spying on spouse

[Tiger Shark]

I'll bite:-

On the first point regarding you being a liar. If you are a PI then you should be a suspicious SOB that thrusts nothing on face value. Then you need to think too. Because you have to know that a bunch of computer security geeks are going to be suspicious SOB's that don't take anonymous **** on the internet at face value. If you aren't a PI, you would have to think that a bunch of computer security geeks would be familiar with a PI's work, repsonsibilities and legal obligations.... In short, if you need help... be honest... We don't care about "lame" or "noob" questions... We _really_ care about people trying to play silly games with us.

To your problem, (based on your last version of "the truth"). You are a government employee that has a wife that is a bitch who has sent you a keylogger via email that you were *cough* dumb enough to click on knowing that she is a bitch.... ahh... we'll leave that alone for now.... and you want to know if the mail can be traced, the keylogger found and the culprit located?

That's my reading of it.... The answer is an emphatic yes on all counts depending upon the quality if your IT staff. Granted, the IT staff in local government are not usually the stellar kind you find elsewhere but don't be decieved... just because the dumbass there today isn't the sharpest knife in the drawer doesn't mean that all the systems required for the "investigation" aren't there and functioning perfectly because his predecessor had his **** in one pile.

I say it in that fashion because, being the suspicious old SOB I am there is a high probability that you are trying to socially engineer us into telling you how you might avoid detection if you were to try this on your poor "bitch" of a wife.....

Again, in short.... It all depends on the quality of the IT staff and the mechanisms they have in place, (and, frankly, their interest in your "plight"), as to whether they can detect and trace this if you are, indeed, the victim, or you can trust nothing and no-one if you are the attacker.

This might not seem to be particularly helpful. It is if you read it thoroughly. It is deliberately not precise since, were you the attacker, I wouldn't want you to begin to understand the techniques you might use to try to hide your activity.

Go speak to your IT staff. Tell them that you believe you might have screwed up and allowed your bitch of a wife to install a keyogger on your computer and that now she can see all the local government business you carry out on a daily basis. Then duck!!!

[ZT3000]

(note: I may get some hate mail but I simply cannot resist )

Today, on the Jerry Springer show, we have a wild story about a suspicious and possibly justifiably angry but covert wife who has concocted a bold, daring and ill advised plan of sending a stealth logging program completely out in the open via everyday garden variety email to an unsuspecting, hot to trot, giddy with love and *cough*cheating*cough* husband whose seemingly chowder headed workplace admins couldn't sniff a bomb if it was under them, let alone setup a successful email scanning and attachment prevention policy.

According to our show producers, it all started when James the swell husband was last seen innocently, maybe even feverishly clicking on a hot new email taunting the forbidden XXX title.
Unbeknownst to him, his wife Beverly was behind that email, where she released a cunningly crafted (okay, purchased) stealth key logging program that not only revealed her husband's activity but also revealed her husband's sexual bias with graphic photos! Unfortunately for her, he later found that email and downloaded the program to a jump drive intending to reveal her plans to authorities, but... not before he accidently lost the jump drive at work (with his name on it) which was picked up and examined by employees in his firm.

Shocked and confused with his animalistic passion, she promptly filed for divorce citing the evidence she had stealthly collected and then came to our producers with this story.

Now this may be a bit boring to our audience, but get this ...the email was sent to his workplace which is a high level government security firm and those employees who found the jump drive were actually undercover agents who started linking him to some recently stolen funds! So now the Feds are involved and we here at Jerry Springer are not sure who can or who should sue OR even if anyone is going to jail.

So today we've brought in an AntiOnline expert to give us some insight and later on, we'll introduce you to the fighting couple plus we've even brought in the two bumbling network admins.

Stay tuned, we'll be back right after the break.....

[tinkerbell69]

Well, I wouldn't necessarily duck. Like I said before, what kind of a dumbass admin for a government agency would freely allow its users to download attachments and install programs??? This is like Security 101.

[tinkerbell69]

Do you truly believe that half of your audience will even understand this?? A "stealth logging program sent over an open email " to a "workplace admins couldn't sniff a bomb if it was under them, let alone setup a successful email scanning and attachment prevention policy" that later on was "download by the husband to a jumpdrive". I HIGHLY doubt it.

So now the Feds are involved and we here at Jerry Springer are not sure who can or who should sue OR even if anyone is going to jail.

The husband is going to jail...the wife is going to jail...the admins should be fired...simple.

JERRY!JERRY!JERRY!

So those stories are true?
They look so fake.

[Tiger Shark]

Tinks... Darling... How are you?

what kind of a dumbass admin for a government agency would freely allow its users to download attachments and install programs???

Lot's actually... .zips can auto-execute but they are a common file format sent through email with no malicious intent. .mdb files can use VBA to do almost anything to the target machine but many admins allow them through because they are "required". That's without thinking about it.

Then we move on to the competence/time available issue.... Many admins don't have the resources or the knowledge of how to block these attachments permanently or to prevent the user from executing them while still allowing the user to do their job. It's a hard balance sometimes.... Do I spend five hours working out how _not_ to make the user an admin of the box so they can run program X or do I spend 30 seconds making them an admin, trust them not to be dumb, and go and fix the CEO's box because he's whining like a 9 year old?

Security 101 it isn't.... You wouldn't need to duck if you walked into my office.... because it won't get into my network in a "normal" file that is potentially executable.... It got in another way and I couldn't blame you for it... Because _I_ let it in.... But elsewhere, I'd duck if I were you.... You just made the admin look bad.....

[dinowuff]

Originally posted here by whatthe
Apparently everyone likes a juicy topic on a Friday afternoon....let loose a little IT stress before you go home.

This thread was like playing whack-a-mole.

Cheers .... the weekend begins.

Correct! But I'm home now and still in awe.

raindarkblue

You installed a keylogger on your workstation?

This is worse than Jerry Springer. YOU are why we admins call users STUPID USERS! Go to your IT department and tell them what you did. Go home and post your resume on monster.com

Don't give your spouse the email address at your new job.

Rethink your relationship.

Hope your current system admin / network admin is not a Bastard like me.

/me had bad week and posting with three vodka cranberry under belt

[nihil]

Hmmm...............it seems that the story might have taken another twist?

Out of idle curiosity I thought I would take a look at Spectorpro and see what it could do

Here is their site:

http://www.spectorsoft.com/products/...asp?refer=5988

I only read it quickly but it seems to me that:

1. It requires local physical or LAN installation (NOT via e-mail)
2. The results can ONLY be monitored locally, or over the LAN

OK it will send an e-mail if it detects a keyword, but that is only to tell you that something has fallen into the trap................

Is anyone thinking what I am thinking?.....................................

Cheers

[cdkj]

oh dear not again

[morganlefay]

Tiger has made good points about allowing certain attachments in via email.....as alot of business transfers data via email.

And about local user privledges...Maybe they have the rights on thier machines...but have very limited rights on the network...I can think of a couple of sites where upper management has no access to anything ... all there data is sent to them via reports....
and they do whine........


personally ...I would duck....
.
specially if Tiger was the admin

I have heard bout redheads and thier tempers

MLF

[XTC46]

nihil has an interesting point. Looks like our friendly untrusting spouse is being monitored by her admins. lmfao...you lose.