Security Basics mailing list archives
RE: How to obtain a yahoo username off a computer
From: "Potter, Tim" <Tim.Potter () clarkconsulting com>
Date: Thu, 12 Jun 2003 11:47:32 -0500
Except that this person will be 'asked to leave' once we are sure they sent the offended emails to our business partner. So we need to be as close to 100% as possible. Even though this is employment at will - but we don't want to get the wrong person! And yes, most of the responses were no brainers. It was useful to learn about different scanners, etc. that I hadn't yet heard of. But overall there wasn't a ton of new info for me that was sent. I was hoping for some "quick trick" that someone knew of so we wouldn't have to go through all the sniffer work. We don't own any sniffers and will have to download and install something. -----Original Message----- From: Times Enemy [mailto:securityfocus () krr org] Sent: Thursday, June 12, 2003 12:19 AM To: security-basics () securityfocus com Subject: Re: How to obtain a yahoo username off a computer Greets.
There's been a variety of helpful responses to the original request now. There are good reasons for doing what he wants to do, but (and I'm in no way impuning the original poster by asking this) there are some crummy reasons as well. How do any of you know this isn't part of a stalking, or background info for more social engineering, or yada? Near as I know, you don't. Sure, this is worst case scenario, but isn't paranoia part of the game?
Most of the responses were rather no-brainers. If the responses here were enough to teach a stalker, social engineer, or yada, their trade ... well, at this level of the game they probably aren't too much of a threat. If the company wants to strike before the threat truly exists, then they need to upgrade their knowledge of networks and possibly computers in general a wee bit more. T'is true though, that the list doesn't know a particular members motives. I am curious though, to know, an effective and workable method for identifying stalkers, social engineers, and yada vs. valid on the up-and-up do-gooders. What say ye? Haha, i must admit though, that i do find it humorous that someone with the authority to use various sniffers and make network configuration modifications would not think to use sniffers, or would not know how to go from 0% to 90% but be stuck after gathering so much intel. I find weeding that first 10% to be much more difficult, technically, than the remaining 90%. And just for kicks, since the yahooligan is ninety percent id'ed, why not just walk up to them, and say, "Hey, stop using Yahoo, at work." If that doesn't work, draw the line, notify THE Powers that Be, and tell the yahooligan, "The company does not want to waste it's money recording everything you do with it's resources, so, i am telling you once again, stop using Yahoo, at work. Continueing to do so, will be forcing the company to take the next step." Oh, and make sure to look the yahooligan straight in the peepers and smile the whole time. :) If they persist, pull the plug on their box. That ninety percent of proof should be enough to have the company behind this. ciao .times enemy
-----Original Message----- To: security-basics () securityfocus com Subject: How to obtain a yahoo username off a computer Hello! We have a security issue and need to know who is using a particular Yahoo user ID from within our company. We are about 90% certain of the person's identity. This user has been deleting his cookies and temp Internet files. We want to search his computer to see if Yahoo ID xxxx is somewhere on his computer. We know the Yahoo user ID - we just need to confirm that this person is using it.
We don't want to contact Yahoo because we don't want to go down the legal road needed to get them to release the info. Any ideas? Thanks,-- Curt Seeliger, Data Ranger CSC, EPA/WED contractor 541/754-4638 seeliger.curt () eqa gov
------------------------------------------------------------------------ --- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
Current thread:
- Re: How to obtain a yahoo username off a computer, (continued)
- Re: How to obtain a yahoo username off a computer Richard H. Cotterell (Jun 12)
- Re: How to obtain a yahoo username off a computer Anders Reed Mohn (Jun 12)
- RE: How to obtain a yahoo username off a computer Nycum, Joe (Jun 11)
- RE: How to obtain a yahoo username off a computer Kerberus (Jun 11)
- RE: How to obtain a yahoo username off a computer Carpio, Brian (Jun 11)
- Re: How to obtain a yahoo username off a computer Chris Berry (Jun 11)
- RE: How to obtain a yahoo username off a computer Rodrigo (Jun 12)
- Re: How to obtain a yahoo username off a computer Times Enemy (Jun 12)
- RE: How to obtain a yahoo username off a computer Potter, Tim (Jun 12)
- Re: How to obtain a yahoo username off a computer Matthew Durkin (Jun 16)
- RE: How to obtain a yahoo username off a computer Potter, Tim (Jun 12)
- Re: How to obtain a yahoo username off a computer Luciano Miguel Ferreira Rocha (Jun 12)
- Re: How to obtain a yahoo username off a computer Callan K L Tham (Jun 13)
- RE: How to obtain a yahoo username off a computer Townson, Glenn A (Jun 12)
- RE: How to obtain a yahoo username off a computer Kerberus (Jun 12)
- RE: How to obtain a yahoo username off a computer Times Enemy (Jun 12)
- RE: How to obtain a yahoo username off a computer Potter, Tim (Jun 12)
- RE: How to obtain a yahoo username off a computer dave (Jun 13)
- RE: How to obtain a yahoo username off a computer Christian Freas (Jun 12)
- RE: How to obtain a yahoo username off a computer Wiest, Damian (Jun 12)
- RE: How to obtain a yahoo username off a computer Dan Bartley (Jun 12)
(Thread continues...)