Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: secure But still being Hacked

  1. #1
    Senior Member
    Join Date
    Jun 2004
    Posts
    184

    secure But still being Hacked

    I have just purchased a new hard drive and installed windows XP pro on it. I have downloaded all the updates and installed them all. I also have 3 firewalls and i am running Norton 2003. But was wondering if there is a way to check if there is someone connected to my PC. I think there is people in it daily because with 3 mins. of me being on the net my CPU usage is at 90% and above for ever. It is running like there is others connected.

    So i was wondering if there is just a way to see who is connected to me and kick them off or disconnect them...?

    Ty

  2. #2
    What 3 firewalls ? I know in Norton PW you can see every connection(IP and port number) and terminated it !
    O.G at A.O

  3. #3
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    start with netstat -a and see the connections to and from your computer. Do this when you have no apps open, and start from there.
    Quis custodiet ipsos custodes

  4. #4
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,840
    Did you check for spyware/adware/trojans/viruses/worms and whatnot? I don't think having 3 firewalls is neccessary .

    A router and Norton Personal Firewall has been working pretty well for me, and NAV 2k3.

  5. #5
    3 Firewalls running at once? Are they all on this same box? That's not only a resource hog, but it is not a good practice to run multiple firewalls, simply because they will all want to deal with the same packets at once.

    Try running fport from foundstone.com or tcpview from sysinternals. But my guess is that the firewalls are wasting your resources.

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    If you are running 3 software firewalls, I am surprised that your system runs at all, not that it uses 90% of CPU.

    You should only be running one, the same with interactive AV applications.

    If you did not have a firewall running when you connected to the net, then you could well have been infected in the first 10 minutes or so.

    Check your running processes, that should tell you what is using the CPU.

    Cheers

  7. #7
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,840
    Also check out Advanced Administrative Tools from http://www.glocksoft.com . The tool has a network monitor which will show you something similiar to netstat but in a GUI and something you can play around with.


    [offtopic]
    Look at the bottom of the page and see how many people have "Am I being Hacked" as the tittle of their thread ...Just an observation.
    [/offtopic]

  8. #8
    T3h 1337 N00b kryptonic's Avatar
    Join Date
    Sep 2003
    Location
    Seattle, Washington.
    Posts
    523
    the 3 firewalls are

    XP firewall enabled.
    Internet connection firewall.
    and Outpost.

    [edit] Jro5linux is my brother...this is how i know all his firewalls[/edit]

  9. #9
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Other than the fact you are running 90%+ CPU what evidence do you have that implies you are being hacked....... If you have none then you are almost certainly chasing your tail.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  10. #10
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Ok Follow the advice given: (I add a clarification)

    1/ turn off the M$ Firewalls.. XP firewall and ICS firewall (aren't these the same?)
    2/ run TCP View this is to see what has handles on your tcp and udp ports.
    3/ My recommendation is to run process explorer (sysinternals) to see what is running on your box..this is a more detailed view over Taskman.. This may give you an idea on the what is useing the CPU..
    4/ If nothing suspicious above.. do a remote scan of your hdd ( that is either by sticking your hdd in another machine and doing a "report"scan or by using the AV scann with BartPE Boot CD (you have to make this yourself)

    more questions:

    What browser are you useing?
    What Virus scans have you done?
    HAve you scanned for Adware/Spyware parasites?
    HAve you checked the Firewall Logs?..I am sure outpost creates logs


    Cheers

    BTW: could your problem be similar to what I have asked about here:
    http://www.antionline.com/showthread...hreadid=261475

    you may need to do a bit of testing.. I certainly am not finished checking the causes of my firefox problem....

    And basicly my post was a long winded way of asking the question from TS..
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •