Is it possible the "IT GUYS" at work can see aim convos?

[dalearyous]

basically i am working at a place where everyone used aim to communicate. there is a fairly expensive server and security setup and i know the server is running windows server 2008 and there definitely are firewalls etc... because certain websites are blocked.

is it possible they could see the conversation being had in aim? i know they could look and see that aim is running because it uses certain port and protocol but could they actually find out what the conversation says?

obviously yes if aim is setup to log all the conversations but in a fairly standard office environment is it possible?

 

[bencho]

Wireshark can see the port and protocol easily. As for piecing them together and rebuilding the conversation, it's certainly possible. I don't know what proggie can do that.

 

[dalearyous]

yeah knew that but not probable. IT guys are a joke

 

[Ockie]

The real issue here is that if you don't want anyone to read your conversations and it's not work related.. it's best to keep it out of the work place. IT can see anything and everything, plus, if you have signed any agreements joining the company, you most likely signed over the right that they can search your system with or without your knowledge.

 

[Version_3]

if you don't want anyone to read your conversations and it's not work related.. it's best to keep it out of the work place.

+1

use your phone for IM if you have that ability. Keep it off the computer.

 

[bencho]

Ockiet - Agreed.
dalearyous - Disagreed. IT guys are not a joke...

 

[dalearyous]

they aren't a joke...the ones here are, that's what i meant.

 

[Dan_D]

It is extremely possible. I used to do it all the time when management asked me to at one of my old jobs. We caught one guy using AIM to set up times and quoting prices for sexual favors to young men.

 

[dalearyous]

It is extremely possible. I used to do it all the time when management asked me to at one of my old jobs. We caught one guy using AIM to set up times and quoting prices for sexual favors to young men.

woah! nothing like that is going over aim, we just shoot jokes back and forth

 

[Dan_D]

woah! nothing like that is going over aim, we just shoot jokes back and forth

One particular individual was busted three times for downloading gay porn using company equipment. He then was busted one more time for downloading porn involving people of "questionable" age. It was when he was caught soliciting acts of prostitution using the company E-Mail server and using the company issued laptop with an unauthorized AIM client that he was finally terminated.

The freak job further embarrassed himself by picking up his last pay check dressed in drag.

 

[Ockie]

One particular individual was busted three times for downloading gay porn using company equipment. He then was busted one more time for downloading porn involving people of "questionable" age. It was when he was caught soliciting acts of prostitution using the company E-Mail server and using the company issued laptop with an unauthorized AIM client that he was finally terminated.

The freak job further embarrassed himself by picking up his last pay check dressed in drag.

lol, sounds like a winner there.

 

[vischo]

IT knows all.

 

[Dan_D]

lol, sounds like a winner there.

At that particular job I encountered a ton of whack jobs like that guy. Though he was one of the worst ones he was far from the only one we had to spy on and deal with. Another good one was the security guard that went around at night to different systems (why he even had a log on was beyond me) and he spent time downloading and watching porn during his shift. Among the highlights were videos including transexual grandmothers, midgets with horses (no I'm not kidding) and bukkake videos.

Another individual was busted with two videos I've unfortunately never forgotten. In one video a naked man puts on some clear vynl shorts and then shits inside the shorts (the shit is of the liquid variety), then he proceeds to move the feces all over his genetals through the shorts. Another particularly disturbing video was a self-castration video.

 

[cooter]

One particular individual was busted three times for downloading gay porn using company equipment. He then was busted one more time for downloading porn involving people of "questionable" age. It was when he was caught soliciting acts of prostitution using the company E-Mail server and using the company issued laptop with an unauthorized AIM client that he was finally terminated.

The freak job further embarrassed himself by picking up his last pay check dressed in drag.

You don't have to tell them everything about me.

 

[Ur_Mom]

There are ways to see IM chats. I think even pfsense (or another one of the major *nix/BSD based firewalls) has an option to log them out of the box.

It's not that difficult. I caught my wife chatting to other dudes when I worked for an ISP and she was on dial-up. Not hard at all!

 

[Madnes5]

basically i am working at a place where everyone used aim to communicate. there is a fairly expensive server and security setup and i know the server is running windows server 2008 and there definitely are firewalls etc... because certain websites are blocked.

Decent chance that the same software that is filtering websites for your company is also capable of filtering and monitoring IM conversations. Your IT department can be incompetent and still have this set up very easily.

 

[YeOldeStonecat]

There is plenty of software out there which can monitor/record/playback ANYTHING done on a worktation, and you as the end user will not know it.

I've setup Spector Software at a law firm, records screenshots, e-mails, IM conversations, web surfing, etc etc etc. The network version stores it on a server, depending on how long they want to record back in time...they can watch anything you do today, yesterday, last week, etc.

 

[mmtom]

BlueCoat makes a proxy product that we use. They ('they' being IT Security) can see everything, including SSL traffic. They can filter for certain content and log that content then investigate if need be. So if they see something like ###-##-####, it could be an SSN. It'll get flagged and they'll investigate why it was sent plain text (or SSL if it was sent to a suspicious location) and where it went.

So, if you're using any kind of filtering/proxy product, odds are good that they can see what you're sending.

 

[MrGuvernment]

they aren't a joke...the ones here are, that's what i meant.

How do you know

Im sniffing programs are a dime a dozen these days.

It's not that difficult. I caught my wife chatting to other dudes when I worked for an ISP and she was on dial-up. Not hard at all!

So you caught her cause you were spying on her cause you didnt trust her.... or you jsut dont like her talking to guys

 

[jtg1993]

There are ways to see IM chats. I think even pfsense (or another one of the major *nix/BSD based firewalls) has an option to log them out of the box.

It's not that difficult. I caught my wife chatting to other dudes when I worked for an ISP and she was on dial-up. Not hard at all!

Yup PFsense has a package for doing that exact thing, it is called imspector.

 

[JayteeBates]

I've been working with Specter recently...I logged in saw a list of users and a tab for Chats. Has a log of all chat activity over the last month. One chick was explaining the freakiest places she "fk'd". One place was an animal feed store on the deer corn.

This is not the type of shit to talk about at the workplace. It freaking blew my mind when she asked in another conversation...no one can like read this except us right? Of course the other person said of course no one else can read this...its to small to be bothered recording, think of the millions of people chatting right now no way our conversation could be recorded.

Idiots.

Also chat gold was found in yet another of her logs. I walked in at 9:30 AM Friday (because they have an issue with their quickbooks setup) and at 9:31 she chirped "Man this guy has got to stop coming on Friday's I can't get payroll done when he comes by"

Maybe if she stopped talking about all the places she did it and actually did the payroll it would get done.

 

[swatbat]

One particular individual was busted three times for downloading gay porn using company equipment. He then was busted one more time for downloading porn involving people of "questionable" age. It was when he was caught soliciting acts of prostitution using the company E-Mail server and using the company issued laptop with an unauthorized AIM client that he was finally terminated.

The freak job further embarrassed himself by picking up his last pay check dressed in drag.

Hell I give him credit for coming in wearing drag. Great way to leave an impression.

I've been working with Specter recently...I logged in saw a list of users and a tab for Chats. Has a log of all chat activity over the last month. One chick was explaining the freakiest places she "fk'd". One place was an animal feed store on the deer corn.

This is not the type of shit to talk about at the workplace. It freaking blew my mind when she asked in another conversation...no one can like read this except us right? Of course the other person said of course no one else can read this...its to small to be bothered recording, think of the millions of people chatting right now no way our conversation could be recorded.

Idiots.

Also chat gold was found in yet another of her logs. I walked in at 9:30 AM Friday (because they have an issue with their quickbooks setup) and at 9:31 she chirped "Man this guy has got to stop coming on Friday's I can't get payroll done when he comes by"

Maybe if she stopped talking about all the places she did it and actually did the payroll it would get done.

Yea reading some peoples ims can be interesting. I've had to ims before for companies I've worked for. Some of them get really weird.

 

[YeOldeStonecat]

I've been working with Specter recently...I logged in saw a list of users and a tab for Chats. Has a log of all chat activity over the last month. One chick was explaining the freakiest places she "fk'd". One place was an animal feed store on the deer corn.

ROFL......would be priceless to mention that to her....

"Sooo....been on any animal feed lately? Did that deercorn get soggy?"

 

[Deleted member 12106]

basically i am working at a place where everyone used aim to communicate. there is a fairly expensive server and security setup and i know the server is running windows server 2008 and there definitely are firewalls etc... because certain websites are blocked.

is it possible they could see the conversation being had in aim? i know they could look and see that aim is running because it uses certain port and protocol but could they actually find out what the conversation says?

obviously yes if aim is setup to log all the conversations but in a fairly standard office environment is it possible?

Yes, its very possible. There are so many tools out there that are easily implemented that cost nothing to monitor everything.

 

[Verge]

basically i am working at a place where everyone used aim to communicate. there is a fairly expensive server and security setup and i know the server is running windows server 2008 and there definitely are firewalls etc... because certain websites are blocked.

is it possible they could see the conversation being had in aim? i know they could look and see that aim is running because it uses certain port and protocol but could they actually find out what the conversation says?

obviously yes if aim is setup to log all the conversations but in a fairly standard office environment is it possible?

Logging AIM is ridiculously easy... Takes 1 cisco command.


You are probably fired, sorry.

 

[spacetrader]

what, do you think your cell phone is supposed to be used as a phone? text on that shit!

 

[Dinh]

Doesn't AIM have that security certificate feature for encryption?

 

[JayteeBates]

I'm not sure if it does or not but there are several problems with that. Doesn't stop keyloggers and other methods of capturing the chat. Also do you really think that these people who think they aren't even being monitored would really be able to set up an encrypted chat?

 

[REDYOUCH]

Many companies are required to log all IM convo's and email threads for regulatory compliance. IMSpector, Facetime, Wireshark... there are many different tools that can be used to watch your conversations. Best bet... don't do things you shouldn't on a work computer... And yes, we "IT GUYS" will catch you... we are always watching... lol

 

[Ockie]

I've been working with Specter recently...I logged in saw a list of users and a tab for Chats. Has a log of all chat activity over the last month. One chick was explaining the freakiest places she "fk'd". One place was an animal feed store on the deer corn.

This is not the type of shit to talk about at the workplace. It freaking blew my mind when she asked in another conversation...no one can like read this except us right? Of course the other person said of course no one else can read this...its to small to be bothered recording, think of the millions of people chatting right now no way our conversation could be recorded.

Idiots.

Also chat gold was found in yet another of her logs. I walked in at 9:30 AM Friday (because they have an issue with their quickbooks setup) and at 9:31 she chirped "Man this guy has got to stop coming on Friday's I can't get payroll done when he comes by"

Maybe if she stopped talking about all the places she did it and actually did the payroll it would get done.

Was she hot and if so, do you have her number?

 

[Malk-a-mite]

Possible and depending on where you work a legal requirement.
http://www.facetime.com/productservices/imauditor.aspx
IMauditor can do discovery and match IM handles to the machine they login from and from there it can guess/match to the AD user logged into that machine (workstations not term servers of course).
Not a bad set of features overall but some times it needs a bit of admin help to sort out IM handles it loses.

 

[WesM63]

Yes and easily as others have said.

Heck, I can even re-create VoIP calls amongst other things.