Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: passwords and RAM

  1. #11
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    I'm with Synja on the boobies.... I have my own problems with the flatulence so it has lost it's "glow" for me... Old age sux...
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  2. #12
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Hitler had a flatulence problem. Maybe that's why Tiger is like that....

    By the way when did you want to grab those things off my server? I can copy them over like now if you want.

  3. #13
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Not from here... Fractional T1... PM me their loc and I'll grab the comedy stuff tonight.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  4. #14
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    I don't have a domain so it's just going to be my IP. I'm just going to whack the Slackware anon FTP server into the DMZ so you can grab them and then take it out after you've finished. So when you get home send me a PM to let me know and I'll give you the info. Or I can just give you an account if you'd like. Either way is fine with me, just shoot a PM this way when you get home.

  5. #15
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    Real time password alerting *can* be done with keyloggers and other monitoring technologies. My question is why is the timing important? I mean, unless you are physically standing over the user, the jig is up if you apply your logic to the issue.

    Tiger is on the right track here. Policy wins every time when you play corporate paper rock scissors. I would use a content filter or something of the like to enforce policy. This way, the deed won't be done, you have an audit trail and you also have a way to map the policy violation. Game, set, match.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  6. #16
    Junior Member
    Join Date
    Mar 2006
    Posts
    2
    Here is my problem in more detail. IT runs their world here - forensics backs the company up and provides the hammer for discipline. Sometimes we both play together-sometimes we don't. My instructions are to capture any passwords / logins to web pages that may be inappropriate. (no one saves it to p. storage) They want this acquired from the person's desk PC. If Flatulence Frank hits myspace.com and tries to hook up with a 14 year old --- admin wants his web page login / password recovered from the PC "at his desk". I thought it would be in RAM, but I defer this thought in light of a better solution. thanks.

  7. #17
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    Sooo - why cant you use a keylogger? As long as you put a disclamer informing the user that his actions will be logged - and you have the WS admins/owners permission - it is perfectly legal to install a keylogger.

    Now without a disclamer, logging on to his WS and recovering his password - is very much illegal and I highly doubt that if you are working in a company that is big enough to have a IT Forensics dept that anyone would ask you to do this - and if they did, I'm pretty sure they would ask someone who knows how to do it in the first place.

    However - the logon page to myspace is not a secure one........in-other-words the data will be sent in clear over the network.......voilla!

    But, if the admins doesnt want users to go to myspace - why dont they just restrict access to it?

    //me thinks there is more to your question than meets the eye.........

  8. #18
    Webpage logons are not really stored in RAM per se... It is just a small buffer that gets sent upstream to the site...


    Now, cookies will be stored... but only encrypted so to speak...


    If I am understanding you right... you will need to run remote administration software on the clients for on the fly access. Any cookie you get is going to be encrypted, and any separate keylogger you install is going to require you to either have the keylog in a network accessable location, or require you to physically go to the machine and download it, once again, after the fact.

    THe biggest dilemma you are going to face is getting around SSL, you will have to capture the logon information before it is sent upstream. This means you need some sort of keylogger, once again, preferably as part of a remote administration package. You might even be able to configure something to alert you when certain DNS requests are made, depending on network configuration and the tools you have available.

    Remember, your best option is prevention. Wouldn't it be better not to have employees trying to sex0r 14 year old girls during work hours? Isn't that more of a home thing?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •