How to detect computer & email monitoring or spying software如何检测电脑与电子邮件监测或间谍软件

Posted on August 16, 2007 at 1:46 pm张贴于2007年8月16日在下午1点46分

Welcome to Online Tech Tips , a great resource for computer tutorials, technology news, software reviews, and personal computing tips.欢迎网上高新技术小费,丰厚的资源,计算机技术指南,科技新闻,软件审查,以及个人电脑的提示。 If you're new here and you like the content, you can subscribe to my如果你是来这里和你喜欢的内容,你可以订阅我的 RSS feed rss的饲料 to get daily tips.获得每日小费。 Thanks for visiting!感谢来访!

As an IT Pro, I routinely monitor employee’s computers and emails.作为它亲,我照例监控员工的电脑和电子邮件。 It’s essential in a work environment for administrative purposes as well as for security.它的必不可少的工作环境,为行政目的,也为安全。 Monitoring email, for example, allows you to block attachments that could contain a virus or spyware.监视电子邮件,例如,可以让您座附件可能包含病毒或间谍软件。 The only time I have to connect to a user’s computer and do work on directly their computer is to fix a problem.唯一一次我连接到用户的计算机上做工作,就直接自己的电脑是要确定一个问题。

However, if you feel that you are being monitored when you shouldn’t be, there are a few little tricks you can use to determine if you’re right.不过,如果你觉得你都受到严密监控的时候,你不应该,有几个小动作,你可以使用,以确定如果你是对的。 First off, to monitor someone’s computer means that they someone can watch everything that you are doing on your computer in real time.首先,以监测某人的电脑,就是他们有人能收看的一切,你这样做对你的计算机中的实时性。 Blocking porn sites, removing attachments or blocking spam before it gets to your Inbox, etc is not really monitoring, it’s more like filtering.阻挡色情网站,清除附着或阻止垃圾邮件之前到达你的收件箱等,是不是真的监测,它更像过滤。

Computer Monitoring计算机监控

So now, if you still think someone is spying on you, here’s what you can do!所以现在,如果你仍然觉得有人在监视你,这里的是什么,你可以做! The good thing right now is that neither Windows XP SP2 nor Windows Vista support multiple concurrent connections while someone is logged into the console (there is a hack for this, but I would not worry about).本是一件好事,现在就是谁也不肯windows xp sp2中,也没有了windows vista支持多个并发连接,而有人登录到控制台(有一个御用这一点,但我不会担心) 。 What this means is that if you’re logged into your XP or Vista computer (like you are now if you’re reading this), and someone were to connect to it using the BUILT-IN REMOTE DESKTOP feature of Windows, your screen would become locked and it would tell tell you who is connected.这意味的是,如果你登录到你的xp或vista的电脑(像你现在,如果你读这个) ,并有人被连接到它使用内置在远程桌面的特色窗口,你的屏幕会成为上锁,它会告诉告诉你,谁是相关连的。

So why is that useful?那么为什么这是有用吗? It’s useful because it means that in order for someone to connect to YOUR session without you noticing or your screen being taken over, they have use third-party software and it’s a lot easier to detect third-party software than a normal process in Windows.它的有用,因为这意味着为了让别人连接到你的会议没有你看见或你的屏幕被接管,他们使用第三方软件,它的很多容易察觉第三方软件比正常过程在窗口。

So now we’re looking for third-party software, which is usually referred to as remote control software or virtual network computing (VNC) software.所以现在我们正在寻找第三方软件,这是通常被人们称为远程控制软件或虚拟网络计算( vnc的)软件。 First, the easy thing to do is to simply check in your Start Menu All Programs and check whether or not something like VNC, RealVNC, TightVNC, UltraVNC, LogMeIn, GoToMyPC, etc is installed.首先,最简单的做法,就是简单地检查你的开始菜单所有程序,并检查是否有不一样的东西的vnc , realvnc , tightvnc , ultravnc , logmein , gotomypc ,等安装使用。 A lot of times IT people are sloppy and figure that a normal user won’t know what a piece of software is and will simply ignore it.很多时候人们都马虎和图说,正常的用户不会知道什么是一块软件,并会干脆不理它。 If any of those programs are installed, then someone can connect to your computer without you knowing it as long as the program is running in the background as a Windows service.如果有的话,这些节目都装设了,然后有人能连接到你的电脑没有你在不知不觉中,只要程序是运行在后台作为一个窗口服务。

That brings us to the second point.这使我们考虑到第二点。 Usually, if one of the above listed programs are installed, there will be an icon for it in the task bar because it needs to be constantly running to work.一般情况下,如果其中一个以上的上市程序安装完成后,将有一个图标在任务栏上,因为它需要长期不断运行工作。

Check all of your icons (even the hidden ones) and see what is running. 检查您所有的图标(即使是隐藏的) ,看看什么是运行。 If you find something you’ve not heard of, do a quick Google search to see what pops up. 如果你发现有些事你还没有听说,做快速谷歌搜索,看看有什么持久性有机污染物。 It’s usually quite hard to remove something from the taskbar, so if there is something installed to monitor your computer, it should be there. 它的通常是相当难以消除的东西,从任务栏,因此,如果是安装监控你的计算机后,就应该在这里。

However, if someone really sneaky installed it and nothing shows up there, you can try another way.不过,如果有人真的偷偷摸摸安装了它,并没有显示出在那里,你可以尝试另一种方式表达。 Again, because these are third-party apps, they have to connect to Windows XP or Vista on different communication ports.再次,因为这些是第三党的应用程序,他们必须连接到windows xp或vista中对不同的通信端口。 Ports are simply a virtual data connection by which computers share information directly.港口仅仅是一种虚拟的数据连接,其中计算机信息共享,直接。 As you may already know, XP and Vista come with a built-in Firewall that blocks many of the incoming ports for security reasons.正如你可能已经知道, xp和境界来与内建防火墙以阻止许多来袭的港口出于安全原因。 If you’re not running an FTP site, why should your port 23 be open, right?如果你没有运行一个ftp网站,为什么要你的港口23个,开放,对不对?

So in order for these third-party apps to connect to your computer, they must come through a port, which has to be open on your computer.所以为了使这些第三方当事人的程序,以连接到你的电脑,他们都必须通过一个港口,它已被打开你的电脑。 You can check all the open ports by going to Start , Control Panel , and Windows Firewall .你可以检查所有开放口岸,由即将开局, 控制面板及 windows 防火墙

Click on the Exceptions tab and you’ll see see a list of programs with check boxes next to them.点击例外情况统计表,你会看到看到一个程序列表与复选框下次给他们。 The ones that are checked are “open” and the unchecked or unlisted ones are “closed”.那些查票,是"开放式"和未经检验或上市的是"封闭式" 。 Go through the list and see if there is a program you’re not familiar with or that matches VNC, remote control, etc. If so, you can block the program by un-checking the box for it!经过名单,并看看是否有纲要,是你不熟悉,或者比赛的vnc ,远程控制等,如果是的话,您可以阻止该计划由联合国检查箱!

The only other way I can think of to see if someone is connected to your computer is to see if there are any processes running under a different name!只有这样我可以想到的,看看,如果有人连接到你的计算机,看看是否有任何进程运行在一个不同的名字! If you go to the Windows Task Manager (press Cntr + Shift + Esc together) and go to the Processes tab, you’ll see a column titled User Name .如果你到了windows任务管理器(按下cntr +转移+人事编制小组委员会一起) ,深入到进程选项卡,你就会看到有一栏名为用户名。

Scroll through all the processes and you should only see your user name, Local Service, Network Service, and System. 涡旋通过所有过程,你应该只看到自己的用户名,本地服务,网络服务和系统。 Anything else means someone is logged into the computer! 什么都意味着有人登录到电脑!

Email & Web Site Monitoring电子邮件及网站监测

To check whether your email is being monitored is quite simple.检查是否您的电子邮件正在受到监测,是很简单。 Always, when you send an email from Outlook or some email client on your computer, it has to connect to the email server.以往,当您发送电子邮件,从outlook或一些电子邮件客户端对您的计算机,它连接到电子邮件服务器。 Now it can either connect directly or it can connect through what is called a proxy server, which takes a request, alters or checks it, and forwards it on to another server.现在,它可以直接连接,也可以连接,通过一种被称为代理服务器,其中包括请求,而改变或检查工作,并转交到另一个服务器。

If you’re going through a proxy server for email or web browsing, than the web sites you access or the emails you write can be saved and viewed later on.如果你正在经历一个代理服务器收发电子邮件或浏览网页,比网站您进入或电子邮件,你写可以储存和观看稍后。 You can check for both and here’s how.你可以检查都和这里的如何。 For IE, go to Tools , then Internet Options .为即去的工具,然后在互联网上的选择。 Click on the Connections tab and choose LAN Settings .点击连接选项卡上,选择局域网设置。

If the Proxy Server box is checked and it has a local IP address with a port number, then that means you’re going through a local server first before it reaches the web server. 如果代理服务器箱检查,并有一个本地ip地址与端口号,那么,这意味着你正在经历一个本地服务器先到达网络服务器。 This means that any web site you visit first goes through another server running some kind of software that either blocks the address or simply logs it. 这意味着任何一个网站,请浏览第一是通过另一个服务器运行某种软件,无论是大厦的地址或干脆原木。

For your email, you’re checking for the same thing, a local IP address for the POP and SMTP mail servers.为你的电子邮件地址,你查是同一回事,而本地ip地址为流行和smtp邮件服务器。 To check in Outlook, go to Tools , Email Accounts , and click Change or Properties, and find the values for POP and SMTP server.办理登机手续的视野,去工具,电子邮件帐号 ,并单击更改或性能,并找出价值为流行和smtp服务器。

If you’re working in a big corporate environment, it’s more than likely that the Internet and email are being monitored.如果你的工作在一个大型企业环境中,它的多可能认为,互联网和电子邮件都受到严密监控。 You should always be careful in writing emails or browsing web sites while at the office.你应该总是小心,以书面或电子邮件,浏览网站,而在办公室。 Trying to break through the security also might get you in trouble if they find out you bypassed their systems!试图冲破保安,也可能得到你的麻烦,如果他们发现你绕过他们的系统! IT people don’t like that, I can tell you from experience!它的人不喜欢这样,我可以告诉你,从经验!

Technorati Tags: technorati的标签: , , , ,


Bookmark, Share or Email this article. 书签,分享或电邮这篇文章。

If you enjoyed this post, make sure you 如果你享受这个职位时,要确保你 subscribe to my RSS feed 订阅我的rss饲料 !

» Filed Under »存档下 Computer Tips电脑贴士

Related Posts相关职位

17 Responses to “How to detect computer & email monitoring or spying software” 17反应, "如何检测电脑与电子邮件监测或间谍软件"

  1. John Kinas said on : 约翰kinas说: August 17th, 2007 at 10:47 am 2007年8月17日在上午10时47分

    Good review of the more intrusive monitoring methods, but it just scratches the surface.良好的审查更侵扰监测方法,但它只是擦伤表面。 Medium and large organizations typically have all the tools they need to perform very thorough monitoring of web and email traffic without ever touching or directly connecting to your computer because they control firewalls and routers through which internet traffic must pass.中型及大型机构通常拥有的一切工具,他们还需要执行非常彻底的监测网站及电邮的交通从来没有触摸或直接连接到您的电脑,因为他们控制了防火墙和路由器,通过它在互联网上的交通一定要通过。 Not to increase the paranoia level of your readers, but I would advise everyone who works in a large or medium-sized organizaton to carefully read the organization’s internet use policy.不增加偏执的程度你的读者,但我想提醒大家谁工程中的大型或中型的组织工作要仔细阅读该组织的互联网使用政策。 Most corporate internet use policies explicitly warn that employees that they have no reasonable expectation of privacy when using corporate IT resources and that any computer use may be monitored.大多数企业使用因特网的政策明确警告说,员工表示,他们并无合理期望隐私当使用企业信息资源,而且,任何使用电脑,可进行监测。 As the information security officer for a medium-sized organization, I would advise readers to assume that all activities may be monitored and act accordingly.作为信息安全官的一个中等规模的组织,我想提醒读者,假设所有活动可监测,并据此采取行动。 Wait until you’re on your home system before emailing or browsing to anything you would prefer not to explain to your boss.等到你对你的家居系统之前,发电子邮件或上网,以什么,你宁愿不解释给你的老板。


  2. akishore said on : akishore说: August 17th, 2007 at 10:52 am 2007年8月17日在上午10时52分

    Hi John,喜庄,

    Good point.好一点。 I wanted to make it clear though that I was trying to focus more on someone actually connecting to your computer terminal and watching everything on your screen as you do it, as opposed to simply capturing all the data that comes out of your computer (email, web sites, etc).我想要要说清楚,但我想更多地集中于有人实际上连接到您的电脑终端,并观看了一切,在你的屏幕上,因为你这样做,作为反对简单地捕捉所有的数据出来你的计算机(电子邮件,网站等) 。

    Definitely, there is really now way to get around web and email monitoring at a large or medium sized company, they have way too many checks in place, but usually no one really connects to an employees computer and watches what they are doing.肯定,的确是现在的方式加以回避,网站及电邮设置监测点,大型或中型公司,他们的方法太多了检查不到位,但往往没有人真正连接到一个员工的电脑和手表,自己在做什么。


  3. Cidinho said on : cidinho说: August 17th, 2007 at 11:54 am 2007年8月17日在上午11时54分

    If you bypass the monitoring, be careful, cause the first thing they’ll think is that you are covering something bad you’ve done…如果你绕过监管,要小心,我们的事业,第一件事,他们会认为是你涵盖坏事,你已经做了… …


  4. Tom Morris 汤姆莫里斯 said on : 说: August 17th, 2007 at 12:12 pm 2007年8月17日在下午12时12分

    Absolutely mirror the first comment.绝对是一面镜子首次发表评论。 Personally, I’m trying as hard as possible to setup things like SSH tunneling out of unfriendly corporate and educational networks.我个人来说,我尝试努力,尽可能设置的东西一样的ssh掘进出不友好的企业和教育网络。 Encryption is another important component.加密是另一个重要的组成部分。


  5. Bill said on : 草案说: August 18th, 2007 at 8:38 am 2007年8月18日在上午8点38分

    Thanks for the information, it was helpful.感谢信息,它是有益的。 But what about Teredo being selected under LAN Settings/Services?但对于teredo被选为下局域网设置/服务? Is that necessary?是必要的吗?


  6. greg burkman said on : greg burkman说: August 18th, 2007 at 9:39 am 2007年8月18日在上午09时39分

    Any advice for those of us on a Mac?任何意见,对我们这些对陆委会?

    I’m trying as hard as possible to get some movies edited.我试图努力可能得到一些影片剪辑。


  7. Mestizo 混血 said on : 说: August 19th, 2007 at 10:59 pm 2007年8月19日在下午10时59分

    “If you’re not running an FTP site, why should your port 23 be open, right?” "如果你没有运行一个ftp网站,为什么要你的港口23个,开放,对不对? "

    Correction.更正。 FTP is port 21.. ftp的端口是21 .. Telnet is port 23. telnet的是港口23 。


  8. freak3dot said on : freak3dot说: August 21st, 2007 at 11:22 am 2007年8月21日在上午11时22分

    I had an IT guy just think that I tried to bypass webmonitoring once and he was not happy.我有这家伙只是觉得我试图绕过webmonitoring曾经和他不开心。 BTW, don’t use putty to SSH into your computer at home.的btw ,不要用腻子来的ssh到你的电脑在家中。 SSH can also be used to tunnel through proxy servers, which is what I was accused of. ssh的也可以被用来通过隧道代理服务器,这正是我被指控。

    freak3dot


  9. Tom 汤姆 said on : 说: September 2nd, 2007 at 3:22 am 2007年9月2日在上午03时22分

    Wanted to say thank you.想说的话,谢谢。 I was able to track a remote vnc on my computer thanks to you.我能跟踪一个偏僻的vnc对我的电脑感谢你。 I thought my friend was monitoring me it turned out to be true.我以为我的朋友被监控我,原来是真的。 I now know he was watching me in real time.现在我知道,他是看着我的实时性。 Also HE is more than likely a reason I was canned from my job.此外,他较有可能是因为我是罐头,从我的工作。 I confronted him but claims I’m paranoid. i面对他,但索赔的,我偏执。 I have saved your info for future reference and will advise all my friends of your info.我已节省了你的信息,供日后参考,并会提醒我所有的朋友,你的信息。 I think you should write more stuff on administration passwords/guest users on one’s computer.我认为你应该多写东西了,政府当局密码/住客用户对一个人的电脑。 You see we get friends to do installs we don’t know what they are doing.你看我们的朋友做安装,我们不知道自己在做什么。

    Thanks感谢


  10. simonje said on : simonje说: September 8th, 2007 at 5:36 am 2007年9月8日,在上午05时36分

    Haha. haha 。 Information is good but if really care about security would you not use Microsoft in first place?信息是好的,但如果真正关心安全,你不使用微软摆在首位? Thanks to it darkhats have so many zombie networks now need GUI tools to manage huge supercomputer clusters!感谢它darkhats有这么多的僵尸网络,现在需要贵工具,以管理庞大的超级计算机集群! Trojans have not handy system tray clues either!木马有没有轻便的系统托盘线索! Anyway even Sony can install root kits now ok.无论如何,索尼,甚至可以安装根套,现在好。

    At work, microsoft has tools for your admin to watch and control the PC quietly (and remember also NSA backdoor still).在工作中,微软的工具,你的管理员来观看和控制个人电脑悄悄地(也请记得美国国家安全局的后门仍) 。 Your work neighbor can just look over the shoulder.你的工作,邻居可以只看超过肩膀。

    At home, aircrack your wireless keys in 10 mins - some longer for WPA.在家里, aircrack您的无线钥匙在10分钟-一些更长的湿法磷酸。 Swap your router ESSID for mine and I can sniff all you p0rn traffic and bank account from my car!换你的路由器essid矿井,我可以嗅出你p0rn交通和银行账号,从我的车!

    Even if you not connected to network monitor can be read thru a wall.即使你没有连接到网络监控,可以通读墙上。

    Best thing is not to worry and be just good boy and girls.最好的一点是不用担心,只是好男孩和女孩。


  11. merv 谢弗 said on : 说: September 12th, 2007 at 7:14 pm 2007年9月12日在下午7点14分

    Quick facts.快速事实。 1 - Wrote a kind of story 10 years ago and due to approach to give evidence at the Cole Inquirey into the AWB in Australia 12 months ago, decided to get the story out. 1 -写了一种故事, 1 0年前,由于办法提供证据,在科尔i nquirey到澳洲小麦在澳大利亚1 2个月前,决定去的故事。 2 - Techno mate of mine threw up this website for me and after 6 months pulled most of the content off due to approach by production company to put it into print and also do a doco. 2 -技术交配矿山投掷了这个网站,我和6个月后退出大部分的内容发生过因做法,由制作公司把它变成打印,也做了d oco。 3 - Problem was I had 2,500 people on my mailing list by then, so I’ve left up a few pages until everything comes out in December. 3 -问题是,我有2 500人,对我的邮件列表上,然后,所以,我已经离开了几页,直到一切都将出来,在1 2月。 BIG POINT number 4 - My office computer, home computer, laptop and even phones have been causing me grief.大点第4号-我的办公室电脑,在家用电脑,笔记本电脑和手机,甚至已经造成了我的悲痛。 My ip account shows uploads of 300 + meg a day, when I average 2 meg.我的户口显示上传300 +梅格一天,当我平均2梅格。 I’ve cleaned them all out twice.我已经清理,他们都出了两次。 5 - I use visual route to trace site hits now and then, and a literally get 30 a day from big brother - which is fascinating in itself. 5 -我用视觉路线追查网站创现在,然后,一个从字面上得到3 0日从老大哥-这是迷人的形象。 I never placed all content on the net, but backraces are revealing knowledge of material obviously sucked off my computers.我从来不把所有的内容都对净,但backraces是揭示知识的材料,显然吸过我的电脑。 5 - lately the Chinese are really hitting the site a lot. 5 -近来,中国人真的打到工地很多。

    I really think these guys can just bypass any damn firewall they like.我真的觉得这些家伙就可以绕过任何妈防火墙,他们喜欢。 NSA chip or not.国家安全局的芯片或不是。


  12. brady said on : 布雷迪说: September 21st, 2007 at 8:44 pm 2007年9月21日在下午8时44分

    port 23 is not ftp, it’s telnet.港口23个,是不是ftp的,它的远程登录。 : )


    Pingbacks pingbacks
  1. links for 2007-08-18 « geek notes 联系,为2007年8月18日«奇客笔记 Says: 内容为:

    […] How to detect computer & email monitoring or spying software Worried Big Brother is watching? [ … … ]如何检测电脑与电子邮件监测或间谍软件的担心老大哥在看着呢? The Computer Tips From a Computer Guy weblog outlines several steps you can take to make sure your employer (or anyone else) isn’t watching you while you work.电脑提示可以从电脑上家伙的weblog列出了几项步骤,你可以考虑,以确保你的雇主(或其他人) ,是不是在关注着你们,而你们的工作。 (tags: tips security) […] (标签:小贴士保安) [ … … ]

    August 18th, 2007 at 3:42 am 2007年8月18日在上午03时42分
    2. Pingbacks pingbacks
  2. links for 2007-08-19 « The Uncanny Valley 联系,为2007年8月19日«了不可思议谷 Says: 内容为:

    […] How to detect computer & email monitoring or spying software Good to know for work environments. [ … … ]如何检测电脑与电子邮件监测或间谍软件好知道工作环境。 (tags: howto career security) […] (标签:指南职业安全) [ … … ]

    August 18th, 2007 at 11:30 pm 2007年8月18日在下午11时30分
    3. Pingbacks pingbacks
  3. Steve Miller’s Web Sites of Interest » links for 2007-08-20 史蒂夫米勒的网站感兴趣»联系,为2007年8月20日 Says: 内容为:

    […] How to detect computer & email monitoring or spying software (tags: computer hacks hacker hacking security) […] [ … … ]如何检测电脑与电子邮件监测或间谍软件(标签:计算机黑客黑客黑客安全) [ … … ]

    August 19th, 2007 at 10:23 pm 2007年8月19日在下午10时23分
    4. Pingbacks pingbacks
  4. Monday Morning Links Serving: The August 20th Edition | [Geeks Are Sexy] Technology News 周一上午链接服务: 8月20日版| [同好都是性感]科技新闻 Says: 内容为:

    […] -How to detect computer & email monitoring or spying software “However, if you feel that you are being monitored when you shouldn’t be, there are a few little tricks you can use to determine if you’re right.” […] [ … … ] -如何检测电脑与电子邮件监测或间谍软件" ,但是,如果你觉得你都受到严密监控的时候,你不应该,有几个小动作,你可以使用,以确定如果你"的规定。 [ … … ]

    August 20th, 2007 at 4:44 am 2007年8月20日在上午04时44分
    5. Pingbacks pingbacks
  5. 5 ways to increase Internet traffic to your blog or web site 五日如何增加网络流量,以你的博客或网站 Says: 内容为:

    […] site, I was able to get well over 50 backlinks. [ … … ]站点,我可以获得远远超过50 backlinks 。 Of course, I had to write something good, such as how to detect if someone is spying on you and how to create a locked folder in XP, but it really paid off!当然,我曾写了一些很好的,例如,如何检测,如果有人要刺探你和如何创造一个上锁的文件夹在xp的,但它确实支付了! If you’re not a tech blog, […]如果你不是一个技术博客, [ … … ]

    September 3rd, 2007 at 12:45 am 2007年9月3日在上午12时45分
Please post your comments/suggestions!请后,你的意见/建议!