ur network card

[sudo] ettercap -i <network interface> -G

urlsnarf - sniffs traffic for url headers (text based, and just the url of the page) sudo urlsnarf -i eth1

Driftnet -Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes. driftnet -i eth1

or just get some hardware keylogger.

im very surprised your employer has no way of monitoring traffic/comp use o.o what happens if a serious lawsuit gets thrown at the company cause someone was uploading/downloading kiddy pr0n or music. if u can't get evidence who did it the company is going to take the blame

Link to comment
Share on other sites

Depends on company policy on employees use of computer networks. When you start a new job you would usually have to sign a company statement on authorised use of their networks, if you don't have it in writing that their traffic can be monitered without their knowledge then you could have a lawsuit on your hands.

Link to comment
Share on other sites

Any company with half a brain will have that clause in there Systems user agreement IMO. My last job had this , and it wasn't very well enforced which sucked. Nothing like doing double the work so other people can fuck around on facebook all day (They wouldn't block it, no matter how many times the issue was raised.)

Link to comment
Share on other sites

Our system used a proxy you had to log into. The proxy would pop up with a note that all system activity was logged and for bussiness uses only, violators would be terminated. The system for the most part blocked sites like Facebook and YouTube anyway, so you couldn't get on them if you wanted to. Why a company woudl not block them to begin with is their own fault.

Link to comment
Share on other sites

  • 4 weeks later...
So here's the thing. My employer has a couple of workers he doesn't really trust. He asked me to try and find a way to monitor his actions on the PC. I tried to find an auditing software but everything I could find is either very expensive or not really stealthy. I thought about capturing the packets between the PC and the router (since I'm mostly interested in the web traffic) and filtering them on the fly to save only the important information. I am not however sure if that's possible, and if - how to do that.

How would you go about doing that? Any ideas, solutions?

1)Hard IP the box

2)Use wireshark and just listen to the activity to and from that box

Link to comment
Share on other sites

  • 2 months later...

im pretty sure you can get webmarshall free for 30days, set it up on a box and target your problem child until your told to stop. and don't forget to get authorization before doing any sort of monitoring, this could back fire and make you lose your job...

webmarshall kinda sucks for a permenant solution, i used it before, but its the only one i can think of off the top of my head.

also make him a normal user while your doing this so he cannot modify browser proxy settings and bypass it...

g/l

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...