Printable View
Hi Guys,
Well I'm really annoyed when my freind sent me all my text chats on my msn messenger :fpissed: and he told me my IP Address and my geographical location and all this only through my MSN Messenger. He just became my friend and knew nothing bout me. I did voice chat with him. thats all. Please tell me how in the heaven's Sake did he do it? Is yahoo messenger equally unsecure? and AOL and all others? :confused:
sounds to me like you need to wear chat condoms...
But meh.. they are all insecure, just be careful who you talk to and stuff, but he really sent you all your text chats eh? Elaborate.. im interested..
This is a guess, but its possible... MSN probably creates a direct connection between people when voice chatting, so the IP was probably found via a netstat command. With that IP finding a *very* general IP is possible using programs like NeoTrace or even the app in the Tools & Toys section here. As for sending all your text chats, I'm assuming either you are running a old version of MSN Messenger, You have a current version but said friend found a new bug in it, or if you don't have a firewall or have it improperly configured they found a way onto your computer to retrieve information.
Some advice would be to run a virus scan with current definition files, run a trojan scanner like TauScan and if you don't have a firewall, get one and set it up to help prevent things such as this from happening in the future.
id have to agree with Syini666 here. your friend just did a simple child's trick and theres nothing you should worry about. any direct connection between the two of you, like voice chat or sending files or any feature that gives u direct connection to his pc and vice versa, will let him get your IP by using netstat or a simple packet sniffer. as for the geographical location, like Syini666 said, it could be just NeoTrace which is most of the time inaccurate.
THanx Guys but I don't think that through voice connection netstat wud reveal other's ipaddress. I still am at loss that how he could manage to take out my text chats? Does msn messenger save all the chats? some of them were a day old. Is he also able to remotely get the password of my messenger like this? please also tell me the best possible firewall to protect my pc.
MSN Messenger 6 has the ability to log conversations.
I think this is a weak attempt at social engineering and he is trying to get us to tell him how to do this.
Tell me the defence.........
If you hook up your firewall and look at your logs after a voice chat or a file transfer or anything of the type you'll note that the IP of the other person is indeed logged. I don't know that there's really a way to prevent that, I suppose there'd be a way to mask it, send the wrong IP, but other than that I really don't know.
And the rest of it, I have no clue. Sounds like he either found a cheap trick and exploited it or has mad, mad skills. Either way it'd probably be best to stay on his good side.
And follow the other's adivice and install a firewall. You can get a good one for free from Zone Labs http://www.zonelabs.com/store/conten...sp?lid=pdb_za1
Unless you really are just trying to con somebody into telling you how to do it. In which case, good luck. 'cause I doubt anybody would even if they knew how.
thanx for the firewall name and i came here on this site coz it is suppose to save me from hack attempts and instead u r thinking that i want to hack someone and need to know the way? Give me a break!!!
My Qs still there, wud this zonealaram prevent my text chat from being snatched from my box?
Ok, Im bored so Im gonna take a swing at this.
When you do voice convo you need to direct connect. The reason for this is to overcome the packet limitations the program sets up inorder to sotp spam and other crap from happening. when you direct connect you can runa command in dos (im not sying it becasue if hell have to learn it the same way I did, read a book) that will list all connection. next to each connection it will have a code to distinguish one connection from another ie. a web page you are looking at and the vice convo, the codes are listed on a microsoft webpage as well as many other dos basics web pages. after getting your IP, there are websites that can track the ip to a location, so thats how he did that. Now tall of this takes less skill then playing most computer games. As for getting your text convos, this may have taken some effort. MSN has an archive of your messages. It records them I believe, so does Yahoo messanger. Well after getting your IP he could have easily ran a port scan on you, and found a nice little entrace, from there he had access to your files ie the message archives. Not to difficut fo a thing to do.
Stage two: the defense. First and better then anyfire wall out there is common sense, ont Direct cnnect with people you dont know. this includes voice chat. Unfortunaly there are *******s out there that want to **** with you.
second: get a good sftware firewall, look for specifics when purchasing one like one that does port checks and stuff to make sure your all sealed up.
I would also learn some basic networking stuff so you can mask your ip.
now if you are on a dailup connection dont wory about what happend becasue chances are your not on a static I adress and if he trys to connect to you again hell have a difrferent person. If your on static, cal your isp and request that you have a change of IP. for my ISP all I have to do is reset my cable modem and it will give me a new ip because it uses dhcp to connect me. I hope this helps a little.
oh and to prevent the messages from being stolen find and delete the archives. also look for a disable archiving option.
So wot i gather till now is that my firewall shud be one hell of a thing. I shud mask my ip? ok will read bout it. Shud not try to sleep with the girlfriend of a hacker, Check!. Shud not try to talk, converse or exchange files with the above mentioned "Category". I shud check the logs of my firewall , daily!. check!.
ok Thanx XTC46 and all others. Do let me know if there is something here i missed.
XTC46 > Noticed a couple errors in your post.
Voice, file transfer, et cetera take up a lot more bandwith then chatting. Instead of needing several OSx pipe lines to run a chat server, they(microsoft) tell the clients to directly connect to save bandwith.Quote:
The reason for this is to overcome the packet limitations the program sets up inorder to sotp spam and other crap from happening.
The most I could get from this is, maybe you are thinking of the port numbers.Quote:
next to each connection it will have a code to distinguish one connection from another ie. a web page you are looking at and the vice convo
Comlpetely lost you on these codes.Quote:
the codes are listed on a microsoft webpage as well as many other dos basics web pages
The websites that do this are querying a database, it has nothing to do with tracking. And the physical location given has nothing to do with where the person using that IP address is, it is only to the place of business that registered that IP block. Example: I could sign up for a dial-up account in Belgium, dial into it across seas, ( I live in the US ). And if anyone ever 'tracked' me, it would appear that I live in Belgium.Quote:
after getting your IP, there are websites that can track the ip to a location, so thats how he did that
netstat -an and http://www.arin.net/whois/Quote:
Now tall of this takes less skill then playing most computer games
No skill.
Open ports does not equal insecure, and it is not easy to 'enter'. An open port means that there is a service running that is accessible to the general public. AntiOnline has several open ports and there security is descent, http://www.hackus.co.za/ is hosting a contest as we speak, they have a server with 'open ports' and they are challening anyone to try and create a file on it.Quote:
Well after getting your IP he could have easily ran a port scan on you, and found a nice little entrace
Not difficult, ha. Only if he had happened to get a trojan from this 'friend', which I doubt. It is FAR from not difficult to do. If it is not difficult, could you please get that computer for me that they are offering as a reward http://www.hackus.co.za/Quote:
from there he had access to your files ie the message archives. Not to difficut fo a thing to do.
I agree with you here.Quote:
the defense. First and better then anyfire wall out there is common sense, ont Direct cnnect with people you dont know. this includes voice chat. Unfortunaly there are *******s out there that want to **** with you
There are several freeware fire walls out there, and several that you do not have to 'purchase'. As for doing port checks, download a port scanner from our archives or hereand scan yourself.Quote:
second: get a good sftware firewall, look for specifics when purchasing one like one that does port checks and stuff to make sure your all sealed up
Masking IP addresses, at least doing a good job of it, is far beyond a basic networking skill.Quote:
I would also learn some basic networking stuff so you can mask your ip.
You would only be on static if you payed more. ISP's charge more for a static address, because it means that you will be hosting something, most likely, which would mean more of your bandwith will be used.Quote:
If your on static, cal your isp and request that you have a change of IP.
DHCP or Dynamic Host Configuration Protocol, only dynamically assigns IP addresses. This has nothing to do with the connection that comes after, and also has nothing to do with 'new IPs'. I use a DHCP configured/controlled home network, and all of my IP addresses stay the same on my LAN because I have the router remember the clients that have been connected, and the IP it assigned it, and to keep them the same.Quote:
because it uses dhcp to connect me
thanks for the corrections. sorry for any wrong info given. I think codes was the wrong term. I dont really know what to call them. But there not the port numbers. There like little tags. oh when I said "from there he had access to your files ie the message archives. Not to difficut fo a thing to do. " I mean it as , if he has already gained access to your computer, it wouldnt be hard to gather the info. I didnt mean for it to sound like gaining acces to a computer was easy.
But thanks for correcting me. I dont want anyone getting bad info, so m glad there is someone reading what i say and making appropriate corrections.
s0nIc:
A much better conversation logger is MSN+. Yes I know that version 2 is far from as good as version 1 however it's more stable than MSN6. MSN6 is the most annoying IM I have ever seen.Quote:
MSN Messenger 6 has the ability to log conversations.
And XTC46
Are you talking about Flags here? Just a thought...Quote:
There like little tags
The boys over at the underground mac have an AIM IP sniffer, I imagine if there's one for AIM there's one for the rest of 'em.
Trojan in motion
KinoEye > yeah, there are sniffers and spoofers and all kinds of crap or just about every major IM program out there. I might sound old fashioned, but I still think IRC beats all IM programs because i can talk to 20 people without having 20 windows open on my taskbar, plus I feel it can be saver because you dont have to rely on the programmers to take the necessary steps to secure the software. Most IRC safety relies on having a good server admin and opers and just using some common sense.
Yeppers, IRC is much better, I used Yahoo! messenger for awhile but I found it annoying as people would start bothering me the moment I logged on if I forgot to log in as busy or offline. Not to mention the complete strangers IM'ing becuase they thought I was someone else. Forget about it.Quote:
Originally posted here by Syini666
KinoEye > yeah, there are sniffers and spoofers and all kinds of crap or just about every major IM program out there. I might sound old fashioned, but I still think IRC beats all IM programs because i can talk to 20 people without having 20 windows open on my taskbar, plus I feel it can be saver because you dont have to rely on the programmers to take the necessary steps to secure the software. Most IRC safety relies on having a good server admin and opers and just using some common sense.
First things first. When you connect to send a file, a picture or when u connect to talk with any of your buddies on AIM, you are Directly connected with them. Throughout the duration of the file transfer or the Talk that u had with him/her, a simple netstat -n will reveal your IP address. Now, was he showing you the chat that u did only with him or other buddies too...if He showed you only the chat u did with him, then he's just using AIM 6 or just copying and pasting the conversation. Otherwise we could be using a spy program which logs all your chat conversations, passwords, keys pressed, programs that u've run, websites visited, etc. Now for telling you your location...all he did is use a program similiar to NeoTrace and used your IP that he got from the netstat to locate you. Don't worry much just be aware of the situation.
If your friend had you visit a site that looked funny example: http://123.45.678.910.com then you probably ended up getting scanned by his computer... however if you did want to get even you could just copy down that number because its his I.P. also.. I'm guessing he used something like Visual Route to find out where you are... theres something like Visual Route under the Tools and Toys section of this site... however it doesnt give nearly as many details as visual route.
you might want to try using a I.P. spoofer or Firewall from now on when you talk online
hey...................there are alof of software that can hack yr MSN log file..........if the guy knows yr ip address..........................but if u only use MSN version 6.0................if u want to know more u can sent mail to me "[email protected]"
Hey Guys wud someone tell me how would i know which port is used by MSN Messenger and by Yahoo and AOL messengers? So i'm a rookie, I just wana know if these ports are always the same whenever we start a messenger or do they also change like a DHCP'ed IP Addresses. (Why do i get the feeling that this is a very stupid qs?)