Printable View
hi! i m newbie here and although i've posted 9 posts still i m not sure how one hacker could enter in my system when i've latest antivirus installed and protected by some good firewall like zonealarm. Is there anyway left for a hacker using which he/she could enter in my system. Ooh i also want to ask you that which ports remain open even you are using zonealarm? Btw i use internet explorer on win98 OS. Hope for some good response.
hey buddy ,
the most important thing for a hacker is to know ur ip address if he knows it he can easily access to ur computer.right now ur ip address is being broadcasted so priamry thing you should do is that you must get a proxy such as winproxy for windows.hmmmmmmmmmmm even if you have got software like zonealarm hacker can intrude in to tour system without being detected.the next thing is antivirus that does'nt gives effective security against torjans and flooders it would be better if you can afford pest petrol it's the most effective one i 'have seen.okay the next important thing i tell you is that hacker's generally access through port 23 that is default for telnet programs or by port 79.
that's it hope my information will help you
malay
hey naughty...
Okay, antivirus software doesn't protect you from getting hacked per-say; what antivirus software does is scan your system for known viruses, trojans etc... It does not, physically prevent someone from telneting into your machine through an open port and owning your box... However it can help in scanning for certain "minions" a hacker could put there... It is a useful tool although personally I don't use antivirus software of any kind... I prefer firewalls.
Antivirus software protects you from foreign entities hiding in your box and making your life miserable but it won't do anything for you if a hacker gets your ip, portscans you, and then telnets into an unguarded port. Though (b/c of the antivirus) he may not be able to slip a trojan or a virus in on ya, he coul still just randomly start tear-assing around in your system. You need to be on the defensive against those kind of remote attacks/ That's the firewalls job. It was wise of you to install one. Although I've no experience with zonealarm I can tell you that you need to look for a firewall rule which allows you to telnet out of your machine, but does not allow others to telnet in. In otherwords, the firewall should give you an option to block all incoming telnet connections, but will let you make outgoing telnet connections if you follow me, I know it sounds a little tricky. Basically it blocks all incoming TCP packets with the ppp0 interface, but lets you send outgoing TCP packets with the SYN bitset. Most firewalls will give you the option to do that. Also, I suggest setting your firewall to masquerade your ip address. Again, most firewalls will let you. Another good trick to remember is blocking ICMP, which basically denies people the ability to ping you. This helps defend you against DOS attacks.
Those are just some basic tips... I suggest you read the tutorial on "How Servers are Cracked" at http://blacksun.box.sk there's a lot more good information there. Good luck! Hope this helped.
I'm pretty sure noone will attack you =)
P.S. Be sure all ports are closed :))) And remember there's no software 100% vulnearable to attacks if user is "nobrainer".
I am somewhat curious how anybody can be sure that they or anyone else can't be attacked? If that were true, security would be a non-issue and this site would be a chat site only.Quote:
First of all. Windows 98. [gloworange]Dont you think it's time to upgrade? [/gloworange] I mean there are so many attacks and backdoors for windows 98. Also no security is perfect plus since you are a newbie there are quite a few things a "Hacker" can do in order to penetrate your puny attempt at security or protection against "them". Keeping up with latest patches, and running firewall and AntiVirus is good. As someone mentioned port 23 should be blocked unless you use telnet. There are few other ports you should block that are used for look up. In other words a hacker can use an open port to collect sensitive information about you. Good thing would be to run ZoneAlarm in high alert mode. Remember Perfection Does Not Exist. Hope this helped.
A few tips I would suggest to keep up to date with any software you have. Second, make sure your passwords to your computer are strong and long ones. Third, some hacker's go to Social Engineering, so if you get a call or a email that basically asks for your password, it's probably a hacker trying to social engineer his way in. There are many ways a hacker can break in, so try doing searches for "Computer Security" or "Hacker Security" and learn as much as you can on ways to protect your computer. Hope I helped!
Well, some good advice so far. Allow me to take it a little furthur. An Antivirus, like stated previously, basicly cleans up an attack after it has happened. Now an attack can come many ways. E-mail, remote, locally, infected floppies, downloads, etc etc... The important thing to know is that new virii come out everyday, and your antivirus will be ineffective against that new virii until you update its database of virii fixes with the manufacturer.
As for actual attacks, firewalls are fine and dandy, but not full proof. There are many ways to get thru, disable, take down, and crash firewalls. The key word in defending your box is frequent updates to both the firewall and the AV software. Now, in a firewall you will want to "stealth" your ports. This basicly means that when a person pings you, they will not get a response from your machine. But, you can still be DoS'd regardless. The packets will still be reaching your machine, your machine just won't send a responce. Firewalls are good, but are pointless if you allow every connection. There are many vulnerabilities in many everyday programs. For instance if you have an old version of winamp 2, and allow an outgoing connection from winamp's browser, you just opened a window for a hacker. Upgrade to 3 and you've closed it. Just about every program out there that makes a connection to the internet, can be exploited. This is the reason for different versions of software. In winamp 3, they have fixed the previous bug. Hence why constant updates are a priority. So, Every program you have connected is a window a hacker can try and enter. These commonly include IE, AIM, YIM, Kazaa, etc...
Well, I hope that helped clear up some stuff for you.
As you are using Windows 98 don`t worry about Telnet, thats more useful on Unix systems.Your main threat is going to come from something like downloading a virus/trojan, or the various netbios techniques that could be used. So first off make sure zonealarm is blocking netbios from coming in, and then keep your antivirus up to date, don`t open emails from anyone you don`t know.
As xmadness said any internet connected apps will open up connections to the net that someone could potentially exploit, so stay up to date on those.
I would advise you get off Win 98 though as it really isn`t that good, you could use Linux if you have a lower spec machine that won`t run the latest and greatest Windows.
Also, I agree with uid(zer0) don`t get too caught up worrying about who is going to attack you, someone might take a look at your as a target of opportunity (i.e. someone is doing a network scan and comes across your box), or someone you know, but thats probably it. (I hope)
As for zonealarm, its fine for protecting your machine, it can be defeated, but most script kiddies are not going to be able to do that. If you want something a little more meaty get hold of an appliance firewall (such as an s-box) or set up a firewall using OpenBSD.
As you are using Windows 98 don`t worry about Telnet, thats more useful on Unix systems.Your main threat is going to come from something like downloading a virus/trojan, or the various netbios techniques that could be used. So first off make sure zonealarm is blocking netbios from coming in, and then keep your antivirus up to date, don`t open emails from anyone you don`t know.
As xmadness said any internet connected apps will open up connections to the net that someone could potentially exploit, so stay up to date on those.
I would advise you get off Win 98 though as it really isn`t that good, you could use Linux if you have a lower spec machine that won`t run the latest and greatest Windows.
Also, I agree with uid(zer0) don`t get too caught up worrying about who is going to attack you, someone might take a look at your as a target of opportunity (i.e. someone is doing a network scan and comes across your box), or someone you know, but thats probably it. (I hope)
As for zonealarm, its fine for protecting your machine, it can be defeated, but most script kiddies are not going to be able to do that. If you want something a little more meaty get hold of an appliance firewall (such as an s-box) or set up a firewall using OpenBSD.
I don't think a hacker would really care enough to break into a windows 98 machine unless he hated you.
Although nothing would be gained from gaining access to the machine, I am sure that he would just do DoS attacks against you and just annoy you until he felt like he was bored.
I don't think a hacker would really care enough to break into a windows 98 machine unless he hated you.
Although nothing would be gained from gaining access to the machine, I am sure that he would just do DoS attacks against you and just annoy you until he felt like he was bored.
-> While the above statement (that you arent likely to be attacked) may be true, it is also a fact that while whats on your machine may not be particularly important to someone in the scheme of things, your machine may be used in an attack on some other victim. If , for instance, you are an IRC user, and your security (especially in a Microsoft environment) isnt high enough, an attacker may first gain control of an IRC router, then use that router to search for an endless array of easily-acquired zombie agents (like maybe yours) to launch his attack on another person or company. So while your individual computer might not be important, think of the bigger picture. It sure wouldn't be nice to have someone DDoS some corporation or govt site only to make it look like it was you.
-> While the above statement (that you arent likely to be attacked) may be true, it is also a fact that while whats on your machine may not be particularly important to someone in the scheme of things, your machine may be used in an attack on some other victim. If , for instance, you are an IRC user, and your security (especially in a Microsoft environment) isnt high enough, an attacker may first gain control of an IRC router, then use that router to search for an endless array of easily-acquired zombie agents (like maybe yours) to launch his attack on another person or company. So while your individual computer might not be important, think of the bigger picture. It sure wouldn't be nice to have someone DDoS some corporation or govt site only to make it look like it was you.
Antivirus software searches for known viruses, trojans, and worms. It also detects when programs attempt to make changes to vulnerable areas of a system. Firewalls are only as good as the person configuring them. It would be a good idea to close all ports not being used by programs you run online, such as messaging applications. To answer your question, a hacker would start by obtaining your ip. How he does this is anybody's guess, some attain a specific person's ip for the sake of launching an attack against them for a specific reason. Others search through random ip's, testing each for specific vulnerabilities. After attaining a person's IP an attacker would do what is called "port surfing" this means searching for open ports on a system, either manually or aided by a port surfer program that searches them sequentially, starting at 1 and counting up. Depending on the services he finds open he may use any security flaw he finds to gain access to an entire system. This is why it only takes one computer with a security flaw to compromise the integrity of an entire network, an attacker can use full access to one computer to gain access to another. My advice, be careful what you download, close your ports, update antivirus regularly, and don't piss anyone off. As far as DDoS attacks (Distributed Denial of Service) a person uses access to many computers remotely, sending useless data packets called pings to a single address, the victim's. all of these pings are barely noticed by the computers sending them, they are tiny, like a hum of activity in a quiet corner of a crowded room, but to the computer recieving them from multiple locations, it is overwhelming. A client-side firewall (one on your computer, not a server) can do nothing to protect against these because once the packet is recieved, the bandwidth has already been used. These are pretty hard to protect yourself against so I reiterate: DONT PISS ANYONE OFF. Good day.
<edit>hacker2u, your avatar looks oddly farmiliar. I'd appreciate it if you got your own.
Antivirus software searches for known viruses, trojans, and worms. It also detects when programs attempt to make changes to vulnerable areas of a system. Firewalls are only as good as the person configuring them. It would be a good idea to close all ports not being used by programs you run online, such as messaging applications. To answer your question, a hacker would start by obtaining your ip. How he does this is anybody's guess, some attain a specific person's ip for the sake of launching an attack against them for a specific reason. Others search through random ip's, testing each for specific vulnerabilities. After attaining a person's IP an attacker would do what is called "port surfing" this means searching for open ports on a system, either manually or aided by a port surfer program that searches them sequentially, starting at 1 and counting up. Depending on the services he finds open he may use any security flaw he finds to gain access to an entire system. This is why it only takes one computer with a security flaw to compromise the integrity of an entire network, an attacker can use full access to one computer to gain access to another. My advice, be careful what you download, close your ports, update antivirus regularly, and don't piss anyone off. As far as DDoS attacks (Distributed Denial of Service) a person uses access to many computers remotely, sending useless data packets called pings to a single address, the victim's. all of these pings are barely noticed by the computers sending them, they are tiny, like a hum of activity in a quiet corner of a crowded room, but to the computer recieving them from multiple locations, it is overwhelming. A client-side firewall (one on your computer, not a server) can do nothing to protect against these because once the packet is recieved, the bandwidth has already been used. These are pretty hard to protect yourself against so I reiterate: DONT PISS ANYONE OFF. Good day.
<edit>hacker2u, your avatar looks oddly farmiliar. I'd appreciate it if you got your own.