BMW M3 Forum (E90 E92)

BMW Garage BMW Meets Register Search Today's Posts Mark Forums Read


Go Back   M3Post - BMW M3 Forum > BIMMERPOST Universal Forums > Off-Topic Discussions Board
 
OneEighty
Post Reply
 
Thread Tools Search this Thread
      10-19-2011, 02:41 PM   #1
Dvdman
Captain
 
Dvdman's Avatar
 
Drives: 2008 BMW 335 XI
Join Date: Aug 2009
Location: Chicago, IL

Posts: 905
iTrader: (2)

ANY IT guys answer this?

I have been at my job for over 5 years. I search all types of stuff all day long at work. No porn but things like lamebook or failblog (4 CHAN) certain websites that are probably not appropriate for my job. (Stock broker at a major firm). Does anyone know how red flags are drawn? NO one has said anything to me. When I am bored I am on the internet since I cant leave my desk. Any opinions??
Dvdman is offline  
0
Reply With Quote
      10-19-2011, 03:25 PM   #2
Dvdman
Captain
 
Dvdman's Avatar
 
Drives: 2008 BMW 335 XI
Join Date: Aug 2009
Location: Chicago, IL

Posts: 905
iTrader: (2)

Also , lets say Im writing personal stuff on my Gmail from work. Can they intercept my email or see what I wrote?
Dvdman is offline  
0
Reply With Quote
      10-19-2011, 05:29 PM   #3
Kroy
Brigadier General
 
Kroy's Avatar
 
Drives: E90
Join Date: Jul 2009
Location: Los Angeles, CA

Posts: 3,035
iTrader: (1)

not in IT

not sure about reading your emails on gmail but they'll be able to tell what sites you've visited. if you use a proxy, they'll know you went on a proxy to hide your ish. you're probably not causing any waves so they don't do anything about you as it is fairly harmless. but if they want to, they can keep tabs on you.
Kroy is offline   United_States
0
Reply With Quote
      10-19-2011, 07:43 PM   #4
sistom
Second Lieutenant
 
sistom's Avatar
 
Drives: '08 135i M-Sport Coupé
Join Date: Feb 2011
Location: Saint Simons Island, Georgia

Posts: 234
iTrader: (3)

Regardless if you're using a proxy or not, they can still see what you are doing. All of the information is still having to be processed through their servers to your desktop....
sistom is offline  
0
Reply With Quote
      10-20-2011, 03:28 PM   #5
ShakyDog
2008 X3 Jet Black/Tan
 
ShakyDog's Avatar
 
Drives: 2007 Z4 3.0i Alpine White/Red
Join Date: Mar 2010
Location: Missouri

Posts: 319
iTrader: (3)

Your email can be read by anyone on your network, if they know what they are doing. Email is not encrypted and is sent in plain text and can be read by anyone that has enough time to intercept. Are they? Who knows. Yes they can see every site you go to each day and depending on the type of hardware they can tell how long at each site and which computers.

Steve
ShakyDog is offline   United_States
0
Reply With Quote
      10-20-2011, 11:50 PM   #6
Tondtar
12 yr old Juvie
 
Tondtar's Avatar
 
Drives: His Mom Crazy
Join Date: Apr 2008
Location: El Lay

Posts: 884
iTrader: (2)

Garage List
You are the reason we are in this economic melt down now
Tondtar is offline   Vanuatu
0
Reply With Quote
      10-21-2011, 06:42 AM   #7
cindisargent
Registered
 
Drives: BMW X6
Join Date: Oct 2011
Location: Atlanta, Georgia

Posts: 3
iTrader: (0)

I would suggest that you avoid doing such a thing; I had my friends getting fired from the company when they were found to be using facebook and only during break time. The office is pretty strict and does a review on the system usage of everyone. Its really scary to see how much data can they come up with.
cindisargent is offline  
0
Reply With Quote
      10-21-2011, 10:18 AM   #8
Dvdman
Captain
 
Dvdman's Avatar
 
Drives: 2008 BMW 335 XI
Join Date: Aug 2009
Location: Chicago, IL

Posts: 905
iTrader: (2)

Thanks for the advice. I am just wondering why they havent said anything for so long. Maybe they don't have an issue with my browsing history as long as there is no porn or anything too bad.
Dvdman is offline  
0
Reply With Quote
      11-23-2011, 01:18 PM   #9
UncleWede
Long Time Admirer, First Time Owner
 
UncleWede's Avatar
 
Drives: E90 325i Arctic
Join Date: Jun 2005
Location: Oxnard, CA

Posts: 2,347
iTrader: (0)

Yes, we CAN see what you are doing. What you need to study is the acceptable usage policy at your office.
The running joke here is that I know every web page people go to. I don't UNLESS HR asks me to review your history. I can retreive at least a year of history. I beleive some people were recently let go for facebook/dating website visits.
UncleWede is offline   United_States
0
Reply With Quote
      11-23-2011, 02:52 PM   #10
DavidJS
Private First Class
 
Drives: Z4 sDrive 35is
Join Date: Oct 2011
Location: New Jersey

Posts: 119
iTrader: (0)

There is a sticker on my work laptop that says:

"This is a [company name] system restricted to Company Official Business and subject to being monitored at any time. Anyone using this system expressly consents to such monitoring and to any evidence of unauthorized access, use, or modification being used for criminal prosecution."
DavidJS is offline   United_States
0
Reply With Quote
      12-29-2011, 05:36 PM   #11
vasillalov
Mad Linux Guru On The Loose
 
vasillalov's Avatar
 
Drives: 2008 335i Sedan
Join Date: Aug 2009
Location: Chicago, IL

Posts: 4,138
iTrader: (3)

Garage List
2008 335i E90  [4.00]
* Torify: https://www.torproject.org/

* Use privacy mode on browser
__________________
Equal Opportunity Harasser!
6MT | COBB | AR | AE | Forge DV | HPF | P3 Gauge | Hybrid Intake | O.S.Giken TCD | All M3 bits | TCKLine
vasillalov is offline   Bulgaria
0
Reply With Quote
      12-31-2011, 08:42 AM   #12
radix
there's something different about him
 
radix's Avatar
 
Drives: -
Join Date: Feb 2008
Location: -

Posts: 896
iTrader: (0)

Quote:
Originally Posted by Devestator View Post
Also , lets say Im writing personal stuff on my Gmail from work. Can they intercept my email or see what I wrote?
If you are using HTTPS then the answer is more than likely no. It is possible to construct a man in the middle attack whereby they use a proxy that forges certificates and passes them off to both endpoints, however you should still be able to identify a phony cert pretty easily.

E.g. in Chrome, click the lock next to the URL, then click "certificate information".

There are other means they could read your email, such as key loggers and stealth screen recorders, but those clearly have their limitations. For instance, they could likely legally record the keystrokes of an email you typed, but they could not break into your gmail account after getting your username and password without getting into legal issues.
radix is offline   Philippines
0
Reply With Quote
      12-31-2011, 08:56 AM   #13
radix
there's something different about him
 
radix's Avatar
 
Drives: -
Join Date: Feb 2008
Location: -

Posts: 896
iTrader: (0)

Quote:
Originally Posted by Devestator View Post
I have been at my job for over 5 years. I search all types of stuff all day long at work. No porn but things like lamebook or failblog (4 CHAN) certain websites that are probably not appropriate for my job. (Stock broker at a major firm). Does anyone know how red flags are drawn? NO one has said anything to me. When I am bored I am on the internet since I cant leave my desk. Any opinions??

I'll put it to you this way. Everytime you initiate a connection to another machine, it could easily be logged via several mechanisms. The first is a web proxy. The second is a firewall. For instance, if you go to www.google.com, you'll find that name maps to a series of IP addresses:

Code:
$ nslookup www.google.com
Server:		192.168.100.1
Address:	192.168.100.1#53

Non-authoritative answer:
www.google.com	canonical name = www.l.google.com.
Name:	www.l.google.com
Address: 74.125.225.82
Name:	www.l.google.com
Address: 74.125.225.81
Name:	www.l.google.com
Address: 74.125.225.83
Name:	www.l.google.com
Address: 74.125.225.80
Name:	www.l.google.com
Address: 74.125.225.84
Every connection you make to a machine has two endpoints called sockets, one on your side, and one on the other side. Each socket consists of an IP address and a port. In the case of HTTP (web), it's port 80.

In order to get to www.google.com you will likely have to traverse several networks, and ultimately be routed out a forward facing machine that is connected to the internet.

Each step of the way that a packet destined to www.google.com port 80 from your workstation traverses, there is the potential that it is logged by the device that routes the packet (e.g. firewall/router [technically firewalls are routers, but whatever]).

If your company uses a web proxy, then there is also that to deal with. In this case, they could potentially also view the cached page that you visited.
radix is offline   Philippines
0
Reply With Quote
      12-31-2011, 09:14 AM   #14
blue dragon
Lieutenant
 
Drives: E46 M3
Join Date: Jul 2010
Location: Canuckistan

Posts: 412
iTrader: (0)

I'm a network engineer at a financial institution, the answer is yes if any of the following conditions are met
1. Your browser is configured to use a proxy server to access the internet (this will track where you have been)
2. You go through a content filter such as blue coats (this can be transparent to you, and again, will track where you have been. Blue coats can even do SSL proxy, so that the company has access to anything you visit over https, which is normally encrypted.

3. You go through a firewall which does deep packet inspection with the ability to do packet captures.

The financial services industry is so regulated, that I wouldn't do anything like that from work.
__________________
blue dragon is offline  
0
Reply With Quote
      12-31-2011, 09:20 AM   #15
Dvdman
Captain
 
Dvdman's Avatar
 
Drives: 2008 BMW 335 XI
Join Date: Aug 2009
Location: Chicago, IL

Posts: 905
iTrader: (2)

Great info guys thanks!
Dvdman is offline  
0
Reply With Quote
      12-31-2011, 10:58 PM   #16
radix
there's something different about him
 
radix's Avatar
 
Drives: -
Join Date: Feb 2008
Location: -

Posts: 896
iTrader: (0)

Quote:
Originally Posted by blue dragon View Post
I'm a network engineer at a financial institution, the answer is yes if any of the following conditions are met
1. Your browser is configured to use a proxy server to access the internet (this will track where you have been)
2. You go through a content filter such as blue coats (this can be transparent to you, and again, will track where you have been. Blue coats can even do SSL proxy, so that the company has access to anything you visit over https, which is normally encrypted.

3. You go through a firewall which does deep packet inspection with the ability to do packet captures.

The financial services industry is so regulated, that I wouldn't do anything like that from work.

You're absolutely right, but bluecoat is hardly transparent in the sense that it's easy to check for.
radix is offline   Philippines
0
Reply With Quote
      01-04-2012, 02:24 PM   #17
NewNole2001
Banned
 
Drives: 2012 E93 328i, 2015 F8
Join Date: Nov 2011
Location: North Fla

Posts: 172
iTrader: (0)

Quote:
Originally Posted by blue dragon View Post
2. You go through a content filter such as blue coats (this can be transparent to you, and again, will track where you have been. Blue coats can even do SSL proxy, so that the company has access to anything you visit over https, which is normally encrypted.
Are you saying that using blue coat they can peer inside my SSL+TLS packets? As in read decrypted contents?
NewNole2001 is offline  
0
Reply With Quote
      01-04-2012, 02:46 PM   #18
blue dragon
Lieutenant
 
Drives: E46 M3
Join Date: Jul 2010
Location: Canuckistan

Posts: 412
iTrader: (0)

^^ If they are doing SSL proxy, then yes. Lets say you are connecting to a bank, instead of the connection being encrypted all the way to the bank, its decrypted at the bluecoat, and then re-encrypted to the bank.

Have a look here
__________________
blue dragon is offline  
0
Reply With Quote
      01-04-2012, 02:47 PM   #19
NewNole2001
Banned
 
Drives: 2012 E93 328i, 2015 F8
Join Date: Nov 2011
Location: North Fla

Posts: 172
iTrader: (0)

Quote:
Originally Posted by blue dragon View Post
^^ If they are doing SSL proxy, then yes. Lets say you are connecting to a bank, instead of the connection being encrypted all the way to the bank, its decrypted at the bluecoat, and then re-encrypted to the bank
Damn, good to know for when I'm in the office. Lucky for me, I mostly work from home.
NewNole2001 is offline  
0
Reply With Quote
      01-04-2012, 05:01 PM   #20
ttam
Major
 
ttam's Avatar
 
Drives: Chevrolet movie theater
Join Date: Nov 2010
Location: SoCal

Posts: 1,094
iTrader: (19)

Garage List
2009 328i  [3.17]
Quote:
Originally Posted by blue dragon View Post
I'm a network engineer at a financial institution, the answer is yes if any of the following conditions are met
1. Your browser is configured to use a proxy server to access the internet (this will track where you have been)
2. You go through a content filter such as blue coats (this can be transparent to you, and again, will track where you have been. Blue coats can even do SSL proxy, so that the company has access to anything you visit over https, which is normally encrypted.

3. You go through a firewall which does deep packet inspection with the ability to do packet captures.

The financial services industry is so regulated, that I wouldn't do anything like that from work.
About 3 years ago, I was able to easily circumvent any tracking done by my companies Blue Coat appliance. Dont know if Blue coat ever found a way to MiM SSH traffic
ttam is offline   United_States
0
Reply With Quote
      01-04-2012, 10:39 PM   #21
blue dragon
Lieutenant
 
Drives: E46 M3
Join Date: Jul 2010
Location: Canuckistan

Posts: 412
iTrader: (0)

^^ That can be blocked on the firewall. Not only can you block tcp/22, you can block the protocol going out on any other port. Remember there is a protocol identifier field in the tcp header, that a firewall can see
__________________
blue dragon is offline  
0
Reply With Quote
      01-06-2012, 02:53 PM   #22
F82_SID
Brigadier General
 
F82_SID's Avatar
 
Drives: 2011.5 MR/BB E92 M3
Join Date: Jan 2008
Location: Denver, CO. USA

Posts: 3,127
iTrader: (2)

Another way you might be able to get around the security if you really wanted to is to connect remotely to your home pc via a service like Go To My PC and then browse what ever sites you want on your home PC through the remote connection.

I am an IT Security Engineer too and plenty of my colleagues do this.
__________________
2011/E92/M3/MR/BB/ZCV/ZP2/EDC/2MT
F82_SID is offline  
0
Reply With Quote
Post Reply

Bookmarks

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 03:53 PM.




m3post
Powered by vBulletin® Version 3.7.0
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
1Addicts.com, BIMMERPOST.com, E90Post.com, F30Post.com, M3Post.com, ZPost.com, 5Post.com, 6Post.com, 7Post.com, XBimmers.com logo and trademark are properties of BIMMERPOST