i'm desperate and pathetic

[cybernetic]

Guys, I really don't know what to do. I've reinstalled windows 2000 proffesionall for 10th time already and always, always after one day i get hacked. Once it was klehz worm, than dloder or 'what'sit's name'. This morning when I rebooted I found, get this, I found a WinVNC setup screen running. WTF man!!!. How can I harden this system. Are there any defaul vunerabilities running at the initial install. Can you tell me; give me pointers on what to disable. I would prefer not to run firewall because I'm a gamer and I need the last drop of performance from my system. I just don't want anything coming in anymore.

[Guus]

VNC running? Are you sure no-one else has access physical access to the computer? Maybe someone comes in after you installed it, and 'finishes' installing.

Also: consider running a firewall when you're not playing your games. Just find one that you can disable each time you want to play, enable it afterwards.

[EaseZE]

When you install make sure its not conected to your network, cable modem, etc... Install zone alarm imediately with the most strict setting. Stop downloading from untrusted sources. And for gods sake use some common sense. Anti virus cant hurt either.

[cross]

When you re-install, are you formatting everything, or just installing over? Also, you should look into a DiskKill Utility to write 1's and 0's over all portions of your Hard Drive. Some virii can hide in your master boot record I think, so a " format /mbr " before partitioning and formatting might help aswell.

[Guus]

Oh, and yeah, there are several default vulnerabilities running after initial setup. As soon as you finish installing, visit http://www.windowsupdate.com and patch your system (which will require several reboots).

[nebulus200]

For starters, search the tutorial forum, check out my tutorial on hardening Win2k:

http://www.antionline.com/showthread...hreadid=234577

Then take a look through:

www.securityfocus.com (some good articles)
www.microsoft.com (some good article)


/nebulus

[waytallgel]

Hey, don't forget to get those windows SP's and Security patches, they might not be the best way and won't close all the holes, but it will help some.

www.microsoft.com

Also if you are on a network where you don't trust all the users take off File and Print Sharing and uninstall it.

Greg

[cybernetic]

i'm on cable w/ one other machine on linksys router (if you can call it that) noone with enough knowledge to pull this off has physicall access to the system or the other system. after the install i turn off file sharing and mesagge service. i don't download anything from any ptp / file sharing services on this system (after all this happens after a day usually) i know there's a lot of ppl scanning the subnet in my neighborhood but the question is.... if i'm not running file sharing or any other extra service WHAT COULD BE THE VUNERABILITY that let's these things in.

by the way... thank you moderator...

[nebulus200]

If you are running a linksys, why not just turn on NAT/DHCP? Setup windows to use DHCP, get a private address, and then nobody from the internet can reach you to obtain access...

You haven't mentioned that you have any need to allow connections in from the internet, so to me this would be the most logical move...

Secondly, lock down your system. Follow the tutorial, it will go a long way towards keeping people out of your system...

EDIT: Lastly listen to the advice that has been given here, it is good advice. Judging from your posts, I think that maybe you are not paying attention...

/nebulus

PS: I noticed you said you share a drive to allow access to mp3's to debian...hmm...wouldn't be running KaZaa or Gnuetella would you...? If so, well, hmm...other than to say that is probably where you are getting constantly hosed, I will keep my mouth closed since I can't say anything nice about it...

[tonybradley]

Gamer or not, your system isn't performing very well if you are constantly infected with worms, viruses and Trojan horse programs that are easily preventable.

For starters, after you get the initial build online you need to go to the Windows Update site and download and install all applicable critical patches. You should apply Service Pack 3 and then any applicable patches after that.

You should also be running antivirus software. There are plenty of good ones- free, cheap and otherwise. I use Computer Associates on my home machines- but mainly because I can get it for free. I have used McAfee products with no problems. Find one, install it and update it at least weekly.

Lastly, you can have a firewall without impacting performance. While not the greatest firewall, if you buy a home Cable / DSL router they typical come with a basic NAT and port-blocking firewall. You can block all incoming ports except the port or ports you need to do your online gaming. If you have a spare computer you could also set that up as your firewall and connect through there. I use Zone Alarm software and I know many people like Sygate and other freeware / shareware firewalls. They are generally easy to configure and do the trick. I don't know how they are or how they compare in terms of using system resources though.

In the end though, I submit again that having your system compromised on a daily basis makes it much less effective as a gaming machine than any resource impact from running antivirus or firewall.