Business Software Alliance

Get the latest on wired & wireless, talk network setups, get help with connectivity problems, web hosts, etc.
Post Reply
ogional
n00b
Posts: 5
Joined: Wed Mar 30, 2011 6:19 pm

Business Software Alliance

Post by ogional » Wed Mar 30, 2011 6:48 pm

Business Software Alliance is aka BSA or software auditing a new employee installed it on our business computers so our boss can track band with and employees misusing there time online etc. The main thinig is that I want to know is a way to were I can stop the employee from seeing what I am doing. This is my own personal computer I am using and have privacy issues. It doesn't matter if this program is installed on my computer or hard drive. He still can access it at any time and monitor what I am doing and see every packet that the modem is recieving as long as i am connected to the ethernet. How do I block this intrusion from viewing what websites I go to I can't even use Tor or a proxy because if it detects it he can shut the whole wifi down till the morning time when he shows up. :oops:

P.S. My dad tried doing that to me once with a key logger and i ended up snapping his laptop in half.

hack4crack
n00b
Posts: 18
Joined: Sat Jan 15, 2011 12:39 am

Re: Business Software Alliance

Post by hack4crack » Thu Mar 31, 2011 11:55 pm

You could probably boot from a Linux LiveCD.

Also, 1% of people in the world have the wealth of 90% of the world. If you didn't "steal" time from work, imagine how much worse it would be!

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Re: Business Software Alliance

Post by stasik » Fri Apr 01, 2011 10:48 am

if u can install any soft on pc, means u have administration rights, which allows u to check which softs are running, and terminate them. but just to avoid all this, run any live cd/dvd (like knoppix) but that way u wont be able to run softs installed on pc. in terms of package sniffing, use UltraSurf, but i would recommend JonDo (slower, but more secure), or any open shell (but u ll need to run extra soft to connect to shell) or just create a server at home, and redirect traffic via home pc. u have plenty of choices!

ogional
n00b
Posts: 5
Joined: Wed Mar 30, 2011 6:19 pm

Re: Business Software Alliance

Post by ogional » Fri Apr 01, 2011 8:00 pm

Well he sure fooled me but I'm good at infiltrating as a social hacker not a "programmer". I found out that the program he was "using" wasn't BSA but it was Microsoft Windows Security Auditing. It doesn't matter what program you are using such as a live linux cd its the fact its connected to the internet so it can still monitor me unless i disconnect. I think its on port 1595. I had to check the event view log to find out what program it was. It didn't pop up under >> All Programs.

I'll keep working at it i just need to dig for more information.

Thanks.

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Re: Business Software Alliance

Post by stasik » Sun Apr 03, 2011 8:06 am

there is no such magic soft, to monitor some 1's pc without installing some (part of) soft on victim pc. to monitor via lan, is only to capture the packets, and then reconstruct ur internet browsing activity, no more. to avoid that, u need to tunnel ur internet connection, and all they will capture is SLL/encrypted requests.
this is how it works: when u go to youtube, the sniffer can see that the package go to youtube, and can see the request within. if u go to youtube via a tunnel, when u type "youtube", ur packets are encrypted, and sent to some ProxyServer. only that server can decrypt ur packets, and find inside the youtube address. the server send the request to youtube. youtube replays to server, server encrypts the reply packets, and send it to u, and only ur browser can decrypt it and display the info. no mater to what page u go via tunnel (youtube, google, forums) the sniffer will see only one outgoing address, the address of the proxy server, and a lot of useless packets. the whole process can be slower (encrypting/decrypting, tunneling) but its safer. the only issue arise, is to trust the proxy server, as it can see what pages u browse. as server u can use ur home pc, that way u r totally safe
did u look at JonDo? http://anonymous-proxy-servers.net/en/jondo.html read there, i think its very easy to understand how all these works

ogional
n00b
Posts: 5
Joined: Wed Mar 30, 2011 6:19 pm

Re: Business Software Alliance

Post by ogional » Sun Apr 03, 2011 3:49 pm

If I use a proxy it will more than likely be detected and he can shut down the whole internet till he comes back.

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Re: Business Software Alliance

Post by stasik » Mon Apr 04, 2011 9:54 am

tunnelling is not proxy. and not all proxy are encrypted. proxy just bounce ur packets from another server. with proxy u dont know who is in control of the proxy server. "he" can get a list of proxies and block them, but if u create a tunnelling to ur home pc, he wont block that. can u log in now into google mail? if yes, then the connection is not blocking SLL (encrypted) packets, so it means u successfully can tunnel.
basic line is, if the encrypted packets are not dropped, u can successfully tunnel and stay unanimous.

Apocalypse
n00b
Posts: 6
Joined: Fri Apr 01, 2011 11:08 am

Re: Business Software Alliance

Post by Apocalypse » Mon Apr 04, 2011 6:39 pm

If the software he is using has a client installed on your machine to monitor you with, then a live CD should do the trick, as none of the hard drive's files are mounted. If hes using a network sniffer, why not report it to the network administrator? I'm sure someone is in charge of the network...

ogional
n00b
Posts: 5
Joined: Wed Mar 30, 2011 6:19 pm

Re: Business Software Alliance

Post by ogional » Tue Apr 05, 2011 10:16 pm

Because he is basically the network administrator in a small mom and pop shop.

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Re: Business Software Alliance

Post by stasik » Thu Apr 07, 2011 9:17 am

go to https://stasik.homeip.net:6129, that is my home server. u see "httpS"? that means secure, so if u come to the site the first time, u ll have to accept my certificate. once u are on the site, slick on "proxy-SSL". from there ur connection is encrypted to my home. u may have to adjust the settings of the proxy (accept cookie, remove objects, and so on).
u should be sorted now. let us know how it worked for u
stan

ogional
n00b
Posts: 5
Joined: Wed Mar 30, 2011 6:19 pm

Re: Business Software Alliance

Post by ogional » Thu Apr 07, 2011 2:43 pm

K Thanks, I'll try it once its "unsafe" to browse porn on our networks. I'll just have to wait and see if he says anything about me getting passed it. If he says something like i haven't seen any network traffic from your computer. then I'd know its working :).

User avatar
Thor
htd0rg lieutenant
Posts: 440
Joined: Tue Dec 18, 2007 9:39 am
Location: Location Location

Re: Business Software Alliance

Post by Thor » Thu Apr 07, 2011 11:40 pm

As mentioned above, encryption is key here. I have worked for a variety of small tech related companies in the past that had setups like this. Where either I was doing the IT crap, nobody was, or nobody was but we had a guy like you describe that sort of monitors things, but does something else mainly. I've tested your exact situation many times before. An ssl tunnel out should not appear funny.

And in my experience, unless you are dealing with a real IT guy, they won't be the type of person to confront you about network anomalies. They wouldn't know how to describe what they think is happening and the type of mindset that a person sniffing has, isn't usually confrontational. Now, i've made an assumption about your sniffer operator. However, I think you'll be just fine with encryption. Soon, you'll be comfortable with that and find yourself sniffing lol. Work email, especially Outlook passes are always flying round the office in plain text. Just playing, but true...
Last edited by Thor on Fri Apr 08, 2011 1:26 pm, edited 2 times in total.
Quidquid latine dictum sit, altum sonatur.
- Whatever is said in Latin sounds profound.

Omnis Vestri Substructio Es Servus Ad Nobis.
- All Your Base Are Belong To Us

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Re: Business Software Alliance

Post by stasik » Fri Apr 08, 2011 9:43 am

ogional wrote:K Thanks, I'll try it once its "unsafe" to browse porn on our networks. I'll just have to wait and see if he says anything about me getting passed it. If he says something like i haven't seen any network traffic from your computer. then I'd know its working :).
just a correction: using web via ssl layer, will generate data (in and out), and even more than in normal situation (coz encryption is data too), but the dilemma here is "which data"?? so he will see u r using web, but would not what. as Thor mentioned, i dont thing he ll come to u and say "hei, i know u are doing something, but i am too dumb to know what exactly,. so stop, or i ll... whatever"...
i dont mind porn on my serve)


i remember when i was working on previous job, long ago, most sites (youtube, face, chat, gambling, etc) were blocked, and at the end oh the month, manager was getting a list of what sites each employer visited and total size of data. most had many sites, and few size data, me had only 1 site (my home server) but lots of data. then i let others use my pc when the needed (like book a flight or similar). the IT admin, few rooms away, tried to stop all the youtube fun, but hailed. all he did was blocking ports, but he could not disable ssl or proxy, as company needed it. so he pretended not to know of it and avoided me)))

Post Reply