how is this being pulled off?

Post by **MidnightSin** » Thu Aug 03, 2006 10:39 pm

I have a bud who was busted at work yesterday surfing on the net.

No big trouble or anything but we have yet to figure out how he got busted yet. so heres a basic rundown of the situation.

He totally reformatted and reinstalled everything on the comp in his lab at work 3 days ago. His pc is not on any local network and its net access is via Xanadoo wireless modem which only sends signal from the modem to the wireless tower 11 miles away. As far as he can tell (and he is pretty computer savvy) there are no programs installed to monitor his surfing in anyway. He cant find a single program on his comp that he himself did not install. But yet he was asked why he went to http://www.mousebreaker.com at 10:30 am 2 days ago.

Only thing we could think of was maybe someone went into his lab after hours with another key to his lab and actually looked back through his browser history. I personally have never had to deal with any monitoring software as I have always had a job where I could surf the net if I wanted.

Any of you guys got any ideas how this was pulled off?

wvjohn · Post by **wvjohn** » Fri Aug 04, 2006 5:10 am

keystroke logger?

b-man1 · Post by **b-man1** » Fri Aug 04, 2006 5:24 am

it's a company ISP? whoever pays the bill could be getting a usage report or easily request one at any time.

.02

Trench · Post by **Trench** » Fri Aug 04, 2006 6:07 am

somebody probably saw him go there.

nexus_7 · Post by **nexus_7** » Fri Aug 04, 2006 8:18 pm

there are plenty of hardware web trackers out there. we have one at work...cant remember the name though. Just hardware that sits between network and internet.

Greg

nitro237 · Post by **nitro237** » Fri Aug 04, 2006 8:57 pm

proxy settings? hidden video camera?

eGoCeNTRoNiX · Post by **eGoCeNTRoNiX** » Sat Aug 05, 2006 4:20 am

Originally posted by nitro237
hidden video camera?

heh.. something about that just doesn't sound right, but possible!

nitro237 · Post by **nitro237** » Sat Aug 05, 2006 7:42 am

Originally posted by eGoCeNTRoNiX
heh.. something about that just doesn't sound right, but possible!

Very possible. I am 100% positive it can be done.

eGoCeNTRoNiX · Post by **eGoCeNTRoNiX** » Sat Aug 05, 2006 9:56 am

Originally posted by nitro237
Very possible. I am 100% positive it can be done.

No No, not doubting it can be done.. I've done it myself.. Just wondering if it's possible in his buddies lab.. Depending on the type of lab, I'd suspect he'd probably have noticed one maybe kinda sorta.. I guess 99% of people who are being watched by one never know it's there though..

eGo

Post by **MidnightSin** » Sat Aug 05, 2006 11:24 am

Ok I talked with the ISP (We have the same ISP) They offer NO type of monitoring at all. He changed the locks on his lab and totally reformatted again. So we will see what happens now. Like I said he isnt in any kind of big trouble over the deal, its just he could find nothing other than what he installed on the machine running and we knew it wasnt coming from the ISP but had to double check. remember this machine is not on any of the companies networks. It has its own wired net connection to wireless modem that only serves that machine and is not connected to any type of router and the ISP wont provide any monitoring services of any kind.

So the bottom line is someone probably came into his lab and checked his bowser history.

IF and when I figure out how they did it. even if its just as simple is someone snuck in I'll let you guys know.

canton_kid · Post by **canton_kid** » Tue Aug 08, 2006 11:12 pm

It has its own wired net connection to wireless modem

Could that be a clue? Is is possible the company or whatever can monitor the wireless part of the system?
Not sure what you meant by that, wireless modem? WIFI, Satalite....?

Post by **MidnightSin** » Wed Aug 09, 2006 12:31 pm

By wireless modem I mean its actuallt wired via cat5 to the comp and has a power cord, but otherwise sends and recieves via wireless signal to a tower at the ISP 11 miles away.

wpublic · Post by **wpublic** » Wed Aug 09, 2006 7:36 pm

what brand/model firmware version is the wireless device the comp is plugged into?

could it be using something like this??
http://www.navini.com/Website/Content/P ... MX_EMS.htm

there is a strong possibility that the device is logging activity and storing it locally in an EEPROM or forwarding the log to another IP or even email address.

Post by **MidnightSin** » Wed Aug 09, 2006 10:02 pm

Yep its the Navini MX modem. It's used by an ISP in our area named Xanadoo. I sold them the modem as our store is a reseller for Xanadoo. I called the ISP and asked them if we offered any monitoring packages for companies that wish to monitor thier employees and they said they did not.

As for software or something else installed on the system we know now for sure that there is nothing as my friend just completly reformatted the system. He alse changed the locks on his lab.

So we'll see what happens from here.