Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > passive monitoring

Reply
Thread Tools

passive monitoring

 
 
zz
Guest
Posts: n/a
 
      05-28-2004
Secure Lockdown wrote:

> zz <(E-Mail Removed)> wrote in
> news:N8%sc.13279$(E-Mail Removed) y.com:
>
>
>>Secure Lockdown wrote:
>>
>>>i am in a situation where i have been asked to passively monitor (i
>>>can't tell them i am doing it) the activities on a win 2k server and
>>>what programs get installed on it.
>>>
>>>i have to give them full admin accounts and full reign over the
>>>machine, but i have to find a way to inventory the programs installed
>>>and track what they install. the machine in phisically at another
>>>location. i am able to connect to it and manipulate it remotely using
>>>MS builtin services.
>>>
>>>i was thinking of running baleric on the machine and then running it
>>>periodically every month or so and compare the results. but wondering
>>>if you guys have used a better and simpler product. i also don't have
>>>much of a budget for this. a stealth feature would be handy.
>>>

>>
>>How much software installation and typing can there be on that server?
>>A keystroke logger? That can be set to show activity at various levels
>>and e-mail you the results.
>>
>>Belarc does a pretty good job of inventoring the software.
>>
>>g-w

>
>
> no keyloggers allowed.
>


Spying software is more than keyloggers although they often are part of
the spying software. Some keep track of file access or other things that
might help you track changes to the computer.

Belarc can be installed and run and then removed so no one knows it took
an inventory. Re-install and run when needed. It usually only takes a
couple of minutes to install and run.

g-w
 
Reply With Quote
 
 
 
 
Secure Lockdown
Guest
Posts: n/a
 
      05-28-2004
zz <(E-Mail Removed)> wrote in news:gKvtc.15436$eH1.6877940
@newssvr28.news.prodigy.com:


>>
>> no keyloggers allowed.
>>

>
> Spying software is more than keyloggers although they often are part of
> the spying software. Some keep track of file access or other things that
> might help you track changes to the computer.
>
> Belarc can be installed and run and then removed so no one knows it took
> an inventory. Re-install and run when needed. It usually only takes a
> couple of minutes to install and run.
>
> g-w


thanks. but, my prob is, i have to run this remotely. i can't assess the
machine phisically.

--
Secure Lockdown
 
Reply With Quote
 
 
 
 
*Vanguard*
Guest
Posts: n/a
 
      05-28-2004
Secure Lockdown said in
news:Xns94F6CECB7C4Csecurelockdown2123@66.185.95.1 04:
> "*Vanguard*" <(E-Mail Removed)> wrote in
> news:Gcdtc.1152 $eY2.226@attbi_s02:
>
>> Who actually OWNS the machine that you intend to spy on?
>>

>
> they do but we paid for it. does that make any sense?


That does NOT answer the question! Doesn't matter who paid for it. It
matters who is the OWNER! If you sold it to them at no cost to them or
gifted it to them, THEY are the owner, not you. If you LEASED it to
them then you are still the owner, but make damn sure they know the
hardware and software was leased instead of sold or gifted.

Does the sales contract or service contract actually declare that you
are allowed to spy on their host? I really doubt it. If it is NOT in
the sales or service contract, and if it is their property, and if you
deliberately and covertly install spy software on that machine, even if
just supposedly an inventory program, you may find out how quickly your
butt will end up in court. You spying without a court order on property
or premises not belonging to you will not only get you paying for
settling the civil suit but also subject you to be charged in a criminal
suit where all your records and assets can be seized during the trial.
The State Attorney can put a company out of business pending the outcome
of a criminal trial.

> as stated in other post. i don't want to use a key logger. the data
> input is confidential and i don't want to see it.
>
> i just need a program inventory audit trail on a regular basis. the
> support agreement states that they will not install non-approved
> software otherwise we will not support it. i don't think i can
> enforce it anyways, but at least i will have some sort of proof that
> they voided the agreement.
>
> baleric is good. but i don't think i can run it remotely via command
> line, can i? i tested the free ver. on a test box, it leaves a lot of
> junk.


You think they cannot monitor their off-network traffic to note your
unauthorized inbound remote access? Anything you are trying to do will
get killed as soon as they implement a firewall. They may log all
inbound hacker attempts, and that would include you. Any local program
that has not been authorized to have an Internet connection would be
viewed as a trojan. Without us knowing the conditions of transfer of
ownership (which, apparently to you, is really a lease) then you sound
like someone trying to hack someone else's property.

If you paid for it but they possess it, did ownership *actually*
transfer to them? Doesn't matter if it was a gift. Ownership is
ownership, and once you transfer it then you don't have it anymore. Or
did you lease the computer to them at no cost to them and you still
retain ownership? A sale or gifting of property transfers ownership.
Leasing does not. Sounds like you need to notify them that to enforce
the conditions of your LEASE that you need to install inventoring
software that will monitor what programs have been installed.

A search at Google on, say, "software hardware inventory remote access",
turns up lots of inventorying products. Just be damn sure WHO is the
actual owner of the property and what was agreed upon in the contracts.
If you don't cover your butt with some legal asbestos then expect to get
royally reamed and burned.

--
__________________________________________________ __________
*** Post replies to newsgroup. Share with others.
*** Email domain = ".com" *AND* append "=NEWS=" to Subject.
__________________________________________________ __________


 
Reply With Quote
 
Secure Lockdown
Guest
Posts: n/a
 
      05-30-2004
"*Vanguard*" <(E-Mail Removed)> wrote in
news:mrztc.2290$js4.555@attbi_s51:

> Secure Lockdown said in
> news:Xns94F6CECB7C4Csecurelockdown2123@66.185.95.1 04:
>> "*Vanguard*" <(E-Mail Removed)> wrote in
>> news:Gcdtc.1152 $eY2.226@attbi_s02:
>>
>>> Who actually OWNS the machine that you intend to spy on?
>>>

>>
>> they do but we paid for it. does that make any sense?

>
> That does NOT answer the question! Doesn't matter who paid for it. It
> matters who is the OWNER! If you sold it to them at no cost to them or
> gifted it to them, THEY are the owner, not you. If you LEASED it to
> them then you are still the owner, but make damn sure they know the
> hardware and software was leased instead of sold or gifted.
>
> Does the sales contract or service contract actually declare that you
> are allowed to spy on their host? I really doubt it. If it is NOT in
> the sales or service contract, and if it is their property, and if you
> deliberately and covertly install spy software on that machine, even if
> just supposedly an inventory program, you may find out how quickly your
> butt will end up in court. You spying without a court order on

property
> or premises not belonging to you will not only get you paying for
> settling the civil suit but also subject you to be charged in a

criminal
> suit where all your records and assets can be seized during the trial.
> The State Attorney can put a company out of business pending the

outcome
> of a criminal trial.
>
>> as stated in other post. i don't want to use a key logger. the data
>> input is confidential and i don't want to see it.
>>
>> i just need a program inventory audit trail on a regular basis. the
>> support agreement states that they will not install non-approved
>> software otherwise we will not support it. i don't think i can
>> enforce it anyways, but at least i will have some sort of proof that
>> they voided the agreement.
>>
>> baleric is good. but i don't think i can run it remotely via command
>> line, can i? i tested the free ver. on a test box, it leaves a lot of
>> junk.

>
> You think they cannot monitor their off-network traffic to note your
> unauthorized inbound remote access? Anything you are trying to do will
> get killed as soon as they implement a firewall. They may log all
> inbound hacker attempts, and that would include you. Any local program
> that has not been authorized to have an Internet connection would be
> viewed as a trojan. Without us knowing the conditions of transfer of
> ownership (which, apparently to you, is really a lease) then you sound
> like someone trying to hack someone else's property.
>
> If you paid for it but they possess it, did ownership *actually*
> transfer to them? Doesn't matter if it was a gift. Ownership is
> ownership, and once you transfer it then you don't have it anymore. Or
> did you lease the computer to them at no cost to them and you still
> retain ownership? A sale or gifting of property transfers ownership.
> Leasing does not. Sounds like you need to notify them that to enforce
> the conditions of your LEASE that you need to install inventoring
> software that will monitor what programs have been installed.
>
> A search at Google on, say, "software hardware inventory remote

access",
> turns up lots of inventorying products. Just be damn sure WHO is the
> actual owner of the property and what was agreed upon in the contracts.
> If you don't cover your butt with some legal asbestos then expect to

get
> royally reamed and burned.
>


you make very good points re: ownership. i guess they do own it. running
programs on it without their authorization would be unethical and
considered a breach of trust.

what i might do is just tell them i need to install a new prog, install
baleric and not tell them what it does.
--
Secure Lockdown
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
XSPC Passive Aluminium Reservoir @ Viperlair Silverstrand Front Page News 0 08-24-2005 11:06 PM
passive ftp on CSS 11150 fails Martial Cisco 1 12-01-2004 08:55 AM
Any chance for passive FTP with this config? Matthias Fischer Cisco 0 01-31-2004 11:08 AM
ftp passive command brian Cisco 0 11-22-2003 01:30 AM
Disable passive ftp in Mozilla 1.4 Michel Hoogervorst Firefox 0 07-29-2003 06:29 AM



Advertisments