Dial Home Docs

[dimitrios at gmail.com (Dimitrios Kapsalis)]

The only way I can think of this occuring in a word doc is to write a macro.

The macro can just ping your box, this should be enough to get the IP.

On Mon, Sep 21, 2009 at 2:56 AM, Andrew Ellis <only.samurai at gmail.com>wrote:

> You could add a tab to firefox's default tabs (the ones it loads on a
> new session) that points to a webserver you control. Eventually, the
> stolen laptop's new user will open firefox anew and you'll have the
> new IP. Obviously if the person stealing your box mounts the drive
> rather than logging in, this won't help.
>
> -andrew
>
> On Sun, Sep 20, 2009 at 3:49 PM, Adrian Crenshaw <irongeek at irongeek.com>
> wrote:
>  > I recently had a conversation with an author about webbugs, and it
> brought
> > another idea to mind. I seem to remember John Strand saying something
> about
> > Val Smith doing something with detecting insider threats by leaking a
> > document and seeing who opens it. (sorry I can't remember more).
> >
> > Here is the question, anyone know how to make a doc/docx/pdf load
> something
> > from an external site so you can at least find the ip of someone who
> opened
> > the document?
> >
> > Thanks,
> > Adrian
> >
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
>
>
>
> --
> Andrew Ellis
> http://www.samurainet.org/blog
>  _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090921/1f16e143/attachment.htm