Suggestion Anyone?

**masterchief** · April 9th, 2004, 12:39 AM

Someone accessed my computer, used it for e-mails, changed files around, general mess. Lost AOL privileges due to heavy e-mail useage. Been told that someone can get in to my full time DSL line use my IP address, password, screen name, etc. to go around pretending their me.

Is this true?

Where can I get some solid reading material or web sites about how someone can do this. I suspect a former employee/relative who was in charge of my office computers did this somehow, but how can I prove this?
I need solid info to bring to my lawyer who knows nothing about computers and believes that no one can hack in and use someone's machine, e-mail accounts, and files.

Any help or direction would be greatly appreciated.

Thanks in advance.

***Soda_Popinsky*** · April 9th, 2004, 12:58 AM

Well, if you are planning on getting this person arrested or sued, then it sounds like installing Antivirus, firewall, HiJack this and a password change isn't a good idea. Obviously, you want to find out what has been done to your computer w/o deleting it all.

You probably want to disconnect the infected box. What operating system are you running?

Whatever logs you still have need to be brought together, maybe another member can help out with that. But if this is going to be usable in court, you might have to hire an expert.

edit: didn't really answer your question...

How someone can do this eh? Well if this person previoulsy had access to your computers, they would install a virus, a type called a backdoor, trojan, or something that would give them access to your box remotely. Popular ones include sub7 and netbus. There was just a segment on techTV on how to do this, so it doesn't take a genius to get this done. From there, the cracker connects to the virus acting like a server with the virus's corresponding client. That client can use the server to take screenshots, control your mouse, log your keystokes(passwords) take your files, place files, cookies(your saved passwords on IE for instance)

http://www.sans.org/rr/papers/index.php?id=103
http://securityresponse.symantec.com...itepapers.html
http://marketwatch-cnet.com.com/2100...3-5087366.html

some extra info

***Computernerd22*** · April 9th, 2004, 03:40 AM

Been told that someone can get in to my full time DSL line use my IP address, password, screen name, etc. to go around pretending their me.

Very true. I like to call it identification theft. Ever heard of John Walters? The host of 'America's Most Wanted' they are always running identification stoppers.

Where can I get some solid reading material or web sites about how someone can do this.

I would just like to say this is a serious crime in the United States of America. Please dont get any idea's out there.

I suspect a former employee/relative who was in charge of my office computers did this somehow, but how can I prove this?

Disgruntled employer I believe it.

I need solid info to bring to my lawyer who knows nothing about computers and believes that no one can hack in and use someone's machine, e-mail accounts, and files.

I highly doubt it. Lawyers know there state statues and there boundaries. There are lawyers who know there stuff when it comes to computers. They are defending the accused party who is accused of commiting computer crimes, stealing personal identification information, trade secrets, porn, Intellectual property (data, programs) etc...
If you can prove this person did this he could face up to 5 different charges from what I see. Everything ranging from computer crimes to Harrassment. Computer Nerd22

**!mitationRust** · April 9th, 2004, 04:11 AM

my lawyer who knows nothing about computers and believes that no one can hack in and use someone's machine, e-mail accounts, and files.

Suggestion, change lawyer's because this one is obviously not connected.

Edit**** How much money are you going to drop in lawyer fees anyway? You would be better off spending that money on protection for your network and whatnot, I suggest you let your ISP take care of this one.

Very true. I like to call it identification theft. Ever heard of John Walters? 'America's Most Wanted'

John Walsh

I would just like to say this is a serious crime in the United States of America. Please dont get any idea's out there.

And I would like to say, phishy....but thats just me. Great story line and climax, though!

I suspect a former employee/relative who was in charge of my office computers did this somehow, but how can I prove this?

Quote: Trump, employes are stealing from you, you just have to catch them.

**masterchief** · April 9th, 2004, 11:32 AM

As unbelievable as it may seem, my company lawyer is computer clueless. Not online, doesn't e-mail, and her staff uses floppies to save data. She has spoken to an alleged "expert" in this area. His line is 180 degrees opposite of what my available IT people say. The problems caused by whoever did this has gotten so bad, that all efforts to install McAffee (gave up) or Norton (equally frustrating) caused such damage, that three affected machines got to the point that they couldn't even function. An attempted reinstall of OS and our other software did nothing. The machines were so slow that a simple math calculation could be done faster with paper and pen than on the system.

Right now, we're finishing replacing all units affected.

Now, to add insult to injury, the bank contacted me and 1 credit card and my debit card "...have been compromised."

Every where that I turn for info, I get crumbs of "Yes it can be done." I need a loaf of bread. I need to A) make sure this doesn't happen again, and B) be able to show that it could happen and how it happened so that A is avoided.

So, help is appreciated.

Thanks

**masterchief** · April 9th, 2004, 11:39 AM

Read other posts. My teen daughter downloaded Kazaa into my home, and on a visit, office computers. Found literally dozens of songs w/viruses. Could this have been the gateway into our systems? Or did my fired, former computer whiz - the guy with all the screen names, passwords, IP addresses, etc., etc., etc., get in? I found out that the system log on password has been the same for over 10 years. 10 years!!! The people that I bought the company FROM could have even gotten in! Sheesh!

**nihil** · April 9th, 2004, 11:59 AM

Hi,

If your system password has not been changed for over 10 years, can I have your old equipment?...........I don't have a computer that runs on steam

OK serious and I mean serious.............

http://www.usdoj.gov/criminal/cybercrime/reporting.htm

Report to BOTH the FBI and Secret Service.............you have obviously suffered losses in excess of $5000...................that's a Federal one!

Ground your kid.............preferably in a pit of tar.............get a geek to wipe its machine, or you will have the RIAA sniffing up your a$$ and I MEAN $$$$$$$$$$$

Have a happy Easter

And get a specialist lawyer, but try the Feds first?

***Soda_Popinsky*** · April 10th, 2004, 12:46 AM

Read other posts. My teen daughter downloaded Kazaa into my home, and on a visit, office computers. Found literally dozens of songs w/viruses. Could this have been the gateway into our systems?

I'd bet dollars to donuts if you found as many viruses on there as you say you did, one of them was a trojan and gave complete access, and could of been visible on a portscan.

Heres your "loaf"
http://www.antionline.com/showthread...=netbus+techtv
http://www.techtv.com/unscrewed/ihat...644472,00.html

Go to the feds

***Tedob1*** · April 10th, 2004, 06:53 AM

you've been not only using but altering the file system by installing differant AV softwares looking threw files etc. forget about pressing charges on anyone you dont have a leg to stand on. if you wanted to press charges you should have shut the computer down and called a forensics expert right away.

kazaa...you GOT to be kidding me!

if you want to know how this can happen, better details of your network setup are required. like how your network connects to the internet (aol?) do you use a gateway, firewall? were all the service packs and patches applied? how do you get your email? does each machine have its own dial-up connection capability? how is your av configured. there are so many ways something like this can happen that without knowing what were dealing with...where do i start? What your asking is like asking how can someone break into my house…well what kind of a house is it? How is it laid out? What security devices are in place? Etc., Etc. And their are far more ways to break into a computer than into a house.

***fourdc*** · April 10th, 2004, 07:54 AM

Mastercard must have had a major compromise. A lot of people at the local bank had to replace their cards. I was told that a third of the account hoders had to change and the compromise wasn't at the bank.

Thread: Suggestion Anyone?

Thread Tools

Display

Suggestion Anyone?

Posting Permissions