Link to home
Start Free TrialLog in
Avatar of DistillingExperts
DistillingExperts

asked on

How to protect my pc at work from "internal" hackers

Hi,

I have some suspicions that someone at my workplace is trying to hack my computer, or have done already. How to find out and protect from it?

OS Windows 7. I have administrator privileges.

Thank you.
Avatar of helpfinder
helpfinder
Flag of Slovakia image

Important is a way how is (s)he trying, or already did. If hacker is trying to reach your resources, or already installed some malware/keylogger and created a backdoor for his actions.
You can set firewall in your computer, make a AV scan for malware/spyware. Check for suspicious processes. Check logs if there is something interesting. You can try to set permissions for files and folders important for you, etc

Why do you think you are under hack threat?
Hi, you could use wireshark as well to see the network activity that is coming and going from your pc.  http://www.wireshark.org/  Its a free download too.
Avatar of jhyiesla
To add to what was said above, make sure that you have disabled guest account, and limited admin rights on the computer to just yourself. Have a good AV solution in place and install and run Malwarebytes. Make sure that remote access is turned off or limited to your user ID, have a strong password and change it frequently. You might even consider a "better" firewall solution than what comes with Windows such as Zone Alarm.
Is your workstation member of a domain? In that case all domain administrators have access to your pc. You can try to remove the domain group "Domain Admins" from your local grop "Administrators" but that's probably against company policy.
Avatar of DistillingExperts
DistillingExperts

ASKER

deroode, yes, I am. What kind of access do they have? Could they have access without me seeing it? I do a lot of research in my machine by using browser. Didn't want my findings to be leaked.
ASKER CERTIFIED SOLUTION
Avatar of deroode
deroode
Flag of Netherlands image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Well, I do the research only during lunch time and in the evening after finish the work. Agree the pc belongs to my boss though. At the same time, cannot guarantee that an admin not with good intentions put something that is not good in my pc.
Hi.

Whenever you use a computer that is
A not administered solely by you
B at the same time encrypted and physically secured, you will not be able to tell if you are in some way spyed at or monitored. Thing is, that there are ways to hide processes and files from view. Even as admin with the best tools at hand, you  would not be able to tell if this cloaking is even happening, while the computer is online (=booted). No chance.
The only way would be to do forensic work offline (booting from CDs) - and that requires more expertise than you will be offered through a forum. You can do a simple offline virus scan, yes, but if that found nothing, would you really feel much better? Would you believe the result is 100% accurate?

If however, you decide to believe, you are being spyed at, you will have reasons. What has happened and why is there no other approach but the technical for you?
If you really want your research to be private i suggest you take a different route:

Use a tool like teamviewer or logmein on your private home computer. Make sure your home computer is turned on, access it from your work pc and do your research. That way everything is on your own private computer, and domain admins don't have access to that.

http://www.logmein.com
http://www.teamviewer.com
Thanks all. So far I liked deroode solution. Will try that and let you know.
Please consider the following: if someone is spying on you, he will possibly record keystrokes and take screenshots continously. Using your homne pc will not change that.
I've requested that this question be closed as follows:

Accepted answer: 500 points for deroode's comment #a38154640

for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
So my comments are not worth any points? Well... :)