MSN Messenger in a Corporate Environment

What can the IT guys see/access if they tried? Does the company’s server retain a copy of IMs? Do they have access to current IMs? What about previous IM conversations?

I have a cow-orker who has asked me and I don’t know the answer. I think I know where to find out though.

I think she’s carrying on an affair with another “woman” (a female who’s not quite yet 17). IIRC, she’s at the beginnning divorce proceedings.
Messenger is used regularly for work-related activities.
I think that the environment is all Windows if that makes a difference.

I seem to recall that MSN / Microsoft Messenger sends all the messages in plain text, meaning that anyone that can intercept the network traffic can see exactly what is sent. Your IT staff almost certainly has this capability, but probably haven’t bothered setting anything up to record the traffic unless they’ve had a specific reason to.

The short answer is that yes, the IT staff could have every IM conversation you’ve ever had archived if they wanted to. The question is, do they want to badly enough to dedicate the time and resources to do this?

There are instant messaging utilities that, on a peer network, communicate directly with each other in a way that is slightly harder to trace (still not impossible if you have a switch with a promscuous port), but MSN Messenger isn’t one of this type anyway; the message traffic is relayed via Microsoft’s central server somewhere, so by necessity, the messages are travelling across parts of your office network that are very easy for the IT people to monitor and log.

MSN keeps a history of your conversations - a transcript for each chat session. Typically only you can see it, but the typical setup is your MSN account is tied to your windows accout. That is if you log onto your computer you are likely logging onto your MSN too. While tech cannot learn your password (at least not without significant effort - there are ways) they can reset it to something they choose. Using this they can log on as you and preview your history (at least the history you haven’t deleted).

Some corporations use screen monitors. I was in a tech department that considered using one and demo’ed a few. With these, a manager (or BOFH) can effectively peek over your shoulder, seeing everything on your screen as you type.

NOTHING is private on a work computer. Always follow the rule: never type something on a company computer that you wouldn’t want to be posted on the cafeteria cork board - because everything has that potential.

I used “you” and “your” instead of “your friend” for brevity’s sake

I did preview, but this ambiguity got past me. By “screen monitors” I mean software that allows a remote viewer to monitor what’s on your screen from their computer without your knowledge.

That’s about what I expected.
She’ll prob’ly be very disappointed and very concerned.

MSN Messenger only keeps logs if you tell it to, and you can always delete any that already exist.

AFAIK, all current IM clients communicate in the clear (i.e. unencrypted). In theory, this means that a packet sniffer on the network could assemble an IM conversation that was in progress while it was on (it’s not really practical to record all network traffic, unless they suspect a particular individual). As a practical matter, that would be a lot of trouble to go through unless someone had a particular and compelling reason to pursue it.

That’s true. Dosn’t MSN, though, have history logging turned on by default?

Wow. Someone’s wife has an “other woman” who is 17 years of age.
Next week, on the Cecil Springer show…
I will assume that this affair is legal due to there not being any sex involved.
Your co-worker would be well-advised to not say anything to her companion of any non-platonic-just-pals nature via any medium excepting air. Just so no one gets the wrong idea.
Email, phone, cell phone, letters… make sure to say nothing anyone could use to suggest anything funny. At least until her companion has another two birthdays.


At my new job we are asked to install MSN on our computers and I had to turn that on myself, it’s not the default.

My new boss is an idiot (since she’s also kill-all ambitious, I’m hoping she gets a fancier job soon and moves away from me) who likes to give you orders and then claim she didn’t say that, so keeping a record of our MSNs is kind of a necessity :stuck_out_tongue:

If you do a google for “encrypt msn messenger” several products come up. A good package would keep all data between your friend’s and her friend’s computer unreadable.

Though of course she would still be susceptible to screen monitors–and just generally I don’t think it’s recommended to be having such conversations at work on a work computer.

To be honest, I couldn’t care much less about her “situation.”
She asked me and I didn’t know for sure. That’s what bugged me. Also I wanted to see her face when I tell her the IT dept could snoop on her if they wanted to. It’s my evil bone.
I think she’s afraid of what her husband’s potential lawyer could potentially ask the IT dept to do.
I don’t care about the probability of her husband’s potential lawyer being able to ask the IT dept to do anything, so there’s no need for anyone to offer any info re this.

I’m not familiar with MSN, but we’re using a corporate version of AOL Messenger (AIM) here. I can only assume a corporate version of MSN would work similarly.

Messages that are between employees stay inside the company, and are routed by a private AIM server within our network. Any messages to or from external users are routed through the firewall to the Internet. For regulatory purposes*, all messages are archived, regardless of origin or destination.

  • Just as one example, some of our users are investment bankers, and if a customer messages their banker to buy shares of XYZ Corp, the SEC says we need a record of that. It’s easier to record everything than it is to sift out who’s a banker and who’s not.

MSN Messenger communicates via TCP port 1863, so it’s trivial to set a listener process on that port to record everything that goes by. Whether or not a company does so is going to be affected by regulatory environment and finances. ie: Are they required to? If not, can they afford to?