Ethical / Not Ethical that could be argued all day.  It all boils down to the fact that she is a minor (uhh she is a minor right?) under your care.  You have the right and some would say duty to ensure her online experiences are both appropriate and safe.  Personally I am a big privacy nut so normally I am against keyloggers but in this case they would be appropriate.  Here is a site all about keeping kids safe on the Internet.  They list commercial computer monitoring software that go even beyond just keylogging.

http://www.safecomputerkids.com/

Well the low level  hardware stuff isn't exactly my field either but if you want to find out who sold/created the system the arcade is using.  More then likely it was package deal with the chip writers already included.  Once you know that you can find out how difficult it would be to get replacement writers for the system.  You may even find out the writer's specs from that.

Without having seen the system I don't know for sure but if I had to guess I would say that more then likely the electronic "tokens" only store your name or ID number.  Then when you use the token at a game the machine is probably networked back to an admin console which actually stores the amount of money on a card.  At least that is how I would do it that would be more secure then cards that could be hacked.  Good Luck!  I hope you figure it out.

Thanks for the link Negrita!  It looks like a cool site.

Congrats!!!   

Here is some good threads to read over.

http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,2186.0/

http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,2262.0/

In addition there is a lot of really good information on this forum if you take some time and look around.  Good Luck!!!  And welcome to EH-Net.

I think you see Mac's used in hacker movies because the movie industry is more familiar with them.  Since most of the best movie and graphic editing software runs on Mac.

Hail to the king, baby!!!   

The instructor for my CEH training used a VMWare router for our hacking lab.  I assumed it was Cisco IOS but I didn't pay that close of attention.  I'm not sure where he got it from but I will double check the lab setup and post what I find out.   

Maybe I am confused but did the EC-Council warning actually say that even after you get your CEH certification from EC-Council you can't take training from "unauthorized" training providers?

I hope I read that wrong and that isn't what they are saying.  What does everyone else think?   

From the EC-Council's FAQ's:


  I hope that helps.

OK, I just can't stop wondering.  You are a Network Administrator for your company according to your previous thread.  At least a small portion of your job makes you responsible to investigate leakage of confidential company information via Gmail but you don't know how to reset a Windows XP admin account?  Maybe I am wrong but I find it hard to believe a Network Admin hasn't already had to do that a few times in their career.  What makes me more suspicious is that in the last thread we told you your best solution would be to install a keylogger on the PC which would require admin rights.  If I am wrong I apologize in advance.
 

From a technical standpoint (I think the legal/ethical has already been covered) Good_4sh's advice is your best option.  Once you have the "smoking gun" evidence from the keylogger you can collect the employees hard drive for forensic analysis. 

If you aren't interested in punitive action (fire/arrest employee) then I wouldn't even bother.  Just block access to all web mail accounts and that should discourage this from happening in the future.  A lot of companies don't allow access to Web Mail as a standard practice.  Good Luck!

@Billy786: Thanks for the post!

@shakuni: Thanks for the link!

Looks like great information for a beginning programmer like me.   

This might also help.   

Open Source Security Testing Methodology
http://www.isecom.org/osstmm/

I wonder if they were a victim of a targeted attack by a Chinese hacker or if they weren't careful about what email attachments they opened so they ended up with a Trojan that just happened to be reporting back to a Chinese server/IP address.