Book now with code EOY2025
dynamik wrote: » That may not be feasible since multiple people could use that account for performing their duties, and he may not read the email for days. If anything, I'd push for separate domain admin accounts for everyone (which should be done anyway), and disallow password sharing. You can offer to leave him with that one and you and the other guy take new ones. Auditing email access will be difficult for the reasons you mentioned, and there's no guarantee he wouldn't clear logs, etc. I don't think he could use the software as a defense as long as it's legitimate monitoring software that upper management has approved and not random spyware.
Claymoore wrote: » I'm going to defend your boss here. If I read yor first post correctly it sounds like your boss is journaling all the mail to another mailbox for compliance reasons. In 2003 you can only journal the entire database not just groups of people or individual mailboxes like later versions of Exchange. Your boss was probably asked to do this by the CEO without fully understanding that journaling all mail really means all mail. For better compliance support you should consider a real archiving solution and a current version of Exchange. However, as long as your boss has admin access to Exchange he can grant himself access to any mailbox. If your CEO doesn't trust him with that responsibility then he shouldn't have those rights.
the_Grinch wrote: » Couldn't you do a port cloning on the switch he's plugged into and then perform a wireshark capture?
Kaminsky wrote: » What a strange situation. If this is a beef between your ceo and your manager why are you getting mixed up in it ? I've never met an IT director or ceo yet who wouldn't have come down and torn strips out of a departmental manager for doing something they didn't like. However, I can see this going horribly wrong and your manager finding out what you are doing and you getting booted for it. Do you have this request in writing from your ceo ? Will he protect you if your manager finds out what you are scheming and cans you ? As much as you are all caught up in helping your ceo and getting rid of a manager you are not very impressed with, you should really step aside and let them two sort it out. You should get clarification of why your manager is doing what he does and is it a policy decision and then take that to the ceo and let him deal with the policy. The ceo should be the one addressing this by stopping your manager monitoring all emails or a subset therof. These clandestine actions could come back and bite you in the back side. If you do get some evidence and take it to your ceo and your boss gets fired, will you become the new it manager ? If not, how could your new manager ever trust you when they find out what you got up to with his predecesor ?
genXrcist wrote: » Yes, I work for a very dysfunctional organization (no idea of this when I started last Feb.) but a FT job is better than no job in this economy right?
genXrcist wrote: » Hey guys, Yep, the title says it all. The head honcho of the company I work for has discovered that my boss is reading employee email, including his. Now I've been charged with "proving" that it's happening. I don't have any experience in this sort of thing and I haven't even finished my 70-284/285 exams so I'm not really sure how to go about this. What I do know is that my boss replicates all email that comes into the organization and has it sent to the administrator mailbox. This is what makes it hard to prove, he's not actually reading other people's mail but the mail that is delivered to that mailbox. On top of that, I know he logs into the PC as the domain administrator which myself and another IT employee have the password for so I can't prove definitively that he is the one logged in reading the email. So my best bet, I think, is to install a keylogger/spyware onto the PC he uses to read email and record his actual actions. This of course doesn't get around the logging in as the domain admin but it's the best I can think of. Any thoughts or suggestions? Thanks!
Obdurate wrote: » I have no real skill with working with security and auditing; but I got to wondering, would it not be better and easier for you to just audit specific Email accounts? I can't see your boss reading the receptionist's Email, but the Manager for Accounting's Email would be prime target. ~Obdurate~
Jamesm3 wrote: » I hope your boss has not tapped in to your computer and found this thread. Just get everything in writing and document all your involvement Personal, I'd admit to the top dog due to the way your network is setup, monitoring is next to impossible. This should give them the motivation to implement best practises. Also, if you install monitoring software, what would really happen if your boss came across it? He may stop reading other peoples mail and set you up.
veritas_libertas wrote: » Definitely get it in writing! When I was working for a county-wide police/fire dispatch they used VNC for everything. Nice thing is it can run stealth and you can watch everything without anyone knowing that it is happening. It's an option. Amusing side note, you wouldn't believe how much cops love solitaire.
genXrcist wrote: » Ya know, I just started looking at VNC for remote support and so far it works great. I didn't know there was a stealth mode as I haven't had time to properly evaluate it yet. So does this mean that when under Stealth mode, the little white box does NOT turn black? Is that correct?
veritas_libertas wrote: » It keeps your mouse movement from showing up on the remote pc, and it hides vnc in the tray. Of course you will have to remove VNC from showing up in the start menu! Your ability to hide the program will all depend on how paranoid your boss is about the programs running in the background Remember your most important objective is to get screen captures.
fluk3d wrote: » You can try DameWare NT - it's similar to VNC, and you can hide the server so the end user will never know anyone is watching.Welcome to DameWare Development. Home of the DameWare NT Utilities & Mini Remote Control remote systems management software for Windows. Now Featuring Smart Card Login & Authentication
netteaser wrote: » I have clients were I have installed Spectorsoft 360 so they can monitor some employees.
netteaser wrote: » What version of Exchange are you using on your network?
netteaser wrote: » You can check what type of permissions his account or admin account has on the users mailboxes this way he simply adds the users mailbox in his Outlook profile, reads the email, and then removes the mailbox. Let me know
genXrcist wrote: » Thanks for the response Netteaser! Never heard of this, is it any good? We're running Exchange 2003 but this thing sits in front of our front side/back side server, of which both are running inside our firewall. **Don't look at me, he set it up this way** He had setup a new NAT entry in Sonicwall so that the MX routed traffic was being sent to this new server, which is not running Exchange, before being sent on to the Exchange Front server. For now, I disabled the NAT entry (the old one was still enabled) and restarted the Sonicwall. External Emails were still not coming in until I shut this server down. Thanks for this comment, I'll need to purge any ACL with his name on it anywhere.
netteaser wrote: » Spectorsoft 360 is a good software it records everything on a workstation playing back as a video. They also sell Spectorsoft that can be installed on an individual workstation, the 360 version is centrally managed and the agent is pushed out to the workstation.
Use code EOY2025 to receive $250 off your 2025 certification boot camp!
