AOL IM 1

[StoneColdphoneman]

HI to all quick question

I’m using AOL IM at work is there a way that my company can see what comes across the IM can this be monitor.

Thanks in Advance

 

[jimbopalmer]

if you are using company equipment, they can see whatever they wish, it is only a matter of desire. Should that bother you, simply do not use company equipment.

I tried to remain child-like, all I acheived was childish.

 

[freakyone]

True That. Your company can ( and has the legal right to) monior anything that happens on it's network or equipment. It all depends on how far they want it monitored and how restrictive the company PC use policy is.

~Dave~
Where do packets go when they die ?

 

[Grenage]

And what you sign when you get there, there are so many laws regarding this now

But yes, your companies equipment so use it as your company directs

 

[CodeDeficitDisorder]

Yes. They can see everything. They can see how long that you have been using it too.

 

[Provogeek]

AOL IM uses the HTTP protocol, and the data is in clear text. IF your company employs a sniffer of some type and is capturing packets, they can piece together a complete conversation you have using AOL IM.

If a sniffer is not being used, and you do not log your AIM conversations, then all they know is your using it, not what you have been talking about or exactly how long.

To be able to know how long or what your talking about on IM, the company would need to employ some type of logging. Normally you only see this kind of network monitoring activity in companies that deal with sensitive information. The equipment to monitor this type of activity is expensive in most cases, and requires man hours to operate. So before a company does it, they first need to justify it as a business need.


Brent Schmidt CNE,Network +

 

[manarth]

provogeek - any company can monitor usage, whatever the company size: even a small company can use a free VNC / Back Orifice type program to view what the client PC is doing. It's up to the company how much time / effort / money they want to invest in controlling "unathorised" use of their machines.

Just because a company isn't big, and doesn't have the money to afford expensive logging software, doesn't mean they're not watching you. All it takes is a suspicious boss, and you'll be spied on whenever they want.

<marc> i wonder what will happen if i press this...[ul][li]please give feedback on what works / what doesn't[/li][li]need some help? how to get a better answer: faq581-3339[/li][/ul]

 

[DelphiCoder]

provogeek- aim absolutely does not use http for messaging. it used a proprietary protocol called OSCAR. its hex-based but the ims are still plain text.

 

[Provogeek]

http://aimdoc.sourceforge.net/OSCARdoc/

;from section 7:
The text of a message is usually in the form of an HTML-like encoding that AOL calls &quot;text/x-aol-rtf&quot; (MIME format notation). For all intents and purposes, it's a subset of HTML. But, just like with HTML, you don't have to use HTML to be HTML. Sending straight ASCII text works just fine as well. The AOL-sourced AIM clients always use HTML even if you don't type or use any. They will usually append at least the <HTML>, <BODY>, and <FONT> tags (and their appropriate closing tags) even if you didn't intend to use any. The server does not touch the message at all.



=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
Provogeek
CNE Network+ Experience

Certified nut case

 

[DelphiCoder]

you insult me. http is not used. html is used.

 

[Provogeek]

insult? huh?


Just got my acronyms goofed up, and was just posting were I got my info from


[sub]PCMCIA = People Can't Memorize Computer Industry Acronyms[sub]

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
Provogeek
CNE Network+ Experience

Certified nut case

 

[shrubble]

VNC is a beast; I often ghost into users machines for pretty mundane reasons, but I see every keystroke, no matter what they're doing...

-Shrubble

http://www.ishrubble.com

 

[freakyone]

2 People have been fired @ my job since I last posted in this thread for internet use/abuse. Aparently IT was spying on them w/VNC.

~Dave~
Where do packets go when they die ?

 

[shrubble]

I've got a real problem spying on people, it makes me feel like a dirtball. When I took this gig, the old Admin was like &quot;...after everybody left, I went around and installed VNC on all of the workstations...&quot;

I use it to install new printer drivers, stuff like that, but usually I prefer to walk over to the workstation myself.

-Shrubble

http://www.ishrubble.com

 

[freakyone]

Don't get me wrong. When I stated that the IT Dept was &quot;spying&quot; on my x-co workers I mean they were only doing their job. My company has a decent internet usage policy and they do make it clear what you are/are not allowed to do. I was not slandering IT personel. The people that were let go were &quot;flagged&quot; by specific types of traffic on the network and were therefore monitored.

~Dave~
Where do packets go when they die ?

 

[kewlmoo]

Where can a system admin get a copy of VNC?

 

[manarth]

the vnc system is GNU...
type &quot;vnc&quot; into google and you will find rather a lot of places to download it (for free).

<marc> i wonder what will happen if i press this...[ul][li]please give feedback on what works / what doesn't[/li][li]need some help? how to get a better answer: faq581-3339[/li][/ul]

 

[shrubble]

I didn't mean to sound like I was taking it personally (my bad). If an IT person needs to monitor someone, then they should... it just seems to me sometimes that spying on users while they're screwing off is the way that IT people screw off, like some weird kind of voyeurism or something.

I think this topic needs its own thread!

-Shrubble

http://www.ishrubble.com

 

[bcastner]

There is a good IT ethics Forum on this site.

 

[trent1980]

does anyone know a good packet sniffing/analyzing software package that can take the packets, pull out chat packets, and create a log?

--spying is lame, we just have to implement this to be SEC compliant or i have to kill chatting at the firewall level