Re: Computer monitoring programs
From: John Elsbury (johne@snospam.sovereign.co.nz)Date: 06/28/02
- Next message: dr.emailposter: "Re: [Symantec NIS] They did it again: Support issues"
- Previous message: Walter Roberson: "Re: Computer monitoring programs"
- In reply to: Tania Gobeil: "Computer monitoring programs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: johne@snospam.sovereign.co.nz (John Elsbury) Date: Thu, 27 Jun 2002 23:44:55 GMT
On 27 Jun 2002 12:14:12 -0700, gobeil_tania@hotmail.com (Tania Gobeil)
wrote:
>I have a few questions...
>
>How does computer monitoring work?
>Is there a way to find out if your computer is being monitored?
>Are there known existing programs and a way to detect them?
>Do those programs take up ressources on the monitored computer?
>
>Thanks
>Sunny
>
>*This is my first post so please be indulgent if I have infringed
>any guidelines but don't forget to tell me about it so i'll avoid
>repeating the same mistakes :)*
If you want to monitor activity _within_ a computer there are
basically four methods: internal, local, remote, and forensic.
Internal methods usually involve installing software or hardware to
record information, typically but not necessarily keystrokes.
Software can also be used to audit any software-related activity - for
example, monitoring what programs are run etc. Typically if software
is installed, this can be detected by the owner (assuming they know
what they are looking for). Hardware is more or less detectable -
some implementations would be easy to detect, some might be very
difficult to find unless you know what is supposed to be there.
Local methods would inlude (for example) installing a concealed video
camera to monitor what the user is actually doing. Difficult to
detect.
Remote methods include sensing of electronic emissions from the
computer, keyboard, monitor (etc) to reconstruct what is being entered
and displayed. This can be conducted from a relatively long distance
(perhaps, up to 50 metres or more from the PC) and is undetectable.
Forensic methods look at residual information stored in the PC to
deduce what activity has taken place. Physical access to the PC is
usually required to do this, but no traces would be left.
If you want to monitor information transmitted _between a computer
and (say) the Internet_ then you can use most of the above methods
plus, if you can get access to the communications link or to the
website(s) visited, or if you are an employer or Agency, you can at
least record whatever information is provided and sent and, if you own
network components through which the data passes, you can audit the
data stream in detail.
- Next message: dr.emailposter: "Re: [Symantec NIS] They did it again: Support issues"
- Previous message: Walter Roberson: "Re: Computer monitoring programs"
- In reply to: Tania Gobeil: "Computer monitoring programs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
