Someone hacked into my machine

*Master Pivot* · Feb 03, 2005, 11:29 PM

I just found out that someone hacked into my machine.
I am in the process of saving off what files I want to keep before I flatten my box.

Any advice on how to prevent future occurances?
I have Windows Firewall enabled. The only exceptions are:
- AOL Instant Messenger
- Bittorrent (btdownloadgui)
- File and Print Sharing
- MSN Messenger
- Remote Assistance
- Remote Desktop
My DSL modem forwards only the Remote Desktop port.
The Port Scan test at http://www.dslreports.com give me a green light.

*Legend* · Feb 03, 2005, 11:34 PM

yeah, speaking of which I have the same problems too
I also have a firewall (software) but it doesn't seem to help

out of nowhere my sbcglobal account was logged on with another name that I totally don't know

*Sinistra* · Feb 04, 2005, 01:24 AM

What version of MSN are you using, Do you run your remote assistence and Remote Desktop All the time. Version of AIM. and what not

*jaderabbit* · Feb 04, 2005, 07:11 AM

hmmm ye you might have something setup wrong that allows people to get into ur pc.
I had that problem once... but it's resolved now.

**LenMiyata** · Feb 04, 2005, 09:02 AM

Grumble Grumble Grumble

File and Print sharing, and Remote Assistance/Desktop have documented vulnerabilities. Just the slighest mis-configuration in either of these services could let a skilled hacker in...

There is also the possibility that your system was compromised by a virus/trojan/malware that was a part of a downloaded Email attachment or Internet download... There are also documented cases of a malicious downloads being triggered by vulnerabilites in IE, which could have happend if your system isn't current with the Window's Update Security patches... (Before you flatten your Box, try the Microsoft Spyware Beta and see what it finds...)

*Master Pivot* · Feb 04, 2005, 10:46 AM

MSN Messenger: version 6.2
AIM: I don't remember which version.
Remote Assistance: When I enabled it, I left it at its default settings. I guess I can always disable it.
File and Print Sharing: How do I deal with its vulnerbilities?
Viruses and Malware: I have McAfee Anti-Virus installed and run it regularly. Also, all of my email goes some form of virus scan before coming down to my machine. And with both Ad-Aware and Spybot running, I hope nothing came down.
Remote Desktop: While my box isn't always on, Remote Desktop is always enabled.
Updates: Always

*jao* · Feb 04, 2005, 11:09 AM

Skilled hacker?

Usually anyone trying to get onto a random machine is hardly 'skilled' nor wants anything to do with you files. A LOT of spyware programs and virus' are around that often make it seem like someone is on your machine because they often run programs of their own.

If you're interested in ports that your system have have open for these types of attacks:

www.blackcode.com

Programs like MSN, Ares etc all open a gate into you machine. Firewalls allow these programs to receive and send thus making your computer really anyones domain. Why anyone would want you computer other than to use it's IP to hide a bigger attack is beyond me. Unless they're completely foolish and feel special becaue they've walking into an 'open door' so to speak.

My advice: Webroot spysweeper, PC-Cillin 2005 if you're running on windows. Limit your time on File sharing programs and occasional disconnect your modem to get a new IP.

Start reading up on the most common programs you use, know what they open and know what traffic is allowed through, that way you can protect yourself.

[J]

**LenMiyata** · Feb 04, 2005, 01:56 PM

Grumble Grumble Grumble

Unless you have a real need for a outsider to access your files and use your printer, the easiest thing to do is to disable the service in the network properties...

Also, Virus scanners will usually ignore Spyware/Malware (who knows, You may have actually wanted and agreed to installed these things...) There have been many reports that the Microsoft Spyware Tool Beta have been picking up Trojans and Malware that Ad-aware and Spybot miss. (You can assume that Microsoft has more experience with these issues through licensed corporate technical support problems...)

Feb 03, 2005, 11:29 PM	#1 (permalink)
Master Pivot Newbie Join Date: Nov 2004 Location: Seattle, WA Posts: 79 Thanks: 0 Thanked 0 Times in 0 Posts Credits: 310	Someone hacked into my machine I just found out that someone hacked into my machine. I am in the process of saving off what files I want to keep before I flatten my box. Any advice on how to prevent future occurances? I have Windows Firewall enabled. The only exceptions are: - AOL Instant Messenger - Bittorrent (btdownloadgui) - File and Print Sharing - MSN Messenger - Remote Assistance - Remote Desktop My DSL modem forwards only the Remote Desktop port. The Port Scan test at http://www.dslreports.com give me a green light. __________________ Master Pivot - Wielder of the Coherent Light Bokken -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Last edited by Master Pivot; Feb 03, 2005 at 11:40 PM.
Status: Offline

Feb 03, 2005, 11:34 PM	#2 (permalink)
Legend Legendary Otaku Join Date: Oct 2004 Location: Sharks Territory Posts: 4,629 Thanks: 49 Thanked 62 Times in 56 Posts Credits: 7,486	yeah, speaking of which I have the same problems too I also have a firewall (software) but it doesn't seem to help out of nowhere my sbcglobal account was logged on with another name that I totally don't know __________________ Layla~~ LEGEND IS: UP TO SOMETHING, GOOD FOR NOTHING.
Status: Offline

Feb 04, 2005, 01:24 AM	#3 (permalink)
Sinistra Legendary Otaku Join Date: Oct 2004 Location: North Carolina Posts: 2,520 Thanks: 0 Thanked 1 Time in 1 Post Credits: 1,416	What version of MSN are you using, Do you run your remote assistence and Remote Desktop All the time. Version of AIM. and what not __________________ [ Anime Insight \| Anime Paper \| MiniTokyo \| Myspace \| DeviantART \| FireFox]
Status: Offline

Feb 04, 2005, 07:11 AM	#4 (permalink)
jaderabbit Cheetos Overlord Join Date: Dec 2004 Location: The World Posts: 3,652 Thanks: 0 Thanked 4 Times in 3 Posts Credits: 7,474	hmmm ye you might have something setup wrong that allows people to get into ur pc. I had that problem once... but it's resolved now. __________________ -Just another green eyed angel, distorted by mans love for hate- \|THE INFAMOUS\|The Host\|Twilight Series\|Twilight Movie\|Untouched!\|
Status: Offline

Feb 04, 2005, 09:02 AM	#5 (permalink)
LenMiyata Grouchy Old Anime Otaku Join Date: Jan 2005 Location: Silicon Valley, California Posts: 4,529 Thanks: 0 Thanked 62 Times in 57 Posts Credits: 46,369	Grumble Grumble Grumble File and Print sharing, and Remote Assistance/Desktop have documented vulnerabilities. Just the slighest mis-configuration in either of these services could let a skilled hacker in... There is also the possibility that your system was compromised by a virus/trojan/malware that was a part of a downloaded Email attachment or Internet download... There are also documented cases of a malicious downloads being triggered by vulnerabilites in IE, which could have happend if your system isn't current with the Window's Update Security patches... (Before you flatten your Box, try the Microsoft Spyware Beta and see what it finds...) __________________ FAVOURITE THREADS EXPLAIN why, or risk an infraction. Rantings of a Grouchy Old Anime Otaku
Status: Offline

Welcome to AnimeOnline.net, your personal Anime Community!	Anime Online Rulez!

Feb 04, 2005, 10:46 AM	#6 (permalink)
Master Pivot Newbie Join Date: Nov 2004 Location: Seattle, WA Posts: 79 Thanks: 0 Thanked 0 Times in 0 Posts Credits: 310	MSN Messenger: version 6.2 AIM: I don't remember which version. Remote Assistance: When I enabled it, I left it at its default settings. I guess I can always disable it. File and Print Sharing: How do I deal with its vulnerbilities? Viruses and Malware: I have McAfee Anti-Virus installed and run it regularly. Also, all of my email goes some form of virus scan before coming down to my machine. And with both Ad-Aware and Spybot running, I hope nothing came down. Remote Desktop: While my box isn't always on, Remote Desktop is always enabled. Updates: Always __________________ Master Pivot - Wielder of the Coherent Light Bokken -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Status: Offline

Feb 04, 2005, 11:09 AM	#7 (permalink)
jao From the dead Join Date: Nov 2004 Location: Montreal Posts: 228 Thanks: 0 Thanked 0 Times in 0 Posts Credits: 240	Skilled hacker? Usually anyone trying to get onto a random machine is hardly 'skilled' nor wants anything to do with you files. A LOT of spyware programs and virus' are around that often make it seem like someone is on your machine because they often run programs of their own. If you're interested in ports that your system have have open for these types of attacks: www.blackcode.com Programs like MSN, Ares etc all open a gate into you machine. Firewalls allow these programs to receive and send thus making your computer really anyones domain. Why anyone would want you computer other than to use it's IP to hide a bigger attack is beyond me. Unless they're completely foolish and feel special becaue they've walking into an 'open door' so to speak. My advice: Webroot spysweeper, PC-Cillin 2005 if you're running on windows. Limit your time on File sharing programs and occasional disconnect your modem to get a new IP. Start reading up on the most common programs you use, know what they open and know what traffic is allowed through, that way you can protect yourself. [J]
Status: Offline

Feb 04, 2005, 01:56 PM	#8 (permalink)
LenMiyata Grouchy Old Anime Otaku Join Date: Jan 2005 Location: Silicon Valley, California Posts: 4,529 Thanks: 0 Thanked 62 Times in 57 Posts Credits: 46,369	Grumble Grumble Grumble Unless you have a real need for a outsider to access your files and use your printer, the easiest thing to do is to disable the service in the network properties... Also, Virus scanners will usually ignore Spyware/Malware (who knows, You may have actually wanted and agreed to installed these things...) There have been many reports that the Microsoft Spyware Tool Beta have been picking up Trojans and Malware that Ad-aware and Spybot miss. (You can assume that Microsoft has more experience with these issues through licensed corporate technical support problems...) __________________ FAVOURITE THREADS EXPLAIN why, or risk an infraction. Rantings of a Grouchy Old Anime Otaku
Status: Offline

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode