Suggestion Anyone? - Page 2
Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 35

Thread: Suggestion Anyone?

  1. #11
    T3h Ch3F
    Join Date
    Sep 2001
    Posts
    716

    Re: Suggestion Anyone?

    Originally posted here by masterchief
    Lost AOL privileges due to heavy e-mail useage.
    I need solid info to bring to my lawyer who knows nothing about computers and believes that no one can hack in and use someone's machine, e-mail accounts, and files.



    Well if you lost your AOL privies. because of a malicious act. you should start by appealing to AOL. (they suck by the way) They (should) have logs of all actions with regards to your acct.


    http://www.emailabuse.com/report.asp

    Your Lawyer does not use E-Mail? Where are his offices Mayberry?

    Kazaa and a lawyer who still wears a wig in court? Sounds like an ugly situation.


    I agree with above posts regarding the amount of info you need to provide, regarding your HW, and systems. You will get much better answers by specifying your Technical situation.

    Get some good religion from Bad Religion.

  2. #12
    Junior Member
    Join Date
    Apr 2004
    Posts
    10
    Computers aren't networked. The 3 affected computers all connect thru their own dial-up. The computer that did the most damage, i.e., all the e-mails, file changes, etc., was the computer guy's desktop. All machines had a dual option: AOL or a local ISP and could connect at the user's discretion. All operated Win98, no firewalls, and Norton 2000 with no updates since 2000. The problems began in earnest 7 to 10 days after what looked like an e-mail test takeover of my AOL account (logged on and sent hundreds of e-mails without my knowledge). AOL shut us down, then, restarted us. The day it started, the computer was online for several hours downloading a patch for a business program. It logged off, rebooted, installed the software, and BAM!, off went the e-mails.

  3. #13
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    Your best bet is to contact the FBI as nihil suggested. They can even point you to a knowledgeable lawyer.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  4. #14
    Junior Member
    Join Date
    Apr 2004
    Posts
    10
    Correct me if I'm wrong on this: 1) With the right info in hand, someone can access your computer; 2) Then, use your computer at will; 3) Change files as desired and wreak havoc; 4) Send e-mails using your accounts; 5) Access any crucial info on your units like financial info; 6) essentially steal your identity and just destroy your life. And in the end, it all looks like you did it, and its up to you to fix it and prove it wasn't you. So, I'm replacing all the Win98 machines with XP Pros w/Norton + firewalls, and from everything I've read, XP has the same if not more flaws.

    A simple "Yes" or "No" will suffice: Am I correct about all this?

    Thanks loads for all responses and help.

  5. #15
    Junior Member
    Join Date
    Mar 2004
    Posts
    6
    For the most part, yes. Except Win98 != WinXP. WinXP is still actively patched when new flaws are discovered (albeit slowly).

    A few tips.

    #1 - EDUCATE YOUR USERS - most important factor by far
    #2 - Deny All, then allow only the required users/services
    #3 - Update, Update, Update. Your Virus/Malware/Adware/etc protection is only as good as your last threat database. New threats are discovered daily.
    -Oly

  6. #16
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    1. Yes
    2. Yes
    3. Yes
    4. Yes
    5. Yes
    6. Yes and No (depends, but you didn't want an answer?)
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  7. #17
    Senior Member
    Join Date
    Feb 2002
    Posts
    253
    I see from your profile that you are the president of a medical billing company.
    I wonder if your lax security procedures constitute HIPAA violations ?
    Not what you wanted to hear, but........

  8. #18
    Senior Member
    Join Date
    Dec 2003
    Posts
    100

    Re: Suggestion Anyone?

    If I were you, I would start putting some security measures in place to prevent this type of abuse in the future. I would lock down user accounts and implement complex passwords. Avoid the use of the administrator account. Ensure the AV software is implemented and the signature files are up to date. Learn about the audit logs and the events that are being tracked and above all implement a hardware firewall between your network and the DSL modem.

  9. #19
    Senior Member
    Join Date
    Aug 2001
    Posts
    485
    masterchief, my reply would be NO.

    The answer to questions 1-6 is still yes, but question 1 is the key question.
    WinXP pro is vastly more secure than Win98 if set up correctly.
    In technical terms, it is a completely different operating system.

    It has far less flaws than Win98, and more to the point new flaws are fixed, and an updated AV scanner together with a correctly configured firewall will pick up on most other things as well.

    For a start with WinXP you can set up 'user accounts' as CT2600 mentioned which have limited privileges, which means you can restrict what the users can do.

    If you are using this in a business environment, then maybe you should get a reputable computer consultant to give you the low down on what to do?
    Try friends, familly, or other small businesses to get a decent recommendation.
    Basic advice shouldn't take more than one or two days

  10. #20
    Member
    Join Date
    Sep 2001
    Posts
    37
    Tedob1 is right. If you need help from this thread then we need lots more detail on the topology of the network and how it connects to other systems, such as the Internet. But for you, the first place to start with is the logs. You should have logs on your servers, workstations and, if you have them, network devices such as routers. Start from the outside and work in loooking for suspicious or otherwise out-ot-pattern activity. Starting from the outside and working in should start to give you an idea of where the attacker broke in. From there you can start to narrow the search the first compromised servers/workstations to see what the hacker did. I'm sure many of us on the forum could provide some help in looking at the logs if you provide network topology details and post the logs.

    Regards,

    Alan Mott

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides