Would you think this was a bit sus?
#1
Scooby Regular
Thread Starter
Would you think this was a bit sus?
This is a bit of a computer question but a bit good old fashioned NSR paranoia.
We had a new photocopier delivered today and the tech lad installed a few progs on the machines They did say if you have any problems with the copier we can log into it and change the settings - fine I said but I did wonder how they would gain access to it.
What I have found is logmein on my computer and its running. Now what exactly can you do with logmein? Can they view our client letters? our spreadsheets? our scanned correspondence?
I just found it a bit of a cheek that this was installed without asking and turned on without asking.
We had a new photocopier delivered today and the tech lad installed a few progs on the machines They did say if you have any problems with the copier we can log into it and change the settings - fine I said but I did wonder how they would gain access to it.
What I have found is logmein on my computer and its running. Now what exactly can you do with logmein? Can they view our client letters? our spreadsheets? our scanned correspondence?
I just found it a bit of a cheek that this was installed without asking and turned on without asking.
#3
Scooby Regular
This is a bit of a computer question but a bit good old fashioned NSR paranoia.
We had a new photocopier delivered today and the tech lad installed a few progs on the machines They did say if you have any problems with the copier we can log into it and change the settings - fine I said but I did wonder how they would gain access to it.
What I have found is logmein on my computer and its running. Now what exactly can you do with logmein? Can they view our client letters? our spreadsheets? our scanned correspondence?
I just found it a bit of a cheek that this was installed without asking and turned on without asking.
We had a new photocopier delivered today and the tech lad installed a few progs on the machines They did say if you have any problems with the copier we can log into it and change the settings - fine I said but I did wonder how they would gain access to it.
What I have found is logmein on my computer and its running. Now what exactly can you do with logmein? Can they view our client letters? our spreadsheets? our scanned correspondence?
I just found it a bit of a cheek that this was installed without asking and turned on without asking.
it can be set up so that you have to acknowledge the connection before they get control of the machine, they may have done this - but if not is is a cheek to set up without asking first
and with the "aknowledge" setting it is a bit cheeky
Last edited by hodgy0_2; 02 August 2012 at 04:17 PM.
#4
Scooby Regular
iTrader: (6)
Join Date: Jun 2001
Location: Northampton, Xbox GamerTag - Neanderthal1976
Posts: 6,850
Likes: 0
Received 0 Likes
on
0 Posts
Yep, logmein basically means once he's logged into your PC (you'll know cause it pops a balloon up) he sees everything on your PC as if he's sitting at your desk using it.
#5
Scooby Regular
Join Date: Feb 2010
Location: Telford
Posts: 2,757
Likes: 0
Received 0 Likes
on
0 Posts
it is remote access s/w. If its "your" tech lad that has installed logmein then I wouldnt worry about client access as its only your company that has access to it and if it is your company that installed the software, then perhaps your internet access and private stuff is being monitored. i.e. SNET, facebook, twitter blahblahblah.
If the tech lad was from the photocopy place, I would definitely query it, how come he has been able to install stuff on your machine? Doesnt your IT set privileges to admin only or can anyone go installing software in your company? (if so, your company is in big trouble lol)
If the tech lad was from the photocopy place, I would definitely query it, how come he has been able to install stuff on your machine? Doesnt your IT set privileges to admin only or can anyone go installing software in your company? (if so, your company is in big trouble lol)
#6
Scooby Regular
Thread Starter
It was the photocopy lad that installed the software.
We don't have any restrictions on who does what on the machines. What is the problem there - other than whats happened today.
We don't have any restrictions on who does what on the machines. What is the problem there - other than whats happened today.
Trending Topics
#8
As above. LogMeIn is a great piece of software as it means you can log in from where-ever you are to that machine.
An outside company should not install that without asking you though as once they have logged in they are effectively sitting at the computer so can open files, access other network resources etc...
An outside company should not install that without asking you though as once they have logged in they are effectively sitting at the computer so can open files, access other network resources etc...
#13
Scooby Regular
iTrader: (2)
As above. LogMeIn is a great piece of software as it means you can log in from where-ever you are to that machine.
An outside company should not install that without asking you though as once they have logged in they are effectively sitting at the computer so can open files, access other network resources etc...
An outside company should not install that without asking you though as once they have logged in they are effectively sitting at the computer so can open files, access other network resources etc...
#14
Scooby Regular
iTrader: (3)
Join Date: Oct 2007
Location: www.southeastscoobies.co.uk
Posts: 2,947
Likes: 0
Received 0 Likes
on
0 Posts
So anyone can install whatever they like, as everyone has admin privileges? I guess its a small company as nowhere with a (half decent) internal IT Dept would allow that.
No control over what is installed where = no licencing control. Users will install active content from web = virus/adware nightmares, support overheads cleaning up problems. Just two examples of where it will go wrong.
In the IT world, thats a recipe for disaster
#15
Scooby Regular
#16
Scooby Regular
Thread Starter
That useful. thanks
So anyone can install whatever they like, as everyone has admin privileges? I guess its a small company as nowhere with a (half decent) internal IT Dept would allow that.
No control over what is installed where = no licencing control. Users will install active content from web = virus/adware nightmares, support overheads cleaning up problems. Just two examples of where it will go wrong.
In the IT world, thats a recipe for disaster
We are a small company and nobody uses the machines for anything other than work related stuff - except me who uses the odd forum. Its been like this since 1995 and we've never had a problem. There are restrictions as to what websites can be accessed but there is no restrictions on installing software.
All machines have a log in password if that helps.
So anyone can install whatever they like, as everyone has admin privileges? I guess its a small company as nowhere with a (half decent) internal IT Dept would allow that.
No control over what is installed where = no licencing control. Users will install active content from web = virus/adware nightmares, support overheads cleaning up problems. Just two examples of where it will go wrong.
In the IT world, thats a recipe for disaster
All machines have a log in password if that helps.
#17
Where I used to work the machine used to keep copies of everything that had been copied in its memory.... could make for quite an amusing hour if you knew how to access the memory...
#19
Scooby Regular
iTrader: (2)
Join Date: Apr 2004
Location: Somewhere in Kent, sniffing some V-Power
Posts: 15,029
Likes: 0
Received 0 Likes
on
0 Posts
Things have moved on so much since then. Even the forums you go could have a virus, you just don't know. I seriously recommend you sort something out regarding IT security.
Just because you haven't been 'raped' before, doesn't mean it won't happen in the future.
#20
Scooby Regular
Thread Starter
There's your problem.
Things have moved on so much since then. Even the forums you go could have a virus, you just don't know. I seriously recommend you sort something out regarding IT security.
Just because you haven't been 'raped' before, doesn't mean it won't happen in the future.
Things have moved on so much since then. Even the forums you go could have a virus, you just don't know. I seriously recommend you sort something out regarding IT security.
Just because you haven't been 'raped' before, doesn't mean it won't happen in the future.
Not very nice.
Will look into IT security.
#23
Scooby Regular
Join Date: Aug 2003
Location: Epsom
Posts: 5,832
Likes: 0
Received 0 Likes
on
0 Posts
I'm an IT system admin as well and basically its like you're driving a car flat out on a motorway, with no brakes, seatbelt, doors, windows, suspension or steering wheel.
You're probably already infected and don't even realise it. There's just so many threats out there you have to try hard not to be infected. Your firm hasn't even tried at all by the sound of it. Try shopping around for some cloud security services, because its just a matter of time before you lose some important data or your bank accounts get hacked
You're probably already infected and don't even realise it. There's just so many threats out there you have to try hard not to be infected. Your firm hasn't even tried at all by the sound of it. Try shopping around for some cloud security services, because its just a matter of time before you lose some important data or your bank accounts get hacked
#24
Scooby Regular
Thread Starter
This has been a bit of a wake up call for us so thanks for the replies.
Being small we don't have an IT department and the machines have just been bolted on the network at will.
I'll recommend on Monday we get some external support in to help with the IT security.
Being small we don't have an IT department and the machines have just been bolted on the network at will.
I'll recommend on Monday we get some external support in to help with the IT security.
#25
Scooby Regular
iTrader: (1)
Just turn it off and make sure it doesn't start at boot up. That way, if you have a problem and they NEED to log in, you can simply run it.
I'd still have words about why they installed remote software without permission. Especially if it's running 24/7 as it doesn't need to.
I'd still have words about why they installed remote software without permission. Especially if it's running 24/7 as it doesn't need to.
#27
Scooby Regular
Above anything your company owner should be concerned his company data is safe from being stolen and safe from being tampered with/lost.
#28
Some logmein application related info from our Palo Alto appliances... I'd get the application off there asap personally, then give the photocopy boy a smack.
Palo Alto rate it as level 5 - the highest risk they assign to an application.
Name: logmein
Description: LogMeIn is a suite of software services that provides remote access to computers over the Internet. The various product versions are designed for both end users and professional help desk personnel. LogMeIn remote access products use a proprietary remote desktop protocol that is transmitted via SSL. An SSL certificate is created for each remote desktop and is used for cryptographically secure communications between the remote desktop and the accessing computer. Users access remote desktops using an Internet-based web portal and, optionally, the LogMeIn Ignition stand-alone application. The portal also provides status information for the remote computers and, optionally, remote computer management functions. The service connects the remote desktop and the local computer using SSL over TCP or UDP and utilizing NAT Traversal techniques to achieve peer-to-peer connectivity when available.
Standard Ports: tcp/80,443
Capable of File Transfer: yes
Used by Malware: no
Excessive Bandwidth Use: yes
Evasive: yes
Tunnels Other Applications: yes
Depends on Applications: adobe-flash-socketpolicy-server, ssl, web-browsing
Category: networking
Subcategory: remote-access
Technology: client-server
Risk:
Widely Used: yes
Has Known Vulnerabilities: yes
Prone to Misuse: yes
Session Timeout (seconds):
36000
TCP Timeout (seconds):
UDP Timeout (seconds):
Palo Alto rate it as level 5 - the highest risk they assign to an application.
Name: logmein
Description: LogMeIn is a suite of software services that provides remote access to computers over the Internet. The various product versions are designed for both end users and professional help desk personnel. LogMeIn remote access products use a proprietary remote desktop protocol that is transmitted via SSL. An SSL certificate is created for each remote desktop and is used for cryptographically secure communications between the remote desktop and the accessing computer. Users access remote desktops using an Internet-based web portal and, optionally, the LogMeIn Ignition stand-alone application. The portal also provides status information for the remote computers and, optionally, remote computer management functions. The service connects the remote desktop and the local computer using SSL over TCP or UDP and utilizing NAT Traversal techniques to achieve peer-to-peer connectivity when available.
Standard Ports: tcp/80,443
Capable of File Transfer: yes
Used by Malware: no
Excessive Bandwidth Use: yes
Evasive: yes
Tunnels Other Applications: yes
Depends on Applications: adobe-flash-socketpolicy-server, ssl, web-browsing
Category: networking
Subcategory: remote-access
Technology: client-server
Risk:
Widely Used: yes
Has Known Vulnerabilities: yes
Prone to Misuse: yes
Session Timeout (seconds):
36000
TCP Timeout (seconds):
UDP Timeout (seconds):
#29
Scooby Regular
Join Date: Aug 2000
Location: God's promised land
Posts: 80,907
Likes: 0
Received 0 Likes
on
0 Posts
New phrases that will be in the dictionary soon;
Frape - having your Facebook account hijacked
Phrape - having your mobile phone hijacked
No doubt there are others out there too. Does Trape exist? Probably.
#30
Scooby Regular
Join Date: Jul 2005
Location: Staffordshire, Midlands
Posts: 742
Likes: 0
Received 0 Likes
on
0 Posts
Storing any sort of customer details on your system means that you have to comply to a lot of data protection laws - having your system unprotected could mean you are breaking some/many of them.
Scenario: systems gets hacked (very simple if it's just a load of machines plugged into various hubs/home routers), customer details stolen, intrusion traced back to your machines, find out what data was stored and how, now you're to blame for what could be anything from ID fraud, to £££££££'s being stolen.
Sounds extreme, but it happens! Get your security sorted!
Scott.
(Studying computer networks & security degree, and also Certified Ethical Hacker)