PaulDotCom mailing list archives
Can a sys admin see a gmail account
From: dagershman_dgt at dagertech.net (David A. Gershman)
Date: Mon, 14 Dec 2009 13:20:26 -0800 (PST)
My $.03: I doubt anyone minds people trying to learn new things, so ask away. As for your question, again only from the network standpoint, a sys admin should not be able to read the encrypted traffic. There are a couple of assumptions though: - You've configured Google mail to stay in SSL. - The SSL certs are valid *throughout* the login session (i.e. there was a vuln in SSL protocol recently. Anyone want to take this point?) Although, the forum answer is also correct. As with any encryption, a key is needed to decrypt. So if the monitor/observer in the middle has that key, then yes...they can decrypt and see the emails. However, the key used to encrypt the SSL session is agreed upon by your browser and the Google server "in a safe fashion" (i.e. using the certs they encrypt the negotiation for the session key). So the sys admin should not be able to obtain the key in order to decrypt. --David
Ok so my question was posted in a forum and someone gave me and answer but didnt explain it and then the forum post was when closed on me. So I will ask here for clarity and try not to kill me for this, I am trying to
learn.
So if someone uses a corporate network to check a Gmail (using SSL). If they check to make sure that they have a secure connection -- once
connected
-- and then they check the certificate to see if the cert hierarchy
has been
tampered with. Everything looks fine. Are any admin or whomever able to see you emails? Forget about software on the computer you are using, only through the network monitoring. I was told in the forum that they could use a monitoring program like wireshark to view them. In the wireshark forum I read that you would need the private key to decrypt the messages and in the forum they said that a sys admin can get the private key? Is that information correct? and
if so
how would they be able to get the private key? Thanks in advance
---------------------------------------- David A. Gershman gershman at dagertech.net http://dagertech.net/gershman/ "It's all about the path!" --d. gershman
Current thread:
- Can a sys admin see a gmail account, (continued)
- Can a sys admin see a gmail account David Auclair (Dec 15)
- Can a sys admin see a gmail account Abdul Qabiz (Dec 15)
- Can a sys admin see a gmail account Michael Miller (Dec 15)
- Can a sys admin see a gmail account Abdul Qabiz (Dec 15)
- Can a sys admin see a gmail account bhoff at itworldclass.com (Dec 15)
- Can a sys admin see a gmail account Joel Esler (Dec 15)
- Can a sys admin see a gmail account Michael Douglas (Dec 16)
- Can a sys admin see a gmail account Abdul Qabiz (Dec 16)
- Can a sys admin see a gmail account d4ncingd4n at gmail.com (Dec 16)
- Can a sys admin see a gmail account Michael Miller (Dec 15)
- Can a sys admin see a gmail account Butturini, Russell (Dec 16)