If you thought someone was.....
#1
ctrl + alt + del and press Lock...Instant lockout, unless he knows your password...but the vnc idea is good proof and a mind settler I guess.
[Edited by cd_uk - 9/5/2002 7:33:50 PM]
[Edited by cd_uk - 9/5/2002 7:33:50 PM]
#2
Bob, if you think he knows the admin pwd then when you lock your puter, leave some applications running. If he unlocks as administrator he will force these apps to close. Then when you log back on, you can check if they're running. If they aren't, someone has been on your puter.
Edited to add - don't forget to save any work in progress before doing this!!
[Edited by V5 - 9/6/2002 9:13:04 AM]
Edited to add - don't forget to save any work in progress before doing this!!
[Edited by V5 - 9/6/2002 9:13:04 AM]
#3
Scooby Senior
Join Date: Jul 2001
Location: Radiator Springs
Posts: 14,810
Likes: 0
Received 0 Likes
on
0 Posts
..... snooping round your pooter at work, what would you do?
I think someone might be using my pooter whilst I'm not there, I've seen him use another machine (not his) whilst it's operator was out, when I quizzed him about it he closed everything off and was really sheepish about it! We never had to worry about security before but since then I've changed my password and set the thing to lock with the screensaver, I also log off before leaving. Once, after brewtime I came to my machine and it was at the password screen, rather than the ctrl, alt, del screen?
Is there any way of tracking the last thing the pooter did, sort of like a flight recorder I guess? I'm more bothered about him changing something in our database and me getting the blame than anything else, in fact, there's nothing on my pooter that I wouldn't show mi mum
It's a shame it's come to this but if he is doing summat I wanna know so I can take action, at the moment I don't really have any evidence.
Cheers, Bob
PS, I'm not sure if he knows the administrator code?
I think someone might be using my pooter whilst I'm not there, I've seen him use another machine (not his) whilst it's operator was out, when I quizzed him about it he closed everything off and was really sheepish about it! We never had to worry about security before but since then I've changed my password and set the thing to lock with the screensaver, I also log off before leaving. Once, after brewtime I came to my machine and it was at the password screen, rather than the ctrl, alt, del screen?
Is there any way of tracking the last thing the pooter did, sort of like a flight recorder I guess? I'm more bothered about him changing something in our database and me getting the blame than anything else, in fact, there's nothing on my pooter that I wouldn't show mi mum
It's a shame it's come to this but if he is doing summat I wanna know so I can take action, at the moment I don't really have any evidence.
Cheers, Bob
PS, I'm not sure if he knows the administrator code?
#4
Not sure about tracking Bob, but if you're using MS Office toolbar, set up the screensaver icon so that it comes on instantly (well, with a few secs) after being clicked rather than waiting x mins - gives him less chance to catch the pc before he can get on and stop the screensaver activating...
Apple
Apple
#5
PS he's not trying to incriminate you or others by surfing some "dodgy" sites to get them on your system and then just happen to flag them up, is he?
Has he got a red face and hairy palms when you catch him or is that stereotyping
Apple
Has he got a red face and hairy palms when you catch him or is that stereotyping
Apple
#6
I'd find some keystroke-logging software, usually used for password sniffing, although if (as it sounds) you've got NT/2KP/XP you may need rights to install it.
Other obvious things would be last-used document lists in Office apps and browser history / cache investigations.
Other obvious things would be last-used document lists in Office apps and browser history / cache investigations.
#7
Scooby Regular
Join Date: May 2001
Location: Scotland
Posts: 4,580
Likes: 0
Received 0 Likes
on
0 Posts
Set up VNC on your PC and leave it running, then go to lunch, but really go onto another PC in another office.
Then log onto your PC using VNC, sit back and watch what the heck is being done on your PC
A fun way of seeing what's happening
Then log onto your PC using VNC, sit back and watch what the heck is being done on your PC
A fun way of seeing what's happening
Trending Topics
#8
Scooby Senior
Join Date: Jul 2001
Location: Radiator Springs
Posts: 14,810
Likes: 0
Received 0 Likes
on
0 Posts
Right, I don't use office, have it but have never used it! The pooters are all on Windows 2000. We only have the one office and just enough pooters to go round the 4 of us!
I've not noticed anything in the internet history? The thing that worries me is that we all log onto a big database and have our own ID's, which we can't alter from here, basically he could **** summat up in the database from my machine and it would look like I did it, he could "notice" it, claim the glory and get further up the boss's *** than he already is!
I've started locking mi draw aswell, seen him do that trick too, don't want mi choccy biccies gettin nicked oh yeah, it really annoys him if I get to the office before him too, we start at 9, I have to get there for at least 8.40 to beat him, well worth it tho
I've not noticed anything in the internet history? The thing that worries me is that we all log onto a big database and have our own ID's, which we can't alter from here, basically he could **** summat up in the database from my machine and it would look like I did it, he could "notice" it, claim the glory and get further up the boss's *** than he already is!
I've started locking mi draw aswell, seen him do that trick too, don't want mi choccy biccies gettin nicked oh yeah, it really annoys him if I get to the office before him too, we start at 9, I have to get there for at least 8.40 to beat him, well worth it tho
#10
Scooby Regular
Join Date: Oct 1998
Location: London
Posts: 4,891
Likes: 0
Received 0 Likes
on
0 Posts
The VNC idea is good. Then once you've caught him, open up a notepad screen and type in 'I know what you're doing' in front of his eyes. Should scare him off.
#16
Scooby Senior
Join Date: Jul 2001
Location: Radiator Springs
Posts: 14,810
Likes: 0
Received 0 Likes
on
0 Posts
ok, I now log off if I'm gonna leave my machine for more than about ten mins, can't do the VNC thing because we don't have a spare pooter...or office for that matter! Haven't a clue what a Keylonger is or how I would clear, or even find the history thing The xyloc thing sounds cool but I can't afford it and it would deffo cause an upset, not that I don't want an upset, just need some proof first
Would I be right in thinking if he knew the administrator password that would get round my password?
Would I be right in thinking if he knew the administrator password that would get round my password?
#17
Scooby Regular
Join Date: Nov 2001
Location: Leeds - It was 562.4bhp@28psi on Optimax, How much closer to 600 with race fuel and a bigger turbo?
Posts: 15,239
Likes: 0
Received 1 Like
on
1 Post
either way you wont be able to see what he has been doing as you will be using different profiles... ask your domain admin to restrict his logon to his own pc..
David
David
#19
Scooby Regular
Join Date: Sep 2002
Location: Essexville
Posts: 4,391
Likes: 0
Received 0 Likes
on
0 Posts
also chyeck your document history in start/documents... this might show what files he/she's been accessing.
keep all private stuff passworded (word/excel etc)
just use the save options - file / saveas / tools etc (office 2000)
cant remember office 97, but the principle is the same...
that should pi55 then off.
good luck...
BB
keep all private stuff passworded (word/excel etc)
just use the save options - file / saveas / tools etc (office 2000)
cant remember office 97, but the principle is the same...
that should pi55 then off.
good luck...
BB
#20
Scooby Regular
Join Date: Nov 2001
Location: Leeds - It was 562.4bhp@28psi on Optimax, How much closer to 600 with race fuel and a bigger turbo?
Posts: 15,239
Likes: 0
Received 1 Like
on
1 Post
also chyeck your document history in start/documents... this might show what files he/she's been accessing.
keep all private stuff passworded (word/excel etc)
just use the save options - file / saveas / tools etc (office 2000)
cant remember office 97, but the principle is the same...
keep all private stuff passworded (word/excel etc)
just use the save options - file / saveas / tools etc (office 2000)
cant remember office 97, but the principle is the same...
David
#21
Scooby Senior
Join Date: Feb 2000
Location: West Midlands
Posts: 5,763
Likes: 0
Received 0 Likes
on
0 Posts
Bob,
you need something like a...
http://www.007spys.com/monster/commputer_KC.htm
to find out what they are doing!!!
Do a search to see if you can find a cheaper UK source though.
mb
you need something like a...
http://www.007spys.com/monster/commputer_KC.htm
to find out what they are doing!!!
Do a search to see if you can find a cheaper UK source though.
mb
#22
have you knocked him out yet?
or remove the keyboard when you leave and place a manky old one in its place and cover it with superglue. When u get back if the fool has a keyboard stuck to his hand u know its him....
ill get my coat
or remove the keyboard when you leave and place a manky old one in its place and cover it with superglue. When u get back if the fool has a keyboard stuck to his hand u know its him....
ill get my coat
#24
Scooby Senior
Join Date: Jul 2001
Location: Radiator Springs
Posts: 14,810
Likes: 0
Received 0 Likes
on
0 Posts
Think this is gonna come to fight soon!
A colleague had left his machine on but locked, when he came in today it was off and when he reached the password screen the username was administrator, not....... He's quizzed the boss about it and he says "maybe the power went off and your machine is set default to admin...". This doesn't add up though because his is the only machine to be affected plus we just recreated th circumstances and got different results. The spooky, or not so spooky thing is, the "suspect" was in yesterday, alone.
There's gonna be words this afternoon, I think some may even be heated!
Bob
A colleague had left his machine on but locked, when he came in today it was off and when he reached the password screen the username was administrator, not....... He's quizzed the boss about it and he says "maybe the power went off and your machine is set default to admin...". This doesn't add up though because his is the only machine to be affected plus we just recreated th circumstances and got different results. The spooky, or not so spooky thing is, the "suspect" was in yesterday, alone.
There's gonna be words this afternoon, I think some may even be heated!
Bob
#25
Scooby Regular
iTrader: (1)
Join Date: Aug 2000
Location: Glasgow
Posts: 9,844
Likes: 0
Received 0 Likes
on
0 Posts
Bob, if you log into the database seperately then don't worry about it, unless he knows your password to connect to the database (in which case it wont matter whether he is using your machine or another) it wont record the changes against your user id, but the one he uses to connect.
If you want a key logger let us know, I'm sure I could throw one together which you can just copy onto your machine, so even if you don't have admin rights it will work. Or if you just want to annoy him I could put together a login screen program that you could run when you leave the machine - he'll think he can just login as normal and it can sit there and reject his password before bringing up a 'your account has been locked, contact your system administrator' message, lots of worried looks for the rest of the day . Or any other nasty little utility you can think of
If you want a key logger let us know, I'm sure I could throw one together which you can just copy onto your machine, so even if you don't have admin rights it will work. Or if you just want to annoy him I could put together a login screen program that you could run when you leave the machine - he'll think he can just login as normal and it can sit there and reject his password before bringing up a 'your account has been locked, contact your system administrator' message, lots of worried looks for the rest of the day . Or any other nasty little utility you can think of
#27
Bob, whoever this guy is; he sounds like an amateur.
If he knew his stuff, he could probably have acheived his goal by logging onto your machine remotely. In which case he would have
done his dastardly deed.
If your database is on another pc/server on the network; it will
require authentication to use it. He would have to log in as you; obviously to make it appear as if you had done the work. He could probably do this from his own pc. In which case he would have to know your password; he could then change your password, then log on as you; do his work; change your password back to what it was
originally.
The only reasonable explanation to be logging onto individual pc's; is for locally stored data.
Sorry , ive just added to the confusion.
If he knew his stuff, he could probably have acheived his goal by logging onto your machine remotely. In which case he would have
done his dastardly deed.
If your database is on another pc/server on the network; it will
require authentication to use it. He would have to log in as you; obviously to make it appear as if you had done the work. He could probably do this from his own pc. In which case he would have to know your password; he could then change your password, then log on as you; do his work; change your password back to what it was
originally.
The only reasonable explanation to be logging onto individual pc's; is for locally stored data.
Sorry , ive just added to the confusion.
#28
Scooby Senior
Join Date: Jul 2001
Location: Radiator Springs
Posts: 14,810
Likes: 0
Received 0 Likes
on
0 Posts
I like the sound of that programme Rob, I think I would lock myself out though
David, that's what I thought and what we proved at lunch time with our secret test..... ok we just pulled the plug out to simulate a power cut
FT, he does know my password to the database, we all know each others, a tad pointless you might say! It was done more so that we could trace who had entered the data rather than security issues. He did know the password for my machine, till I changed it RE the locally stored data, there is absolutely nuffink on there that shouldn't be and nothing that's of use to him or that I wouldn't let him have, if he asked, this is why it's puzzling me so much
Anyway, I've told my boss about it today, will see what develops, not a lot I should imagine will have to stick to laying things out on mi desk in precisely marked positions
Bob
David, that's what I thought and what we proved at lunch time with our secret test..... ok we just pulled the plug out to simulate a power cut
FT, he does know my password to the database, we all know each others, a tad pointless you might say! It was done more so that we could trace who had entered the data rather than security issues. He did know the password for my machine, till I changed it RE the locally stored data, there is absolutely nuffink on there that shouldn't be and nothing that's of use to him or that I wouldn't let him have, if he asked, this is why it's puzzling me so much
Anyway, I've told my boss about it today, will see what develops, not a lot I should imagine will have to stick to laying things out on mi desk in precisely marked positions
Bob
Thread
Thread Starter
Forum
Replies
Last Post