Security Basics mailing list archives
RE: Spy Software & Internet/Email Monitoring
From: "Trevor Cushen" <Trevor.Cushen () sysnet ie>
Date: Mon, 14 Apr 2003 10:08:23 +0100
****************************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this message in error please notify SYSNET Ltd., at telephone no: +353-1-2983000 or postmaster () sysnet ie ****************************************************************************** It is very interesting that these two threads are running side by side on the list. I didn't note who sent the original post on the spyware but anyway might have your boss look into the legalitites of spyware software being used with employees. They must be informed they are being monitored is the jist of the other thread on monitoring. The phone home in the mail below this is not a happy thought either and makes you wonder what right the software had to do that. Must have a look at the license agreement there!!!. AppWatcher is another one which produces screen shots etc and was shareware or freeware last time I looked. But these types of software are very intrusive and should be handled with care. What is your bosses plan of action if he finds 20 employees mis-using company resources two days after the software is installed. Disaster recovery and business continuity plans spring to mind. Has he a policy in place?. Is HR aware of this monitoring?. Are the companies legal people aware of it and how to handle the information in an unfair dismissal case? You have to install it on all workstations or else you could be accused of discrimnating. Anyway that's my two cents as the saying goes. But I will point out that these two threads certainly show the value of this list and long may it continue :) Trevor Cushen -----Original Message----- From: Michael Parker [mailto:mparker () rim net] Sent: 11 April 2003 17:28 To: Richard Pachito; security-basics () securityfocus com Subject: RE: Spy Software I installed a full pirated copy of this one once for "evaluation purposes". Much to my surprise, even though I had entered a serial number and opted not to register and specifically chose not to obtain any upgrades or signatures, I received an email a day or so later that the software was not a legal copy and to uninstall it. Obviously the software has some ability to "phone home". I tried a few of these utilities and they are kinda scary...Blazing Tools Perfect Key Logger and Iopus Starr Pro. Once I got that email I uninstalled the software and went crazy getting software to detect any further "Spyware". The problem is now that some of the spyware uses "Black Code" to prevent "spyware detectors" from working properly (unfortunately I can't find the document that provided that info). Regards, Michael -----Original Message----- From: Richard Pachito [mailto:alpyha () prodigy net] Sent: April 10, 2003 7:35 PM To: security-basics () securityfocus com Subject: Spy Software Hello, I administer workstations for a small company and the boss recently asked me to isntall sofware called "Spector Pro". It is a 'spy' utility that captures keystrokes, e-mails, instant-messages (YIM,AIM,ICQ), and takes screen shots every X amount of time. What I was wondering is how exactly does this program hide itself in the system. I've called their techs a few times to end with a repsonse of 'we are not authorized to disclose such information'. The recorded data is saved in a C:\winnt\system32\netext\ folder but no exec. There is nothing unusual listed in Task Manager that would lead me to the application running in the background. Would anyone happen to know how exactly this application works. I believe a user would have the right to know what is running on their system, and I'm kinda ticked off that Spector Soft denys such information. ------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. ------------------------------------------------------------------- ------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. ------------------------------------------------------------------- ------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. -------------------------------------------------------------------
Current thread:
- RE: Spy Software & Internet/Email Monitoring Trevor Cushen (Apr 14)
- Re: Spy Software & Internet/Email Monitoring Charles Otstot (Apr 15)
- RE: Spy Software & Internet/Email Monitoring Jon Pastore (Apr 17)
- <Possible follow-ups>
- RE: Spy Software & Internet/Email Monitoring Trevor Cushen (Apr 15)
- RE: Spy Software & Internet/Email Monitoring Richard Pachito (Apr 15)
- RE: Spy Software & Internet/Email Monitoring Richard Pachito (Apr 17)
- RE: Spy Software & Internet/Email Monitoring CHRIS GRABENSTEIN (Apr 17)
- Re: Spy Software & Internet/Email Monitoring Charles Otstot (Apr 15)