A coworker had told me that she had found personal files of her in another computer that belongs to the department she worked for some time ago.
Those files were made after she was transferred, so the files could not be just a remnant.
She suggests she is being spied.
I checked out shared directories and netstat command and everything seems fine with the network.
Any ideas on what to do to catch the snooper if he/she exists or to have any evidence regarding if my coworker is being snooped or not? She cant just argue "hey, Im being snooped" without a proof.
Strange case at work
Moderator: Moderators for English X Forum
-
Reverend_Vader
- Jedi Master
- Posts: 690
- Joined: Wed, 6. Nov 02, 20:31
-
alpharomeo81
- Posts: 310
- Joined: Tue, 4. Feb 03, 21:09
-
carran
- Posts: 820
- Joined: Wed, 6. Nov 02, 20:31
If you have a central IT department they could have the Administrator password, login and do whatever they like.
There could also be an automated replication tool which duplicates files of a certan type to a central server though that doesn't explain how the were found on another server.
It's also possible her machine has pcAnywhere on it and someone else is accessing her machine remotely after hours.
Finally, maybe someone dropped by with a floppy, zipped the files onto it and copied them elsewhere, again out of hours.
There could also be an automated replication tool which duplicates files of a certan type to a central server though that doesn't explain how the were found on another server.
It's also possible her machine has pcAnywhere on it and someone else is accessing her machine remotely after hours.
Finally, maybe someone dropped by with a floppy, zipped the files onto it and copied them elsewhere, again out of hours.
-
ElectricMonk
- Posts: 1016
- Joined: Sat, 9. Nov 02, 15:40
This sounds like a case for MIDDLE MANAGEMENT!
(dramatic music)
"Gee whizz, Middle Management Man! There's some strange stuff happening in this place of business!"
"Fear not, trainee-boy! Middle Management will take care of this problem! Come! To the middle-class, reasonably priced five door hatchback!"
(dramatic music)
"Gee whizz, Middle Management Man! There's some strange stuff happening in this place of business!"
"Fear not, trainee-boy! Middle Management will take care of this problem! Come! To the middle-class, reasonably priced five door hatchback!"
-
alpharomeo81
- Posts: 310
- Joined: Tue, 4. Feb 03, 21:09
PC anywhere sounds very likely.
I think there could be a serious security problem in this company.
Systems audit hasn't been implemented yet.
It is supposed to start this year.
What I fear is that the Systems Auditor doesn't know english and he is not a computer geek, so he could be easily cheated, and I told him so. Fortunately he is my friend and I can tell him that.
I think there could be a serious security problem in this company.
Systems audit hasn't been implemented yet.
It is supposed to start this year.
What I fear is that the Systems Auditor doesn't know english and he is not a computer geek, so he could be easily cheated, and I told him so. Fortunately he is my friend and I can tell him that.
-
alpharomeo81
- Posts: 310
- Joined: Tue, 4. Feb 03, 21:09
It looks like there is still a long way to go in system auditing.
This year System Auditing will start basically as an exploration, not like a formal program. The formal program would be built as soon as things are been understood.
What worries me the most is that I know more than the Systems Auditor and I don’t know too much. His knowledge is basically some general concepts given in a seminar.
IT people are like doctors or hardware vendors or used cars salesmen, they can easily cheat you if you aren’t informed.
In the specific case mentioned here, I realize that making IT to confiscate machines is not the proper course of action for it would bring the evidence to IT personnel probably involved in the problem, so evidence could be gone.
I have the theory that technical support personnel inside the company could be making a bad use of software and could have by now the same control over network that the Network Administrator has.
So I question the very basic organization we have. A network administrator or even a DBA could screw this company and months would pass before we know what happened.
Thanks for the link. I’ve forwarded to auditors.
This year System Auditing will start basically as an exploration, not like a formal program. The formal program would be built as soon as things are been understood.
What worries me the most is that I know more than the Systems Auditor and I don’t know too much. His knowledge is basically some general concepts given in a seminar.
IT people are like doctors or hardware vendors or used cars salesmen, they can easily cheat you if you aren’t informed.
In the specific case mentioned here, I realize that making IT to confiscate machines is not the proper course of action for it would bring the evidence to IT personnel probably involved in the problem, so evidence could be gone.
I have the theory that technical support personnel inside the company could be making a bad use of software and could have by now the same control over network that the Network Administrator has.
So I question the very basic organization we have. A network administrator or even a DBA could screw this company and months would pass before we know what happened.
Thanks for the link. I’ve forwarded to auditors.