Page 1 of 4 123 ... LastLast
Results 1 to 10 of 34

Thread: Question Regarding internet monitoring methods. example: email,chat,websites

  1. #1
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    5

    Question Question Regarding internet monitoring methods. example: email,chat,websites

    Okay, so it's clear, yes I am a teenager trying to get around security. Story is this: my girlfriend has some unbearably controlling parents who hate that she's with me. In an attempt to keep us from talking they are monitoring All internet activity on their wireless network, they can read every email, im, facebook posts, etc that she sends out to the world. What I don't understand is how this is being done, because it is not software on her local machine. She is running Ubuntu linux I set up on her notebook and there is no way that any monitoring software was installed on this machine. Somehow they are monitoring all internet activity however. Despite my best googling efforts I've come up with no way this could be done. We've been using PGP encryption to prevent their reading emails, but I am really curious how they are doing this and what softwares out there could be used for it? Obviously my end goal is to figure out a way to circumvent this so any reccomendations to do that would be appreciated as well. Thanks for your time and wisdom.

  2. #2
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    Well they will have a reason for that.
    There are many ways they could do it.
    But we won't help you here to circumvent it. I am also not quite sure about the entire story sounds really strange. Her dad's name is not James Bond is it?
    Tiocfaidh ár lá

  3. #3
    Just burned his ISO theluddite's Avatar
    Join Date
    Dec 2008
    Posts
    13

    Default

    Or maybe they're just telling her that they're monitoring her traffic so she'll stay off the net. If your parents tell you not to make goofy faces because it may stay like that do you believe them? Or... maybe she just telling you that so she doesn't have to talk to you. Seriously, something doesn't sound right.

  4. #4
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default

    Have they given proof that they can snoop? Have they actually said something definitive like "On March 5th at 2pm you sent an e-mail saying that she had beautiful feet"?

    If you're using PGP encryption on two computers that haven't been comprised, using key pairs that haven't been compromised, then neither Jesus, Muhummad nor Budda can read your mail.

    As regards stuff like IM, well yeah that can be snooped upon if it's not encrypted.

    If you wanted to be extreme, you could set up a VPN server on your machine and get her to connect to it from her laptop, ain't nobody cracking no VPN.
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

  5. #5
    Junior Member AnActivist's Avatar
    Join Date
    Apr 2009
    Posts
    77

    Default

    Isn't it obvious...they converted the Metasploit reverse_tcp payload into an executable, then set it up so that it runs whenever to computer is powered on; once the connection is made they obviously are using the keylogrecorder.rb script and are saving your girlfriends keystrokes to a database and then greping it for any suspicious behavior...this is pretty standard behavior for parents these days...

  6. #6
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Quote Originally Posted by AnActivist View Post
    Isn't it obvious...they converted the Metasploit reverse_tcp payload into an executable, then set it up so that it runs whenever to computer is powered on; once the connection is made they obviously are using the keylogrecorder.rb script and are saving your girlfriends keystrokes to a database and then greping it for any suspicious behavior...this is pretty standard behavior for parents these days...
    lmao The ironic part is I am a parent and I can do that.

  7. #7
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by slykehn View Post
    Okay, so it's clear, yes I am a teenager trying to get around security. ...

    [snip]
    ...
    Obviously my end goal is to figure out a way to circumvent this so any reccomendations to do that would be appreciated as well. Thanks for your time and wisdom.
    Well at least you admit that up front - thats new and refreshing.

    Anyway, as regards your question Id be tempted to call bullshit on the parents ability to monitor this stuff unless one of them actually has significant IT experience. Im not aware of any "for dummies" software that can provide this type of monitoring, although I haven't exactly been keeping my eyes open for it.

    But yes, its certainly possible to get a very good idea of whats going on regards those activities you mentioned by the use of appropriate network monitoring. All the cleartext traffic is easy to monitor, and SSL encrypted traffic (e.g. "secure" websites) can be monitored too. The PGP stuff in the email will prevent monitoring of the email content that is actually encrypted by PGP, but depending on how its used that may not include anything other than file attachments. Certainly the header information (To and From addresses, Subject line, email date) will be unencrypted, and the body text of the email is usually unencrypted too. That unencrypted data in the email is enough for traffic analysis - where you can tell who is talking to who and when, but not necessarily what they are saying.

    You can get around this by encrypting traffic, using some encryption scheme not vulnerable to man in the middle attacks. VPNs are good, preferably based on IPsec.

    This also assumes that the client systems being used do not have any malware or other monitoring software running on them. If thats the case its game over. This is less likely for Ubuntu than Windows, but its definitely not impossible.

    Maybe your best approach is just to make nice with the parents. Get a haircut and a new shirt and tell them how much you respect people from their generation or something

    Oh yes, and LMAO @ AnActivist
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  8. #8
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by AnActivist View Post
    Isn't it obvious...they converted the Metasploit reverse_tcp payload into an executable, then set it up so that it runs whenever to computer is powered on; once the connection is made they obviously are using the keylogrecorder.rb script and are saving your girlfriends keystrokes to a database and then greping it for any suspicious behavior...this is pretty standard behavior for parents these days...
    Funniest post of the week right there AnActivist!
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  9. #9
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    5

    Default

    PGP for email is good; there are also Linux-based and cross-platform IM clients that will allow you to have end-to-end encryption, which will keep them from monitoring that as well.

    Like others have said, you may want to see about making sure they are actually monitoring what she's doing, and not just saying so to dissuade you from talking to her.

    It might be a better idea in the long run to figure out why they don't like that you two are together. Once you know the reasons for what they think, you might be able to find a way to change their opinions. Probably not the answer you're looking for, but it might work better in the long run than sneaking around behind their backs.

    EDIT: I just realized I gave a lot of the same technical advice as Virchanza. Sorry about that, clearly I need to pay more attention when reading threads. That said, the previously suggested VPN is probably a really good idea if you can manage it. A user on a mailing list I follow recently set up IPcop, from the discussion that followed it's pretty well-liked.

  10. #10
    Member
    Join Date
    May 2009
    Posts
    102

    Default

    Quote Originally Posted by slykehn View Post
    Okay, so it's clear, yes I am a teenager trying to get around security. Story is this: my girlfriend has some unbearably controlling parents who hate that she's with me. In an attempt to keep us from talking they are monitoring All internet activity on their wireless network, they can read every email, im, facebook posts, etc that she sends out to the world. What I don't understand is how this is being done, because it is not software on her local machine. .
    LOL. Funny story. Well, I say you really sound honest to me so I wouldn't think that you're just using someone else's connection and just making sure no one will trace all your activities. I would advice you to just keep researching on each technology you've mentioned. Don't jump into conclusion right away that something can't be done just because you're sure that there is no software installed on her laptop. There is no perfect security solution to protect all those communications you mentioned so it's possible to circumvent them one way or another.

Page 1 of 4 123 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •