Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How to obtain a yahoo username off a computer

From: "Jon Baer" <security () jonbaer net>
Date: Wed, 11 Jun 2003 19:05:47 -0700
You could do it with a sniffer but if that's if you want to sit around for
24x7 and wait for it to happen in which case Id download Snort
(www.snort.org) and write a sig to trap the user, something like:

alert tcp $MY_NET any -> $YAHOO_SERVERS any (msg:"CHAT YAHOO my guy";
flow:to_server,established; content:"username"; classtype:policy-violation;)

I checked chat.rules off snort but they don't have any Yahoo rules yet, but
not hard to write :-\

- Jon


particular Yahoo user ID from within our company.  We are about 90%
certain of the person's identity.  This user has been deleting his
cookies and temp Internet files.  We want to search his computer to see
if Yahoo ID xxxx is somewhere on his computer.   We know the Yahoo user
ID - we just need to confirm that this person is using it.  We don't
want to contact Yahoo because we don't want to go down the legal road
needed to get them to release the info.  Any ideas?



---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: