Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: How do i find out if I have a back door open on my system?

  1. April 29th, 2003, 06:18 AM #11
    The3ntropy
    The3ntropy is offline
    Senior Member
    Join Date
    Mar 2002
    Posts
    442
    When you first turn on your computer
    Goto run, cmd
    Netstat -a
    there shouldn't be anything there that doesn't look 'right'. Connected to other computers on your network is fine, also is being connected to them via port 0.
    If you see some remote IP address ie 64.xxx.xxx.xxx:31337 connected to port # 31337 or some other suspicious port (search google for port list) you can even check every connection, there should not be many, for anything out of the ordinary.
    Reply With Quote Reply With Quote
  2. April 29th, 2003, 07:30 AM #12
    pak
    pak is offline
    Member
    Join Date
    Dec 2002
    Posts
    63

    Lightbulb

    You can also manualy check registry entries. A link for those can be found here.
    $pak = me;
    Reply With Quote Reply With Quote
  3. May 3rd, 2003, 09:36 PM #13
    blunuke420
    blunuke420 is offline
    Member
    Join Date
    Mar 2003
    Posts
    30
    The boops that I am hearing are coming from the computers internal speaker. Its almost akin to a 70's style atari boop or the sound your box makes when you overload the keyboard buffer and ever time you press a button your box boops to let you know that its taking a crap on itself so quit hitting the keyboard...

    Anyway thanx for all the help on this subject. I have put most of everthing I read here to use and am fairly confident now that no one has control of my puter but me.
    Free Speach is nothing but a giant noose. If you are dumb enough to stick your neck into it, then you had better be prepared for someone else to choke your mouth shut.
    Reply With Quote Reply With Quote
  4. May 3rd, 2003, 11:54 PM #14
    doc crontab
    doc crontab is offline
    Member
    Join Date
    Feb 2003
    Posts
    41
    "My question is, how do you troubleshoot your box to make SURE you are
    not brodcasting anything out of it you don't want to"

    Hi

    Besides using antivirus and spybot

    You should always verify your ethernet card is not in
    promiscuous mode with a detection program here is one for Windows there
    may be others you can find using the google search engine I'm only
    famillar with anti-sniff from Lopht..........

    http://ntsecurity.nu/toolbox/promiscdetect/

    If the answer is yes

    then you have to check for any sniffers on your computer
    if you discover the hackers sniffer it may be able possible to search
    the sniffers log to piece together what he did on your system

    Beware

    To disguise a backdoor from your attention our friend likes to use tools
    from the Windows resource kit such as Srvany.exe and netcat.exe to create
    a service on your pc that he/she can connect via a remote shell
    once he/she checks out what services are running before installing
    the backdoor picks one that's turned off removes it with 'Srvinstw.exe'
    tool then install a new service with the same name. This disguises his
    backdoor and reduce the chance you'll detect it so you'll be running
    around looking for new services or anything weird and won't know....
    check everything on your computer not just the odd or
    weird stuff that would tip you off to the Intruder when it could
    be right under your nose..........

    Doc
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules