• We've upgraded our forums. Please post any issues/requests in this thread.

IT department security?

Joined
Mar 30, 2010
Messages
80
Likes
6
#1
If your IT department has access to network info like that needed to log on to a WPA2-Enterprise network, could they possibly log onto the network and act as you? If they have the logon info can they track things like your passwords while you are using the network, or access any program or files therein? I trust most IT departments are full of responsible individuals but I was wondering if this capability is even possible in the first place.
 
Last edited:
Joined
Oct 12, 2008
Messages
5,654
Likes
2,605
Location
στο άλφα έως ωμέγα
System Name Ha/AhHa/Dell
Processor QX9650 SLAWN C1/i7-980x/i7-6700K
Motherboard GA-X48_DS4 (F3B bios)/Gigabyte x58A-UDR3 v 2.0(modded FH bios)/Dell Foxconn 0XJ8C4 Z170
Cooling CNPS9900 LED/H60/ 3 pipe-center fan-air
Memory 8 Gig of G.Skill F2-8800CL5D/24 Gb Corsair Vengence/ 24Gb Samsung DDR4 2133
Video Card(s) Galaxy NVIDIA GeForce GTX 960/PowerColor R9 280/ASUS R9 380X Strix G1
Storage All have SSDs with HDDs for extra storage and backup/Dell-M.2 Samsung 850 EVO PCIe
Display(s) Asus 266H/Viewsonic 1080p/HP ZR24W
Case CM-690/CM-690 II adv/Dell 8900 series
Audio Device(s) All use on board (Realtek) w/2.1 speakers
Power Supply PC P&C 750/PC P&C Silencer 950/CM 700 Extreme
Mouse Logitech
Keyboard Logitech
Software Windows 10 Pro - 64 bit/Windows 10 Pro - 64bit/Windows 10 Pro - 64bit
#2
YES, Skynet has total control and access.

They are the IT Dept. for a reason... to manage their (the company's) network.

Usually, the Administrators have full access. Others are given access as needed.
 
Joined
Mar 30, 2010
Messages
80
Likes
6
#3
YES, Skynet has total control and access.

They are the IT Dept. for a reason... to manage their (the company's) network.

Usually, the Administrators have full access. Others are given access as needed.
So if I log on to the network with my personal laptop, are they able to see things like passwords?
 
Joined
Oct 12, 2008
Messages
5,654
Likes
2,605
Location
στο άλφα έως ωμέγα
System Name Ha/AhHa/Dell
Processor QX9650 SLAWN C1/i7-980x/i7-6700K
Motherboard GA-X48_DS4 (F3B bios)/Gigabyte x58A-UDR3 v 2.0(modded FH bios)/Dell Foxconn 0XJ8C4 Z170
Cooling CNPS9900 LED/H60/ 3 pipe-center fan-air
Memory 8 Gig of G.Skill F2-8800CL5D/24 Gb Corsair Vengence/ 24Gb Samsung DDR4 2133
Video Card(s) Galaxy NVIDIA GeForce GTX 960/PowerColor R9 280/ASUS R9 380X Strix G1
Storage All have SSDs with HDDs for extra storage and backup/Dell-M.2 Samsung 850 EVO PCIe
Display(s) Asus 266H/Viewsonic 1080p/HP ZR24W
Case CM-690/CM-690 II adv/Dell 8900 series
Audio Device(s) All use on board (Realtek) w/2.1 speakers
Power Supply PC P&C 750/PC P&C Silencer 950/CM 700 Extreme
Mouse Logitech
Keyboard Logitech
Software Windows 10 Pro - 64 bit/Windows 10 Pro - 64bit/Windows 10 Pro - 64bit
#4
Yes, admins with total control, in most larger organizations have the capabilities for this.

How else are they going to monitor, control, secure, etc. their network.
 
Joined
Nov 4, 2005
Messages
9,946
Likes
2,309
System Name MoFo 2
Processor AMD PhenomII 1100T @ 4.2Ghz
Motherboard Asus Crosshair IV
Cooling Swiftec 655 pump, Apogee GT,, MCR360mm Rad, 1/2 loop.
Memory 8GB DDR3-2133 @ 1900 8.9.9.24 1T
Video Card(s) HD7970 1250/1750
Storage Agility 3 SSD 6TB RAID 0 on RAID Card
Display(s) 46" 1080P Toshiba LCD
Case Rosewill R6A34-BK modded (thanks to MKmods)
Audio Device(s) ATI HDMI
Power Supply 750W PC Power & Cooling modded (thanks to MKmods)
Software A lot.
Benchmark Scores Its fast. Enough.
#5
They will be able to see it anyway on wired networks if they are really interested due to being the man in the middle so to speak.

What should you learn from this? Don't do personal business at work. besides, you are there to work.
 

temp02

New Member
Joined
Mar 18, 2009
Messages
493
Likes
165
#6
AFAIK, with WPA2 the communication between the AP and your NIC is encrypted with a different set of keys then the other users, so even if other authenticated user is eavesdropping the wireless network they won't/shouldn't be able to decode/see your traffic/packets.
IT personnel should however be able to see the URLs of the pages you visit, if they have some kind of firewall logging.
Still, if you are afraid of someone stealing your passwords, login only on secure (HTTPS) websites.
 
Joined
Mar 30, 2010
Messages
80
Likes
6
#7
They will be able to see it anyway on wired networks if they are really interested due to being the man in the middle so to speak.

What should you learn from this? Don't do personal business at work. besides, you are there to work.
It's not really "work", it's school, and my laptop is both personal and work related. I also use my personal email to contact teachers and prospective employers. I am wondering if my gmail password is logged somewhere when I log onto a WPA2-Enterprise network at my school.
 
Joined
Feb 26, 2008
Messages
4,870
Likes
681
Location
Joplin, Mo
System Name Ultrabeast GX2
Processor Intel Core 2 Duo E8500 @ 4.0GHZ 24/7
Motherboard Gigabit P35-DS3L
Cooling Rosewill RX24, Dual Slot Vid, Fan control
Memory 2x1gb 1066mhz@850MHZ DDR2
Video Card(s) 9800GX2 @ 690/1040
Storage 750/250/250/200 all WD 7200
Display(s) 24" DCLCD 2ms 1200p
Case Apevia
Audio Device(s) 7.1 Digital on-board, 5.1 digital hooked up
Power Supply 700W RAIDMAXXX SLI
Software winXP Pro
Benchmark Scores 17749 3DM06
#8
On windows systems I don't believe it is entirely possible to see someones passwords without cracking something. They can only change them.

If you haven't commited your computer to the domain, then they have no rights other than to see the data passed through. Joining the domain however gives them access that is susceptible to the network configuration and rights.
 
Joined
Mar 30, 2010
Messages
80
Likes
6
#9
AFAIK, with WPA2 the communication between the AP and your NIC is encrypted with a different set of keys then the other users, so even if other authenticated user is eavesdropping the wireless network they won't/shouldn't be able to decode/see your traffic/packets.
IT personnel should however be able to see the URLs of the pages you visit, if they have some kind of firewall logging.
Still, if you are afraid of someone stealing your passwords, login only on secure (HTTPS) websites.
So if someone else uses my login credentials to use the network, that session will be separate from my current session? What if I am currently offline and someone decides to use my login credentials acting as an imposter; do network logs take into account things like MAC addresses so that I have plausible deniability in case they try to do something illegal on my network account?
 
Joined
Nov 4, 2005
Messages
9,946
Likes
2,309
System Name MoFo 2
Processor AMD PhenomII 1100T @ 4.2Ghz
Motherboard Asus Crosshair IV
Cooling Swiftec 655 pump, Apogee GT,, MCR360mm Rad, 1/2 loop.
Memory 8GB DDR3-2133 @ 1900 8.9.9.24 1T
Video Card(s) HD7970 1250/1750
Storage Agility 3 SSD 6TB RAID 0 on RAID Card
Display(s) 46" 1080P Toshiba LCD
Case Rosewill R6A34-BK modded (thanks to MKmods)
Audio Device(s) ATI HDMI
Power Supply 750W PC Power & Cooling modded (thanks to MKmods)
Software A lot.
Benchmark Scores Its fast. Enough.
#10
Are we talking "rights" now, or real life?

This has nothing to do with even logging onto the domain, and everything to do with networking basics.
 
Joined
Oct 12, 2008
Messages
5,654
Likes
2,605
Location
στο άλφα έως ωμέγα
System Name Ha/AhHa/Dell
Processor QX9650 SLAWN C1/i7-980x/i7-6700K
Motherboard GA-X48_DS4 (F3B bios)/Gigabyte x58A-UDR3 v 2.0(modded FH bios)/Dell Foxconn 0XJ8C4 Z170
Cooling CNPS9900 LED/H60/ 3 pipe-center fan-air
Memory 8 Gig of G.Skill F2-8800CL5D/24 Gb Corsair Vengence/ 24Gb Samsung DDR4 2133
Video Card(s) Galaxy NVIDIA GeForce GTX 960/PowerColor R9 280/ASUS R9 380X Strix G1
Storage All have SSDs with HDDs for extra storage and backup/Dell-M.2 Samsung 850 EVO PCIe
Display(s) Asus 266H/Viewsonic 1080p/HP ZR24W
Case CM-690/CM-690 II adv/Dell 8900 series
Audio Device(s) All use on board (Realtek) w/2.1 speakers
Power Supply PC P&C 750/PC P&C Silencer 950/CM 700 Extreme
Mouse Logitech
Keyboard Logitech
Software Windows 10 Pro - 64 bit/Windows 10 Pro - 64bit/Windows 10 Pro - 64bit
#11
If, your laptop sends it encrypted/secured, then no, not unless they crack it. <-- this speaking of your passwords and data

And, if you are on someone's network, they have ability to see what you are doing and sending/receiving. (If they have any training or know what they are doing)
 
Joined
Mar 30, 2010
Messages
80
Likes
6
#12
Does a Windows login password help in this regard in any way? Or is that more for protection against local/physical unauthorized access?
 
Joined
Jul 21, 2008
Messages
4,434
Likes
1,050
Location
Clifton Park, NY
System Name [Uber Noober Setup]
Processor [i7 3770K]
Motherboard [MSI P67A-G45(B3)]
Memory [32GB Corsair Vengeance (8GBx4)]
Video Card(s) [EVGA GTX 1080]
Storage [128GB OCZ VTX4 SSD, 2TB Internal HDD]
Display(s) [2x 27" ASUS at 1920x1080p - 1x 34" Samsung at 1440p]
Case [Coolermaster CM 690]
Audio Device(s) [X-Fi XtremeGamer]
Power Supply [CORSAIR 850W]
Software [Windows 10 64-Bit]
#13
Does a Windows login password help in this regard in any way? Or is that more for protection against local/physical unauthorized access?
No... not at all

Use https sites and avoid using public networks.
 
Joined
Oct 12, 2008
Messages
5,654
Likes
2,605
Location
στο άλφα έως ωμέγα
System Name Ha/AhHa/Dell
Processor QX9650 SLAWN C1/i7-980x/i7-6700K
Motherboard GA-X48_DS4 (F3B bios)/Gigabyte x58A-UDR3 v 2.0(modded FH bios)/Dell Foxconn 0XJ8C4 Z170
Cooling CNPS9900 LED/H60/ 3 pipe-center fan-air
Memory 8 Gig of G.Skill F2-8800CL5D/24 Gb Corsair Vengence/ 24Gb Samsung DDR4 2133
Video Card(s) Galaxy NVIDIA GeForce GTX 960/PowerColor R9 280/ASUS R9 380X Strix G1
Storage All have SSDs with HDDs for extra storage and backup/Dell-M.2 Samsung 850 EVO PCIe
Display(s) Asus 266H/Viewsonic 1080p/HP ZR24W
Case CM-690/CM-690 II adv/Dell 8900 series
Audio Device(s) All use on board (Realtek) w/2.1 speakers
Power Supply PC P&C 750/PC P&C Silencer 950/CM 700 Extreme
Mouse Logitech
Keyboard Logitech
Software Windows 10 Pro - 64 bit/Windows 10 Pro - 64bit/Windows 10 Pro - 64bit
#14
Joined
Nov 4, 2005
Messages
9,946
Likes
2,309
System Name MoFo 2
Processor AMD PhenomII 1100T @ 4.2Ghz
Motherboard Asus Crosshair IV
Cooling Swiftec 655 pump, Apogee GT,, MCR360mm Rad, 1/2 loop.
Memory 8GB DDR3-2133 @ 1900 8.9.9.24 1T
Video Card(s) HD7970 1250/1750
Storage Agility 3 SSD 6TB RAID 0 on RAID Card
Display(s) 46" 1080P Toshiba LCD
Case Rosewill R6A34-BK modded (thanks to MKmods)
Audio Device(s) ATI HDMI
Power Supply 750W PC Power & Cooling modded (thanks to MKmods)
Software A lot.
Benchmark Scores Its fast. Enough.
#15
If, your laptop sends it encrypted/secured, then no, not unless they crack it. <-- this speaking of your passwords and data

And, if you are on someone's network, they have ability to see what you are doing and sending/receiving. (If they have any training or know what they are doing)
Does it remain encrypted after it his wire? Nope. Moot pint.
 
Joined
Feb 26, 2008
Messages
4,870
Likes
681
Location
Joplin, Mo
System Name Ultrabeast GX2
Processor Intel Core 2 Duo E8500 @ 4.0GHZ 24/7
Motherboard Gigabit P35-DS3L
Cooling Rosewill RX24, Dual Slot Vid, Fan control
Memory 2x1gb 1066mhz@850MHZ DDR2
Video Card(s) 9800GX2 @ 690/1040
Storage 750/250/250/200 all WD 7200
Display(s) 24" DCLCD 2ms 1200p
Case Apevia
Audio Device(s) 7.1 Digital on-board, 5.1 digital hooked up
Power Supply 700W RAIDMAXXX SLI
Software winXP Pro
Benchmark Scores 17749 3DM06
#16
Are we talking "rights" now, or real life?

This has nothing to do with even logging onto the domain, and everything to do with networking basics.
I would hope that the IT department isn't doing any "Real Life" cracking or they can kiss their career goodbye, possible with jailtime.

This could also happen regardless of if he is connected to their network, making the point irrelevant.

Also you are being very short with everyone on this topic. Had a bad day?
 
Joined
Nov 4, 2005
Messages
9,946
Likes
2,309
System Name MoFo 2
Processor AMD PhenomII 1100T @ 4.2Ghz
Motherboard Asus Crosshair IV
Cooling Swiftec 655 pump, Apogee GT,, MCR360mm Rad, 1/2 loop.
Memory 8GB DDR3-2133 @ 1900 8.9.9.24 1T
Video Card(s) HD7970 1250/1750
Storage Agility 3 SSD 6TB RAID 0 on RAID Card
Display(s) 46" 1080P Toshiba LCD
Case Rosewill R6A34-BK modded (thanks to MKmods)
Audio Device(s) ATI HDMI
Power Supply 750W PC Power & Cooling modded (thanks to MKmods)
Software A lot.
Benchmark Scores Its fast. Enough.
#17
Just ready to be home with my kids.


And trying to be to the point with information. He was asking about security within the IT department, and really they are the last piece of the puzzle. They could see everything before your information goes out the proverbial door.
 
Joined
Feb 26, 2008
Messages
4,870
Likes
681
Location
Joplin, Mo
System Name Ultrabeast GX2
Processor Intel Core 2 Duo E8500 @ 4.0GHZ 24/7
Motherboard Gigabit P35-DS3L
Cooling Rosewill RX24, Dual Slot Vid, Fan control
Memory 2x1gb 1066mhz@850MHZ DDR2
Video Card(s) 9800GX2 @ 690/1040
Storage 750/250/250/200 all WD 7200
Display(s) 24" DCLCD 2ms 1200p
Case Apevia
Audio Device(s) 7.1 Digital on-board, 5.1 digital hooked up
Power Supply 700W RAIDMAXXX SLI
Software winXP Pro
Benchmark Scores 17749 3DM06
#18
Just ready to be home with my kids.


And trying to be to the point with information. He was asking about security within the IT department, and really they are the last piece of the puzzle. They could see everything before your information goes out the proverbial door.
Best to assume any information is available when running through another network, that is for sure.
 

brandonwh64

Addicted to Bacon and StarCrunches!!!
Joined
Sep 6, 2009
Messages
19,515
Likes
6,936
Location
Chatsworth, GA
System Name The StarCrunch Defender! | X58 Cruncher!
Processor I7 6700K @ STOCK | Intel I7-920
Motherboard Gigabyte Z170X-UD5 | Alienware MS-7543 X58
Cooling Corsair A70 Push/Pull | Corsair H50
Memory Crucial Ballistix DDR4 2400 MHz | Pereema 3x2GB DDR3
Video Card(s) Gigabyte Gaming G1 GTX 1070 | Gigabyte 7970 3GB
Storage 2x Samsung Pro 256GB M.2 SSD's in Raid 0 | 4TB Western Digital SATA drive
Display(s) ViewSonic VG2227wm 1080P | OLD viewsonics
Case NZXT Tempest 410 Elite | NZXT Source 210
Audio Device(s) Onboard
Power Supply Corsair 750TX | Enermax Liberty 500W
Mouse MX518 | MX502
Keyboard TESORO Mechanical | ANZO Mechanical
Software Windows 10 Pro on both
#19
IT departments own the network and most things that connect to it so they really can do whatever they want to monitor it. I don't see them creating a whole domain and put blind folds on.
 
Joined
Nov 4, 2005
Messages
9,946
Likes
2,309
System Name MoFo 2
Processor AMD PhenomII 1100T @ 4.2Ghz
Motherboard Asus Crosshair IV
Cooling Swiftec 655 pump, Apogee GT,, MCR360mm Rad, 1/2 loop.
Memory 8GB DDR3-2133 @ 1900 8.9.9.24 1T
Video Card(s) HD7970 1250/1750
Storage Agility 3 SSD 6TB RAID 0 on RAID Card
Display(s) 46" 1080P Toshiba LCD
Case Rosewill R6A34-BK modded (thanks to MKmods)
Audio Device(s) ATI HDMI
Power Supply 750W PC Power & Cooling modded (thanks to MKmods)
Software A lot.
Benchmark Scores Its fast. Enough.
#20
Just another reason the internet should remain private give the government a challenge like reading all the data on the net, and put them in strategic locations like backbone, or entry point and your freedom isn't so free anymore. At least with multiple competing companies they should be focused on customer satisfaction and not customer snooping. Not that it hasn't happened int he past.


SA had a stooge run a redirect from the hosting company.
 
Joined
Oct 12, 2008
Messages
5,654
Likes
2,605
Location
στο άλφα έως ωμέγα
System Name Ha/AhHa/Dell
Processor QX9650 SLAWN C1/i7-980x/i7-6700K
Motherboard GA-X48_DS4 (F3B bios)/Gigabyte x58A-UDR3 v 2.0(modded FH bios)/Dell Foxconn 0XJ8C4 Z170
Cooling CNPS9900 LED/H60/ 3 pipe-center fan-air
Memory 8 Gig of G.Skill F2-8800CL5D/24 Gb Corsair Vengence/ 24Gb Samsung DDR4 2133
Video Card(s) Galaxy NVIDIA GeForce GTX 960/PowerColor R9 280/ASUS R9 380X Strix G1
Storage All have SSDs with HDDs for extra storage and backup/Dell-M.2 Samsung 850 EVO PCIe
Display(s) Asus 266H/Viewsonic 1080p/HP ZR24W
Case CM-690/CM-690 II adv/Dell 8900 series
Audio Device(s) All use on board (Realtek) w/2.1 speakers
Power Supply PC P&C 750/PC P&C Silencer 950/CM 700 Extreme
Mouse Logitech
Keyboard Logitech
Software Windows 10 Pro - 64 bit/Windows 10 Pro - 64bit/Windows 10 Pro - 64bit
#21
Does it remain encrypted after it his wire? Nope. Moot pint.
Not my point, here.

My point was to the OP, as, he thought someone was possibly signing on GMail with his info.
Gmail has the 2-step verification, so if it was not him the person or persons doing this would not be able to sign into his GMail.
 
Joined
Nov 4, 2005
Messages
9,946
Likes
2,309
System Name MoFo 2
Processor AMD PhenomII 1100T @ 4.2Ghz
Motherboard Asus Crosshair IV
Cooling Swiftec 655 pump, Apogee GT,, MCR360mm Rad, 1/2 loop.
Memory 8GB DDR3-2133 @ 1900 8.9.9.24 1T
Video Card(s) HD7970 1250/1750
Storage Agility 3 SSD 6TB RAID 0 on RAID Card
Display(s) 46" 1080P Toshiba LCD
Case Rosewill R6A34-BK modded (thanks to MKmods)
Audio Device(s) ATI HDMI
Power Supply 750W PC Power & Cooling modded (thanks to MKmods)
Software A lot.
Benchmark Scores Its fast. Enough.
#22
Joined
Oct 12, 2008
Messages
5,654
Likes
2,605
Location
στο άλφα έως ωμέγα
System Name Ha/AhHa/Dell
Processor QX9650 SLAWN C1/i7-980x/i7-6700K
Motherboard GA-X48_DS4 (F3B bios)/Gigabyte x58A-UDR3 v 2.0(modded FH bios)/Dell Foxconn 0XJ8C4 Z170
Cooling CNPS9900 LED/H60/ 3 pipe-center fan-air
Memory 8 Gig of G.Skill F2-8800CL5D/24 Gb Corsair Vengence/ 24Gb Samsung DDR4 2133
Video Card(s) Galaxy NVIDIA GeForce GTX 960/PowerColor R9 280/ASUS R9 380X Strix G1
Storage All have SSDs with HDDs for extra storage and backup/Dell-M.2 Samsung 850 EVO PCIe
Display(s) Asus 266H/Viewsonic 1080p/HP ZR24W
Case CM-690/CM-690 II adv/Dell 8900 series
Audio Device(s) All use on board (Realtek) w/2.1 speakers
Power Supply PC P&C 750/PC P&C Silencer 950/CM 700 Extreme
Mouse Logitech
Keyboard Logitech
Software Windows 10 Pro - 64 bit/Windows 10 Pro - 64bit/Windows 10 Pro - 64bit
#23
http://en.wikipedia.org/wiki/Man-in-the-middle_attack

Would it matter if they had all of his information?
Unless, they clone his phones, too.


EDIT:

Quoted from Gmail 2-step verification:
Why you should use 2-step verification

2-step verification drastically reduces the chances of having the personal information in your Google account stolen by someone else. Why? Because hackers would have to not only get your password and your username, they'd have to get a hold of your phone.
 
Joined
Nov 4, 2005
Messages
9,946
Likes
2,309
System Name MoFo 2
Processor AMD PhenomII 1100T @ 4.2Ghz
Motherboard Asus Crosshair IV
Cooling Swiftec 655 pump, Apogee GT,, MCR360mm Rad, 1/2 loop.
Memory 8GB DDR3-2133 @ 1900 8.9.9.24 1T
Video Card(s) HD7970 1250/1750
Storage Agility 3 SSD 6TB RAID 0 on RAID Card
Display(s) 46" 1080P Toshiba LCD
Case Rosewill R6A34-BK modded (thanks to MKmods)
Audio Device(s) ATI HDMI
Power Supply 750W PC Power & Cooling modded (thanks to MKmods)
Software A lot.
Benchmark Scores Its fast. Enough.
#24
Most likely not worth it, unless they were bored and the phone was connected to the network also to receive the message.
 

temp02

New Member
Joined
Mar 18, 2009
Messages
493
Likes
165
#25
So if someone else uses my login credentials to use the network, that session will be separate from my current session? What if I am currently offline and someone decides to use my login credentials acting as an imposter; do network logs take into account things like MAC addresses so that I have plausible deniability in case they try to do something illegal on my network account?
One thing is your network login credentials, other thing is your other/websites login credentials, even if someone has your network login details they won't be able to eavesdrop your session. But why would anyone else have your network login details (I mean besides the IT personnel)? IT personnel won't do any "wrong stuff" with your network account (why would they?), so no need for any "plausible deniability", also it is your "job" to keep your network access details a secret.