Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

how to find out gmail chat by analysing network traffic 1

Status
Not open for further replies.
sirbijan

sirbijan

Technical User
Jun 8, 2006
16
IR
I dunno if it's the right question in here, but because it's so broad (almost related to all layers of OSI model!), I'm bringing it in here. If I'm writing in the wrong place, correct me please.

a friend of mine is working in an ISP, the CEO has banned all forms of chatting. She has an gmail account, and as you might have seen, gmail uses an ajax powered chat client, that when you sign into your mail box, it gets activated. One day this damn CEO was analysing his traffic somehow, and suddenly told my friend that you've been chatting on gmail. What I'm asking is that can you just tell if somebody is chatting by gmail by a simple port scan? I mean when you log into gmail, you implicitly get connected to the chat server, ok, but the thing is that a port dump can not show if you are really chatting with somebody, or just merely connected, but you are not chatting, just connected to the server. After all this is what a chat server is about, you don't directly connect to the computer of your chatting friend, you're both connected to a sort of database (which is the chat server saving the messages), am I right?

If you were the admin, what ways did you know to find out if she's really chatting? I mean not by installing a camera in her room or having a program instaled on her work station to take pics and stuff, just by networking methods.
 
Sort by date Sort by votes
You can't analyze traffic with a port scanner, no. But you can with Ethereal, and any IDS system does it automatically. Chances are this guy is using some kind of SNORT based IDS.

Sounds like your friend should stop checking their personal email at work, or use a browser-based utility. We also frown on personal email activity, it's a major source of infection.
 
Upvote 0 Downvote
I haven't looked at the gmail protocol in particular, but in most of the web-based chat protocols, you can tell what service the user is using by the URL, so any proxy server would log the URLs and be easily searchable. Most places use a proxy (many of them transparent) because it reduces the load on the Internet connection substantially. Logging is a pleasant side-effect.

Generally the login URL is substantially different that each chat session, so filtering out who had simply logged in, and who had engaged in an actual chat session should be pretty trivial.

I have to agree with LawnBoy though. Your friend is far better off just not logging in to gmail in the first place.


pansophic
 
Upvote 0 Downvote
thank you ppl. I don't have much experience, but from what you said it seems it's totally traceable.
Yes, I think the same, she should stop using gmail! BTW she's using a browser based utility (gmail chat frontend is ajax, i.e. browser base) and I still couldn't understand why they can't put a difference between using gmail and chatting!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Vedant Gonnade
  • Locked
  • Question
How to send a string (generated by camera) to computer
Replies
0
Views
271
Vedant Gonnade
Vedant Gonnade
joserodriguezan
  • Locked
  • Question
Looking for a free software application to recieve SMNP alerts.
Replies
0
Views
272
joserodriguezan
joserodriguezan
tpicon
  • Locked
  • Question
Need to know MAC Address??
Replies
0
Views
271
tpicon
tpicon
SamBones
  • Locked
  • Question
/32 Network Address? 1
Replies
3
Views
103
Arsh Sharma
Arsh Sharma
TheFaz_
  • Locked
  • Question
Sending udp packets from fpga to the computer using Lwip tcp/ip stack using C programming
Replies
0
Views
286
TheFaz_
TheFaz_

Part and Inventory Search

Sponsor

Back
Top