|
-
June 27th, 2007, 11:06 PM
#11
Well, of course, I don't have a wife and I have no clue as to what to do about the relationships.
Anyway as far as the technical perspective is concerned, I would say something like this:
If you are sure that your system does not run a 'keylogger' at anytime, while surfing the sites, I would suggest you to start a HTTP secure conection. I used this trick to prevent my password / ID theft from a cyber cafe which I was sure ran a network traffic sniffer on the server to which other computers were connected. I knew that becuase I had the physical access to the server with a 'guest' account.
A question: can a 'secure SSL' connection be hacked by the network administrator?
Last edited by jockey0109; October 14th, 2007 at 07:44 PM.
"Everything should be made as simple as possible, but not simpler."
- Albert Einstein
-
June 28th, 2007, 01:08 AM
#12
I would suggest you to start a HTTP secure conection
I am afraid that won't work. The issue here is certainly one of physical security as banking details have been compromised and they are secure transmissions.
A question: can a 'secure SSL' connection be hacked by the network administrator?
Yes, but if you have a strong password it would take a very long time. Not the sort of thing you would do if you could easily install a keylogger instead.
-
June 28th, 2007, 01:43 AM
#13
OK I agree, the concern here is the physical security. However there are two ways in which a person could have a physical security breach (in this case):
1> Administrator has the physical access to the machine being used and hence has some babysitter installed on the target.
2> All connections leaking personal data were insecure. The connections may have included the email account access and things as such.
The issue here is certainly one of physical security as banking details have been compromised and they are secure transmissions.
Well, if it is so, how would the info leak at the first place (if the transactions were secure).
Yes, but if you have a strong password it would take a very long time. Not the sort of thing you would do if you could easily install a keylogger instead.
Well, I hope that most people who use a banking account know by some means that they must have a strong password. However I am not sure in this case too ... just a presumption.
@odigohi: How do you know that the administrator is going into your banking details and stuff like that? Are you sure, it is none except him?
Last edited by jockey0109; October 14th, 2007 at 07:46 PM.
"Everything should be made as simple as possible, but not simpler."
- Albert Einstein
-
June 28th, 2007, 02:16 AM
#14
Well, there is one obvious solution that would explain both banking and e-mail being compromised.
That would be the installation of a keylogger on the target machine.
If you install a firewall and demote the network administrator's account that should prevent stuff getting loaded over the network. However there is still the issue of physical access, as they are sharing the same accommodation.
-
June 28th, 2007, 02:20 AM
#15
Hmmm.... I understand it now.
Well, you know Nihil, thats what I like AO for: Availability of Experience of the Experienced ones.
Last edited by jockey0109; October 14th, 2007 at 07:48 PM.
"Everything should be made as simple as possible, but not simpler."
- Albert Einstein
-
July 4th, 2007, 08:05 AM
#16
Junior Member
Having been married for 15 years trust is very important. I suggest you first communicate your frustrations. If you cannot communicate, you should not be in the relationship. Neither business or personal.
Last edited by okos; July 4th, 2007 at 08:07 AM.
-
July 17th, 2007, 01:40 PM
#17
Junior Member
There is one method through which the pin numbers and the codes that is typed into the bank site should be erased off the computer. So that the administrator has no access to the bank accounts.
-
July 19th, 2007, 07:38 AM
#18
Adam Jones, welcome to AO,
There is one method through which the pin numbers and the codes that is typed into the bank site should be erased off the computer
That is an excellent idea, can you give us more details? I like the concept if you have to use a machine that others have access to, or for laptops that might get stolen.
For improved security on a static machine I tend to go for the removable hard drive caddy. These cost between $15 and $25 and usually have one or more small fans that prevent the build up of stale, hot air around the drive, so you get additional hardware (and hence, data) protection as a bonus.
I am afraid that neither provides protection against a keylogger that phones home.
-
July 19th, 2007, 08:15 AM
#19
Nothing a good software firewall on a client PC wouldn't solve eh nihil?
But I do like your idea of the removable hard drive - I've meant to do it numerous times but never quiet got around to it. That's this evenings project!
-
July 19th, 2007, 10:35 AM
#20
Hush your bugle me bucum
Totally correct on the software firewall, and this is an internal problem....
Problem is that there is no internal physical security?
Hey, I must try the removable drives in RAID1............ 
Similar Threads
-
By DrewDodson89 in forum General Programming Questions
Replies: 1
Last Post: November 7th, 2006, 02:12 AM
-
By gore in forum Newbie Security Questions
Replies: 11
Last Post: December 29th, 2003, 08:01 AM
-
By ntsa in forum Other Tutorials Forum
Replies: 13
Last Post: July 11th, 2002, 08:18 PM
-
By Tyax in forum Microsoft Security Discussions
Replies: 5
Last Post: April 8th, 2002, 12:47 PM
-
By Noble Hamlet in forum AntiOnline's General Chit Chat
Replies: 1100
Last Post: March 17th, 2002, 09:38 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
