Security Basics mailing list archives
Re: Spy Software
From: "Jon Pastore" <jpastore () idetech net>
Date: Sun, 13 Apr 2003 09:20:08 -0400
You are correct in some regard to users would know...but in most situations users are not qualified to know, nor care. In addition their job, (on the lower levels), is usually defined: These are what you use to accomplish these tasks. Unfortunately e-mail and browsing to some sites is required...Proxy servers can handle this and email monitor tools but they should know better then to do anything un approved... we found problems with customer services reps sending back inappropriate and potentially damaging emails to clients...this is bad but an approved operation...we're investigating iMail from Ipswich here's a snip from their site that motivated further investigation: "New outbound rules capability helps administrators eliminate obscene language and stop confidential information from going out. Combination rules help prevent viruses from entering the network and they cut down on spam. And you can also reduce spam by disallowing the creation of subfolders that are often byproducts of spam " Though I'd rather find a *nix solution for queuing emails from some users until approved for sending and I'd rather not have to write my own. I'm not qualified enough nor do I have the time =) -Jon ----- Original Message ----- From: "Cirelli, Keith(LBS)" <Keith.Cirelli () LibertyMutual com> To: "Richard Pachito" <alpyha () prodigy net> Cc: <security-basics () securityfocus com> Sent: Friday, April 11, 2003 1:38 PM Subject: RE: Spy Software [snip][paste] "I believe a user would have the right to know what is running on their system," You must understand something...A companies computers are theirs...Period. They have the right to put on them whatever they decide/choose/mandate/install unbeknonst to users/ however you want to slice it....they (corporations) provide users with computers, merely as a tool or vehicle of sorts to accomplish "work related" tasks....and work related tasks only (usually). It does however tend to make users uncomfortable. The reality of it is....they (Corps) can..read your e-mail, monitor your web activity, restrict web activity, restrict e-mail....or monitor any other thing they provide to employees. It sucks for some...others don't care....but that's just the way it is. Rule of thumb....(for just such an occasion as Spyware on a corporate workstation(s)) Never....ever...ever....do, say, type, browse to, mail to....anything, I REPEAT...ANNYTHING....that you would be ashamed or embarassed for your superiors to see. If it's privacy you seek....you'll probably have to do it at home(and even then it's questionable) my 2 cents... [snip][paste] "and I'm kinda ticked off that SpectorSoft denys such information." I hear ya. Let me pay you for some software and then don't tell me how it works. LAME! -----Original Message----- From: Richard Pachito [mailto:alpyha () prodigy net] Sent: Thursday, April 10, 2003 7:35 PM To: security-basics () securityfocus com Subject: Spy Software Hello, I administer workstations for a small company and the boss recently asked me to isntall sofware called "Spector Pro". It is a 'spy' utility that captures keystrokes, e-mails, instant-messages (YIM,AIM,ICQ), and takes screen shots every X amount of time. What I was wondering is how exactly does this program hide itself in the system. I've called their techs a few times to end with a repsonse of 'we are not authorized to disclose such information'. The recorded data is saved in a C:\winnt\system32\netext\ folder but no exec. There is nothing unusual listed in Task Manager that would lead me to the application running in the background. Would anyone happen to know how exactly this application works. I believe a user would have the right to know what is running on their system, and I'm kinda ticked off that Spector Soft denys such information. ------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. ------------------------------------------------------------------- ------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. ------------------------------------------------------------------- ------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. -------------------------------------------------------------------
Current thread:
- Spy Software Richard Pachito (Apr 11)
- Re: Spy Software Jeffrey S. Sims (Apr 12)
- RE: Spy Software Seth Connolly (Apr 12)
- <Possible follow-ups>
- RE: Spy Software Clark, Steve (Apr 12)
- RE: Spy Software CHRIS GRABENSTEIN (Apr 12)
- RE: Spy Software Michael Parker (Apr 12)
- RE: Spy Software Cirelli, Keith(LBS) (Apr 12)
- RE: Spy Software David Moisan (Apr 14)
- Re: Spy Software Jon Pastore (Apr 14)
- Re: Spy Software H Carvey (Apr 12)
- Re: Spy Software Mark Ng (Apr 14)
- Re: Spy Software Harlan Carvey (Apr 14)
- Re: Spy Software mobilejimbo (Apr 15)
- Re: Spy Software Mark Ng (Apr 16)
- Re: Spy Software mobilejimbo (Apr 16)
- RE: Spy Software D. Weiss (Apr 17)
- Re: Spy Software Mark Ng (Apr 14)