dcsimg
Page 4 of 4 FirstFirst ... 234
Results 31 to 37 of 37

Thread: how did you get in here

  1. #31
    Junior Member
    Join Date
    Sep 2003
    Posts
    6
    well i appreciate all of the help.....new develpment.......the "hacker" had installed a user file in my hardrive....all files contained were dat files. they had also turned on my guest account password free......i know this was no one close to me cause no one......and i mean no one has touched my pc all weekend besides myself........i am now usiong both zone alarm and black ice as my firewalls, and i have spybot and super pest patrol (all updated versions) and did find one trojan. i must say all of this is extremely fascinating and i am enjoying the experience(in a way). as for turning off my dsl.....according to the carrier it is supposed to have a dynamic ip and according to them is supposed to continuosly change.....will it keep repeating the same ip addresses though? so far (well since sat. night) someone....or someones....have been blocked from entering into my pc 138 times.....and yes they keep trying.....hopefully my dual firewalls are what are keeping them out. i again checked with both windows and mcaffee for updates, neither had any for me.....mcaffee updates weekly anyway. hopefully have this prob taken care of........if not, i guess i will need to learn more.

  2. #32
    Junior Member
    Join Date
    Sep 2003
    Posts
    1
    whyme961,

    First do a trojan/worm scan with the updated virus list. In XP most instances occurs while svchost.exe is running many instances in the PROCESS. It mostly implies presence of W32@ worms. Check it out. Try STRINGER from VIL. It does a clean sweep for the same. Maybe if you are in LAN, viruses/worms/trojans might have been infected via the ports mainly 135/139. ZA has a tendency to be killed easily if the system is trojan infected ( its my personal experience ).ANd also as suggested above by fellow members, disable SHARINGS. If all the above fails, it might be someone known to you who has access (physical ) to your computer deleting the files.....lol...

    HTH!!!!

    !!(( Protocols )) !!

  3. #33
    Junior Member
    Join Date
    Sep 2003
    Posts
    5
    I found a white paper somewhere that suggested anyone with a firewall block UDP Port 8998 for the sobig etc. worms and I run everything from spybot s&d, adaware, norton system works and zone alarm to my D-linksys router and it's capabilities to try and keep my pc's clean. I have found running multiple types of security software that claim to do the same thing I.E. Norton and MaCafee or Zonealram and Black ice sometimes create more problems than they cure when trying to do day to day operations.
    The best advise I'd give you is try something out and pick up a key stroke logger for your pc to see if it is someone you know, but not so well or if it is cooming from out side set all your security software to the max with notify and see what it tels you. I just thought of something that a buddy of mine suggested the othe day. There is a product called SNORT I believe it is that was a Unix and Apple based program that has just become available for windows users. This is NOT an endorsement I don't have it but it may be germaine and help in this instance.
    regards, Gypsy.

  4. #34
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Regarding your DSL, yes they are "dynamic" but they will normally only change if you log off the connection, and then back on again. They will keep the same address for any period of continuous connection.

    This is normally a potential problem with cable, as you tend to get a permanent address from them.

    Cheers

  5. #35
    Member
    Join Date
    Aug 2003
    Posts
    37

    Thumbs up

    Hello,

    Our recommendation, though quite a bit of work would be as follows:

    1. Backup all critical files
    2. Clean install of OS
    3. Update OS with latest patches and SP's
    4. Purchase the SOHO3 SonicWall Internet app (Zone alarm and software based firewalls are not robust enough). Even a Netgear firewall with Stateful Packet Inspection (SPI) would be better than the "free" solutions. Free is not always good as these solutions are easy to disable.
    5. Install the latest version of your favorite anti-virus program (like NAV, Trend Micro, Sophos). Configure the software to updated virus definitions for daily updates and scan the entire system daily. Complete a complete scan after initial install.
    6. Careful about your surfing habits. Turn off cookies and Active X
    7. Don't open ANY email attachments from your friends...(.pdf is ok).

    Good luck!

    DarkCarniv0l

  6. #36
    Junior Member
    Join Date
    Sep 2003
    Posts
    5
    Hello,
    Dark has the ideal solution. But is it practicle? Or affordable? I'm not saying not to go with it, but I've ben around the biziness long enough to know that the most expensive solution is not the only solution. I don't know much about most of what Dark has reccommended but is it that much better than the approach I recommended. Dark I would like to hear your rebutal. because if I'm in the wrong I have to change tihe way I look at these things. regards, Gypsy

  7. #37
    Member
    Join Date
    Aug 2003
    Posts
    37
    Hi Techno

    As you well know.....There are many ways to carve a pumpkin. You have some great ideas too and I agree with you, the most expensive solution is not always the best. The solutions I recommend, Sonic Wall and Netgear are typically affordable by most end-users. The Check Point Firewall technology (sofa@ware) & (safe@office) are a bit more pricy and offer a robust VPN function. We support the SMB market and had very impressive results from our customer base with no "known" intrusions and numerous "known" intrusions.

    I hope this helped.

    Top of the evening to you all!

    DarkCarniv0l

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •