how to know that your boss is spying on your pc?

i recently saw an article somewhere that says that a lot of times a boss can spy on your computer which only an expert can figure out.normal people will not be able to track the spying application even with antiviruses.

i was wondering how you can know that you are not being spied on,especially if it is your own computer that you bought.

Any experts here?

 

Log in or Sign up to hide all adverts.

if its your own computer contact the computer crime squad because its a breach of the privacy act (at least here) for private computers to be taped except by warrent.

 

Log in or Sign up to hide all adverts.

Commit several illegal acts online, including offering for sale pornographic pictures of your bosses partner. If you are not arrested or at least questioned by your boss then you are probably not being spied on.

 

Log in or Sign up to hide all adverts.

You really can never be sure today. With all the ways to hack into a PC I would think there's a way to view whatever you do.

Please Register or Log in to view the hidden image!

 

Presumably only you would ever have used it and you would have left it password protected for when you are not there. Also you wouldn't have let anyone else load any software on it and any you loaded you would have checked out.

A central broadband link can be monitered, but as soon as you unplug, gone.

 

are you saying your home PC?...

the system you have at home?... you're worried your boss is somehow 'magically' spying on you at home?...

or did you buy the PC you use at your place of employment?...

 

Your boss doesn't need access to your PC to spy on you, all he would require is the ability to packet scan. Now this isn't a breach of privacy if the boss is Packet scanning his companies computers at his works in an effort to stop industrial espionage or slacking off.

They could even place monitoring software on the PC as long as it was a company system not owned by the employee, otherwise they can only monitor their network traffic.

 

depends on the country stryder.

for instance monitoring personal calls at work is against the law here even if they are company phones

now i went for a job at the SA ambulance call center and they told us that all phone calls are recorded (because all 000 calls must be recorded) however if they are going through the tapes and they hear its a personal call they just skip it. there is also a phone which is compleatly un recorded for outgoing calls in the staff room. now no this isnt ideal but because of the requirements on emergency services they dont have another option. for non emergency services this would be a breach of the privacy act.

oh a fun point, computers at SAAS all have foxtell on them so that the call takers can watch the cricket or other TV shows, they have internet access (un monitored) so that people can do whatever they want. i love the ambulance service

Please Register or Log in to view the hidden image!

 

Spying is probably the wrong word. The boss HAS the right to control what the employees do with their computers...

 

My company monitors bandwidth usage...if you try to download something or stream video, you'll get a call from the IT dept very quickly wanting to know what you're downloading.

Two of our employees were romantically involved, and were fired recently because they used company server to email each other naked pictures of themselves. Just the amount of traffic between two non-related departments raised red flags.

 

What a gestapo workplace you have there...

 

The bandwidth monitoring is purely to keep the wheels of production running. Everything is web-based, and since were a small company, we don't have the fastest system in the world. I can bring system down to a crawl, if I download too many drivers at the same time. We're a computer recycling company, so all our systems are a few years old...we have a saying "we eat our own crap"

Please Register or Log in to view the hidden image!

 

blah blah blah.

No one answered your fuckin question.

You don't want to know if it's legal, nice or even justified to spy on what you do. You asked how to find out.

So:

Start->run-> "CMD"

at the dos prompt type netstat -a

You get a list of EVERYTHING connected to your computer Via the network connection. The Foreign Address is the goods here - most companies name computers by the persons name or Network ID(especially if they are spying on you). Look for your boss's name or IT. Then investigate each or all if you are really paranoid.

Type ipconfig you get your own IP address, so you can eliminate 75% of the list. Some stuff will be connected to "Yourself".

Next ctnl-alt-del and bring up task manager. Go to Processes tab and take a look at each process - if there is no description - google it.

You can take a look in the registry for start up programs and see what is there. I won't tell you how because you can fuck up your computer in there. Look up how on google and learn for yourself so you don't screw it up.

There is not much you can do if you browse the internet using work's network/routing. They are allowed to monitor that(to a certain degree- depending on state/country). You cannot know what they monitor unless you yourself get a peak at the firewall/routers. If you really need to surf some nasty shit at work, go ahead and allow RDP sessions to your home computer and connect to it via work. Then go nuts. The RDP session might show up too(but it a LOT more subtle than direct page browsing) - but they might admire your moxie and you will be saving them a lot of bandwidth that way anyway.

You didn't ask, but....If you find out they are spying on you, you have many options:

1) Screen spying is, fucking illegal, everywhere. If you did not get asked a question "do you want to allow (your bored, micromanaging, boss) access to your program/desktop", then it is illegal in any nation that has basic human rights of privacy.

2) Keystroke logging is actually criminal. You are Legally obligated to report anyone using this. In fact, I.T asking for you password is not allowed. It happens at a lot of places and is overlooked. Many people have the same passwords at work at home at bank etc. Most countries and states - NOT ALLOWED to even ASK.

3) Monitoring e-mail is allowed in most states/countries. The email is usually stipulated to be for WORK purposes only. If they forgot to do this, or allow "incidental" use - well then they are no allowed to monitor it, but can easily say they accidentally saw something through a bunch of ways (Bandwidth usage etc)

4) Monitoring internet is same as email.

5) Oh yeah if you hit a web page and it said "Site is blocked by the admins" or whatever - they WILL notice that hit and that is not spying. Most places only notice IF you try to hit nasty sites and or "Political, Religious, anything the corporation doesn't want people to argue about at work".

6) Personal opinion - Any Boss that spys is fucking useless at his job. If he/she doesn't notice your not pulling your weight without spying, they are not worth working for no matter what. If they have a problem with your usage they will tell you. Then you can tell them to fuck off and work for someone with some better morality. Or maybe you are a total deadbeat and need to get caught - and you will, one way or another.

If you are in the states you need to check local state laws for the rules. Having worked for companies that operate in U.S and Canada I have gotten into MANY an argument when they try to get me to spy on people in Canada. U.S employers are typically allowed to do all kinds of ridiculous things to employees. Kinda like making people take a piss test or running a financial check to see if they are in enough student debt to suggest they will work their ass off(I shit you not I've seen American companies do this).

 

nietzschefan is right, they are required by law to tell you if they monitor your system because if for instance you use your work computer to do any banking they have commited a crime if they monitor the conection

as i said the same goes for phones, if its going to be recorded they have to have a specific reason (for instance your working for an emergency service and they have to by law record all the calls) and tell you

the same also goes for video'ing staff, they have to by law be informed

 

Like I mention previously Bosses might spy for other reasons than just to catch freeloading employee's out, there might be people doing industrial espionage or "outsourcing" things that in turn undermine confidentiality agreements.

As for running Netstat, not all operating systems have Netstat. I'm sure the cut down version of XP (Home) and Vista (Basic) doesn't, could be wrong though.

 

I just tried the netstat thing to see if I could find my college tracking things (I'm at a dorm at the moment and on the university ethernet). About half the connections have a foreign address at my own machine, the others have asterisks-dot-asterisks for the foreign addresses and no listings for states. IP addresses show up though. Are these potentially addresses of college computers and if so, how can I ID them?

It's just kinda neat to figure this all out. My older college had a download/upload capacity limit that reset every 24/hours that we found could by bypassed by changing the MAC address every time you hit the limit. I dunno, figuring this stuff out's just interesting, never hurts to know how to do this, ya know?

 

It could be used to gather evidence for wrongdoings, that the employer can use in court. Or it could be simply used as a preventive tool. If the employee thinks that his boss can see what he is doing and did, he is less likely to do stuff the boss doesn't want him to do.

Anyhow.

The best way to detect spying software is by using an advanced process explorer (the standard one doesn't show everything, and is not very detailed on the processes. I sometimes use one that is called "daphne"). An advanced start up explorer (I use autoruns) also helps if you want to try and remove the software. Autoruns looks everywhere, because there are many places that can start a file automatically, many of which are invisible to msconfig. There is also the possibility that there is a hardware keylogger, in which case, there probably is a small usb stick kind of thing between the computer and the plug of your keyboard. However if you want to be totally sure you'll have to use your own keyboard.

If they are packet sniffing, you can not find it out (nor can any expert) if the packet sniffer is totally passive. But many packet sniffers are not totally passive, and there is some anti (non-passive) packet sniffing software out there, that lets you detect and trace packet sniffers. There are many commercial tools that do this that cost a lot, but there is also a good open source one, however I forgot the name. Note that, packet sniffers can only spy on your traffic, that you send to other computers. They can see which websites you are visiting for example.

To totally make packet sniffers useless, you can use encryption. There are a few possibilities:
1) encrypted proxy (usually costs money unless you can host it yourself)
2) vpn (fairly simple to set up, even with windows xp. This sends EVERYTHING that you do on the internet, encrypted, to your home network, in fact it will be as if you are in your own network at your home)
3) some websites have SSL capability. If they have it, you can usually use it by adding a s to http, so http://sciforums.com will become https://sciforums.com. However that won't work I think as sciforums doesn't support SSL.

 

All employers of any size monitor all activity on their corporate PCs and networks.

It's been this way for years, some of you are VERY naive.

 

I know that this is not true because I know several people that run small businesses, that have no idea what packet sniffing is. They are not that security aware.

 

It's obvious that with SME's (Small to Medium Enterprises) that bosses would more likely see the shift in regards to lack of productivity and have less need for spying. In the larger corporations though people do attempt to slip through the cracks in the large corporate entity and this is why the shareholders/stakeholders tend to go about trying to make sure that their business is running efficiently because at the end of the day it's there money that other people are messing with.