Hi all -

This is going to seem like an odd post since it's not too technical in nature, but I'm hoping you can help set my mind at ease or confirm my high level of anxiety.

I was on my home computer using Yahoo Messenger and chatting with a work friend. Said work friend was logged into his VPN but didn't realize it. He was not remoted into his work machine or anything and was on his home computer, but was definitely logged into VPN. Well, a large portion of that conversation is something that we are hoping was not read/caught/monitored by our company.

How likely is it that they monitor something like that? And how easy would it be to "see" the conversation? Would they be able to tell who I am since I was not logged in but was on my own home network (and behind a firewall)?

Please - no flaming. I am well aware that I could lose my job if any of this was monitored and am really freaking out over it all. I'm hoping you can justify my anxiety or help ease it.

Thanks in advance and I apologize for posting something so trivial in your forum. I didn't know where else to turn for answers!

It depends how the VPN is configured and what clients you use.

Say your home IP is and you VPN in to work and their network space is and the VPN client adds a route to your routing table just for the VPN address space. In this case you are OK.

However some VPN clients force all traffic through the VPN connection that way corporate can monitor all network traffic.

Given the fact that it adds significant overhead to the corporate office to force all VPN traffic through the home office -- they usually install this set up if they want to monitor traffic. I would say that it is likely the conversation was logged however I personally don't review audit logs unless someone asks me too. I'm not pro-active about sniffing conversations but I am re-active when an employee is suspected of doing something detrimental to the business.

Check out how your VPN works :)

Thank you so much for your response. I just did a route print from a command line before and after being connected and it looks like the default gateway changed from my home IP to what is likely a work IP address. There are also a few other network destinations logged. Does that mean anything? Or would I need to know some more about how our VPN works?

If the conversation is logged, can they tell who the person is that wasn't logged in via VPN or will they just get an external IP address.

As a side note - nothing said was detrimental to the business - just personal. :-)

just do a tracert [url]www.yahoo.com[/url] or whatever messenger you were using. If you see the traffic hops on to your VPN's address space then you know you're in trouble. If it goes out your DSL router's IP address then you're OK.

I don't think most businesses specifically log IM traffic, reassemble the conversations, dissect them, analyze and report on them. It is a lot of overhead to do day-in-day-out unless you have a strict no tolerance policy where they will terminate you on the spot. I wouldn't worry about it too much and be sure not to ask questions or raise suspicion. If they know -- then there is nothing you can do. If they don't know then you will only tip them off that you're nervous about something that happened and they will look at the logs if they have any.