PaulDotCom mailing list archives
Can a sys admin see a gmail account
From: Russell.Butturini at Healthways.com (Butturini, Russell)
Date: Wed, 16 Dec 2009 07:16:31 -0600
From an enterprise perspective, there are plenty of products on the
market that allow for SSL inspection (Microsoft Forefront TMG, Cymphonix/ContentWatch, Citrix Netscalers, etc.) and can capture traffic or monitor activities. Usually they facilitate this by using a self-signed certificate that is published as trusted by group policy going to their appliance/software, then make the request on behalf of the client. This is (can be) done transparently to the client, so unless the certificate is carefully inspected, it may not be noticed. ________________________________ From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Joel Esler Sent: Wednesday, December 16, 2009 12:49 AM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] Can a sys admin see a gmail account Let's assume this. Is it possible? Yes. However, it'd be extremely difficult and extremely unlikely. Theoretically, yes, they can see what you are doing. But I'd bet not. J On Tue, Dec 15, 2009 at 8:55 PM, Abdul Qabiz <aqabiz at gmail.com> wrote: You are right, many admins don't have that much time. However, I learnt, any user on network can actually find out about your cookies, that can be scary situation. I would not trust any network, except the one I control. On 16/12/09 12:23 AM, Michael Miller wrote:
I would have to agree. If I was a "EVIL BOFH" I would use slidejacking to get into the users session. One question I'm asking my self right now is, How much time do the admins have to do this? Unless it's sanctioned by management. They would be violating any number of state& federal laws, and possibly company policy. If you fear you are being investigated at work. Don't use your work computer for non-business related communications. -mmiller On Tue, Dec 15, 2009 at 1:25 AM, Abdul Qabiz<aqabiz at gmail.com> wrote:What I have learnt, if you are on switched network, one can play MITM
attack
or dns spoofing, to get the GX cookies. That's all you need, GX cookies. One can use GX cookies to login into
your
gmail account. On 15/12/09 2:00 AM, Shawn McGovern wrote: Ok so my question was posted in a forum and someone gave me and
answer but
didnt explain it and then the forum post was when closed on me. So I
will
ask here for clarity and try not to kill me for this, I am trying to
learn.
So if someone uses a corporate network to check a Gmail (using SSL).
If
they check to make sure that they have a secure connection -- once
connected
-- and then they check the certificate to see if the cert hierarchy
has been
tampered with. Everything looks fine. Are any admin or whomever
able to
see you emails? Forget about software on the computer you are using,
only
through the network monitoring. I was told in the forum that they could use a monitoring program like wireshark to view them. In the wireshark forum I read that you would
need
the private key to decrypt the messages and in the forum they said
that a
sys admin can get the private key? Is that information correct? and
if so
how would they be able to get the private key? Thanks in advance _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com -- Joel Esler | 302-223-5974 | gtalk: jesler at sourcefire.com ****************************************************************************** This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, and is to be used only for the intended purpose of this communication. ****************************************************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091216/0ceff3b3/attachment.htm
Current thread:
- Can a sys admin see a gmail account, (continued)
- Can a sys admin see a gmail account Kennith Asher (Dec 14)
- Can a sys admin see a gmail account David Auclair (Dec 15)
- Can a sys admin see a gmail account Abdul Qabiz (Dec 15)
- Can a sys admin see a gmail account Michael Miller (Dec 15)
- Can a sys admin see a gmail account Abdul Qabiz (Dec 15)
- Can a sys admin see a gmail account bhoff at itworldclass.com (Dec 15)
- Can a sys admin see a gmail account Joel Esler (Dec 15)
- Can a sys admin see a gmail account Michael Douglas (Dec 16)
- Can a sys admin see a gmail account Abdul Qabiz (Dec 16)
- Can a sys admin see a gmail account d4ncingd4n at gmail.com (Dec 16)
- Can a sys admin see a gmail account Michael Miller (Dec 15)
- Can a sys admin see a gmail account Butturini, Russell (Dec 16)