Hotmail Proxy Details (Whodunnit)

Discussion in 'Internet, Connectivity and Communications' started by Fergal1982, Jun 25, 2008.

Page 2 of 2
  1. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    Jun 25, 2008 #21
    Remove Advertisement - Premium Membership
    I think we're talking at cross purposes here.

    We already know they were both logged onto their workstations at the time the email was sent from hotmail. We also know that they were both accessing hotmail at the time the email was sent. But the proxy logs dont tell us which one of them sent the email, nor which one was logged onto the account.

    For example, say the email was sent at 24/06/2008 14:07, the proxy logs show:

    24/06/2008 14:07 joe.bloggs (D10114) - <hotmail access>
    24/06/2008 14:07 joe.schmo (D10115) - <hotmail access>

    ie, we know that they were both doing things on hotmail at the time the email was sent. We know what machine they were on, but we need to narrow it down to which one of the two users who were concurrently accessing hotmail, actually sent the email.
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  2. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    Jun 25, 2008 #22
    Remove Advertisement - Premium Membership
    Ahhhh - NOW I get you! :)

    Unfortunately, without more detailed logs (say from an IDS or a layer 7 proxy that can act as an SSL intermediary) you probably won't be able to do anything about it now. You could, however, run a sniffer on both workstations or at switch level if you suspect this is likely to happen again.
     
    Certifications: A few
    WIP: None - f*** 'em
  3. SuPaStA

    SuPaStA Nibble Poster

    71
    0
    21
    Aug 10, 2008 #23
    Chances are that the person created the account at the same time as sending the email, so what you will be looking for on the proxy is what computer accessed the "signup page" on hotmail.

    The url you get directed to straight after saying you want to create an account is:
    http://get.live.com/mail/options
     
    Certifications: CCNA,MCSE,ITIL,Server+,Security+,N+...
    WIP: CCNP
Page 2 of 2

Share This Page

Loading...
Remove Advertisement - Premium Membership
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...