[Kugatsu]

Hi, I'm a new member, if I'm writing to wrong section, please move it. And my native language is not English, please let me know if I can't describe something thoroughly.

Here is my problem: I think my PC is being monitored. Though its just a doubt I still want to be sure. I read a lot of things about monitoring on web, but I couldn't get an exact answer. I think there are a few ways to monitor a PC.

I read that if there is trojans or malwares etc. in my computer, my passwords can be stolen. How can i be sure if there is anything like this in my computer?

I don't think I'm being watched with some kinda device(not sure if its called device) that is attached to my computer. Because I think I'd notice that. But if there is a device, how can I know that?

Thats kinda complicated for me to explain, please tell me if you don't understand what I'm saying . There is a router in my house and 4-5 laptops are connected to it. I mean, no computer is directly connected to internet cable, we connect from the same network, we share the connection. Sorry I don't know what that is called in English, perhaps "wireless". So, is it possible to watch any of the laptops because we share the same connection? I read that the admin computer can watch the other computers. But couldn't get what that means. Please explain to me . And which one is the admin computer since there arent any laptops which are directly connected to router/cable.

I'm not sure it its the right thread to ask this(because its not about monitoring) but anyway... I live in flat and our neighbors can see our network connection from their computer. But they need to know the password to connect our network. If someone gets the password somehow, and uses our network, how can I understand that?

I read there are lots of monitoring programmes, Spytech for example. How does they work? It must be downloaded to the PC you want to monitor right? If that sorta programmes are downloaded to my PC how can I notice that?

And lastly, if someone knows my IP address, can he/she watch my computer? I read that there are programmes about it. You download it and write someones IP address and then you can monitor his/her computer. But that sounded a bit weird to me, is it true or not?

By the way I'm using "Windows Vista Home Premium", not sure if that info is needed though.

[calvin-c]

The short answer is, you can't be certain. It's technically possible to someone to monitor, from a short distance, the electronic emissions produced by your PC & decode them to determine what you're doing. It's not all that likely, but it prevents you from being absolutely certain. Ignoring this type of monitoring though, your question(s) involve different aspects to monitoring.

Anything you send to or receive from the Internet can be captured. Whether or not it can be decoded depends on who captures it. Anything you send wirelessly, whether it goes to the Internet or not, can also be captured-with the same proviso that whether or not it can be decoded depends on who captures it & how much resource they're willing to devote to decoding it.

The final aspect is monitoring the internal PC operations, like writing a Word document. That requires monitoring software to be installed on your PC (or the emissions monitoring mentioned above) and your best bet to detect that is to follow the advice in the stickies on this forum. Good luck.

[lunarlander]

Most monitoring programs can/should be classified as spyware. And an anti-spyware program should detect them. Spyware includes keyloggers and screen-scrapers.

Hardware devices for keylogging exists, the ones I know of involves plugging it between your PC and your keyboard. So just look behind the PC and you should see them.

If you have a wireless network, then you have to setup your router to use WPA2 encryption to defeat people listening to network traffic as they pass thru air.

I don't know where you got the idea that there is an admin computer; I know of no such thing. Any computer can listen in on wireless traffic with the right program, unless you use WPA2. Perhaps you were reading about networks that has a domain-controller-server computer. But that most likely doesn't apply to you unless you are in an office environment.

If your neighbor obtains your password to the WPA2 setting on the router, then they can connect to your network and use it to connect to the internet, using up your allotted bandwidth. They can probably capture and decipher your network traffic.

The best way to know if spyware is on your computer is to use anti-spyware programs. I like Webroot Spysweeper, but it is not free.

Man-in-the-middle attacks can allow monitoring your network traffic. But that is mostly done when you have a wired ethernet network. One way of doing mitm attack is to fool your PC into believing that some other PC is the router, so that all traffic to the router is redirected to the attacker's PC. But you say you have wireless, so, the attacker only needs a program to listen on traffic as it flows through the air.

[Irukku]

As for your local wireless network, one can only have access to your machine if he has your Windows local admin password and if your sharing resources are enabled. There's no such a thing as a centralized local network administrator unless you're in a Domain. The fact that your computers are, in a way, locally connected does not mean your machine is open to everyone. If you have had someone else mess with your computer's configuration it's possible he's got such access, but well, if you have someone else administer your personal machine that should not be surprising.

[Kugatsu]

Quote:

Originally Posted by calvin-c

Anything you send to or receive from the Internet can be captured. Whether or not it can be decoded depends on who captures it. Anything you send wirelessly, whether it goes to the Internet or not, can also be captured-with the same proviso that whether or not it can be decoded depends on who captures it & how much resource they're willing to devote to decoding it.

If I'm not wrong, you're talking about a painful way of capturing data. I don't think anyone near me would waste time for that kinda thing. Of course if my neighbors are not psycho.

Quote:

Originally Posted by calvin-c

The final aspect is monitoring the internal PC operations, like writing a Word document. That requires monitoring software to be installed on your PC (or the emissions monitoring mentioned above) and your best bet to detect that is to follow the advice in the stickies on this forum. Good luck.

Sorry but what is "stickies"? And thanks a lot for the reply.

Quote:

Originally Posted by lunarlander

Most monitoring programs can/should be classified as spyware. And an anti-spyware program should detect them. Spyware includes keyloggers and screen-scrapers.

The best way to know if spyware is on your computer is to use anti-spyware programs. I like Webroot Spysweeper, but it is not free.

Thanks, I'll check if theres trial version.

Quote:

Originally Posted by lunarlander

Hardware devices for keylogging exists, the ones I know of involves plugging it between your PC and your keyboard. So just look behind the PC and you should see them.

I'm using a laptop. And everything seems normal. But I sent the laptop to technical service a few months ago. I don't wanna sound paranoiac but can they place something inside the laptop?

Quote:

Originally Posted by lunarlander

If you have a wireless network, then you have to setup your router to use WPA2 encryption to defeat people listening to network traffic as they pass thru air.

I don't know what WPA2 is, I'll google it.

Quote:

Originally Posted by lunarlander

I don't know where you got the idea that there is an admin computer; I know of no such thing. Any computer can listen in on wireless traffic with the right program, unless you use WPA2. Perhaps you were reading about networks that has a domain-controller-server computer. But that most likely doesn't apply to you unless you are in an office environment.

Yeah, you're right, I read that they can see what employees are doing in offices from a computer, thats where I got the idea. I know so little about network...

Quote:

Originally Posted by lunarlander

If your neighbor obtains your password to the WPA2 setting on the router, then they can connect to your network and use it to connect to the internet, using up your allotted bandwidth. They can probably capture and decipher your network traffic.

Does it means I can capture the network traffic of laptops which are now connected to the router? Don't get me wrong, I wouldn't do that, but if I can see the network traffic, cant I also see how many laptops are connected to the network? Or is it impossible?

Quote:

Originally Posted by lunarlander

Man-in-the-middle attacks can allow monitoring your network traffic. But that is mostly done when you have a wired ethernet network. One way of doing mitm attack is to fool your PC into believing that some other PC is the router, so that all traffic to the router is redirected to the attacker's PC. But you say you have wireless, so, the attacker only needs a program to listen on traffic as it flows through the air.

That means some programmes should downloaded to my computer or some configurations should be done in my computer or something like that? I mean mitm cannot be done without touching my laptop right?
Thanks a lot for the detailed reply.

Quote:

Originally Posted by Irukku

As for your local wireless network, one can only have access to your machine if he has your Windows local admin password and if your sharing resources are enabled.

Sorry but what is Windows local admin pass? You mean the pass I atadığım for connecting the router? And where can I check "sharing resources"?

Quote:

Originally Posted by Irukku

If you have had someone else mess with your computer's configuration it's possible he's got such access, but well, if you have someone else administer your personal machine that should not be surprising.

What should I do then? How can I check configurations and see if everythings ok?

[calvin-c]

Rats-lost what I'd written when I went back to check the names of the sticky threads.

Stickies are threads that are permanently 'stuck' to the top of the thread list in a forum. On TSG they actually have the label 'Sticky' prefixed to them. On this forum they're the General Security Help and Security Tools threads.

I agree that the average person shouldn't worry about somebody capturing encoded data-but your initial question seemed a little beyond the concern the average person has so I thought I should cover all the bases.

I wouldn't want to say it was impossible for a tech to implant a hardware monitoring device inside a laptop, but I think it would need to be someone specifically targeting you. Again, it's not something the average person would worry about.

Most of the remaining questions can be covered by the answer to your last question, to Irukku. If you don't trust the person who administers your PC then you should either find another person, one you do trust, or learn to do it yourself. The average person will simply find another person-and will start by asking them to check their PC for intrusions.

Most of your concerns seem to be pretty far out there. Stuff that can be done but is difficult enough that only someone with both resources & a reason to target you would do it. The average person is content with encrypting their wireless network and using anti-malware programs to catch random intrusions. Anti-malware includes firewalls, anti-virus, and anti-spyware, all of which are described in the sticky threads on this forum. If you have greater concerns than can be answered by 'average' programs then I suggest you hire a security specialist.

[lunarlander]

One method of man-in-the-middle attack is to use ARP poisoning. See details here: http://en.wikipedia.org/wiki/Arp_poisoning. ARP messages gets passed around the network telling each other which network card uses which ip address.

If you have the WPA2 password, you can theorectically read the network traffic passing through the air. It would require a special program.