hi! i am new to this site and all it covers and could really use some help asap.......i am being tapped (i think) by someone and i think it is thru yahoo...also i would like to learn to protect my comp from future attacks .....PLEASE HELP
Printable View
hi! i am new to this site and all it covers and could really use some help asap.......i am being tapped (i think) by someone and i think it is thru yahoo...also i would like to learn to protect my comp from future attacks .....PLEASE HELP
I moved your thread from Roll Call to here. People cannot reply to posts in Roll Call.
What do you mean "tapped"? Do you mean someone is sniffing your messages? Or are they knocking you off the Internet?
What Operating System are you using and what version of Yahoo Messenger are you using?
Hello Duckman, am I wrong in assuming that you aware of this traffic due to your firewall log?
If not how have you determined the source? More detail plz. Good question.
Welcome to AO! There are good ppl. here for the most part.
P: Bro
:cool:
Welcome,
go to:
http:// www.bitdefender.com/
and get the free protection packages for any P2P stuff you may use. It probably won't solve your immediate problem, but as already mentioned, we need some more details to do that.
You might as well start hardening your system right now :)
Good luck
One of the fist things you can do is download Ad-aware and clean you computer of adware and spyware, this might solve your problem if it is spyware or the like. Another thing you can do is download a firewall so you can begin to limit the traffic going into and coming out of your computer. It might also help if you could give a hint of what OS you are using, Windows 9x/Me,
Windows NT,2000,Xp, *nix,etc. Here is a link for Ad-aware and some firewalls that you can choose from:
http://lavasoft.element5.com/software/adaware/
BlackICE Zone Alarm Kerio Sygate Outpost
When you first use any of the firewalls be sure to start them out in the strctest mode you can and ease up as you need to. I hope this helps somewhat. Goodluck!
-libertie
hello globalduck1313 the web has lots of software that can provide the attacker's attack my friends told me once about those software but i dont both to check them out.... well hope your haven't lose any data well all i can say is that you protect your pc w/ a personal firewall here are some links below, and scan for your system download some free trojan/worm scanner and update your anti virus every week..thanks hope that i help you with this little information
http://www.agnitum.com/
http://www.zonelabs.com
www.moosoft.com
http://www.symantec.com/
Here are the downloads and tips.
http://www.antionline.com/showthread...668#post685668
When you say tapped are you meaning to say Probed?Quote:
By GlobalDuck
Hi! i am new to this site and all it covers and could really use some help asap.......i am being tapped (i think) by someone and i think it is thru yahoo...also i would like to learn to protect my comp from future attacks .....PLEASE HELP
TIP:It would'nt hurt to read other threads about comp security
wwell i am running xp fully updated and the yahoo messnger is 5.6 and i know i am having my messages "sniffed"...i dont know how to check my firewall log so i could use some help with that and i have a linksys router with firewall and i use my xp firewall too.....is there software i can dl that will protect or inform me of any "taps" .......i already have ad aware on my machine and run it at least twice a week ass i am active online .......any help would greatly be apreciated....glad to know there is a site dedicated to helpin newbs like myself ...thanx for all the input
Ok, let's take a breath here....if you don't know how to check your logs, how do you know you are being sniffed? If you are using XP's firewall, chances are the logs are not enabled, unless you enabled them yourself. (I think they are disabled by default?)
As far as identifying if you are being sniffed, from a command prompt, run command, then ipconfig /all. Depending on what kind of nic you have, you may be able to see the word PROMISC somewhere. That would be one indicator.
Also, a program called Active Ports will make it a little easier to identify what is listening...found here: http://www.protect-me.com/freeware.html ...between these two, you should be able to identify what is happening.
The most important queston...exactly what is happening that makes you think you are being sniffed.....could be a keylogger, scanning software...a number of things.
EDIT: I meant ipconfig /all ...I changed it..sorry if I confused you.
my yahoo messenger logs out and reboots on its own and as far as i know there is nothin wrong with yahoo on my end ...i ran ipconfig/all like suggested and i didnt see that word PROMISC anywhere.......
Hrmm...
Have you try changing the password on your Yahoo Messenger? What version of YM are you using?
The previous suggestions on scanning for trojans would be good. The logging out on it's own and rebooting isn't activity I'd associate with sniffing except for maybe an active sniffer like Ettercap and if you had auto login in place.
Sniffers are hard to stop. Are you at a college when this happens or is this an "at home" thing? DSL? Cable? Dialup?
Thank you Mittens, that kind of seconds my opinion...I was about to suggest reinstalling the messenger service (with the security updates)....software conflict maybe? I'm running out of ideas.
hi :D
globalduck1313, try to run " netstat -a " in DOS. That will give you a good description of what
connections are established, and also will show you the remote hosts you're connected with.
Then you'll only have to know if a determined host or ip range can be trusted or not.
By the way, if you use a linksys router, you can learn wow to setup the firewall, adding rules.
Any software that removes spyware can also be helpful.
Kaliber, Lisbon.
I've heard of Yahoo booters that are supposed to let people with no lives kick anyone off of aim. Try telling us what happens before you get kicked off?
if its not a booter, then it could be a program error or trojan horse.
Try doing scans fromtrend micro
And get yourself an antivirus software.
Avast! is free for personal use - click
And AVG is free for personal use - click
Off Topic-
You might want to use some other firewall rather than the built - in windows XP one.
The Windows XP firewall only monitors outbound traffic. There are some free firewall solutions that the people mentioned in this thread before. Hope this helps.
thanx for all the advice i have a cable hookup and i have downloaded and installed blackice.the situation is as follows there is a guy who is pissed i am talking to (supposedly) his lady online even though she isnt anyones lady.he is a hacker and has repeatedly said that he was going to atack my comp......well he did (i think) he said he had my comp on his cam but i dont really know for sure .....Guys this has me seriously worried as i am a recording musician who has a lot of music on my comp that is not copyrighted yet.......is there any way to make my comp completely hack proof(if there is such a thing)i am seriously freaked out by this....i have neotrace and active port ...if someone wants to message me i am available after 6pm e.s.t i really appreciate all the help and tips ...PLEASE HELP i want to nail this guy
btw my yahoo id is globalduck1313 thanx again...more info......i am at home and it is only the one machine hooked to a cable modem and then a router like i said i dont know anything for sure but even if he is screwin with me i still want to harden my machine so any help is appreciated
Net stat -an and other commands
http://www.commentum.com/tech-support/netstat.html
(opinion) More likely BS hes feeding you.Quote:
he had my comp on his cam
I use smoothwall Im not to worried about the kiddies.But to answer your question "HackProof" I would say not likely. www.BlkViper.com comes pretty close though with hist "SuperTweak" Registry tweak you can copy from his site.Quote:
guys this has me seriously worried as i am a recording musician who has a lot of music on my comp that is not copyrighted yet.......is there any way to make my comp completely hack proof(if there is such a thing)i am seriously freaked out by this.
Did you ever give this guy your IP # or did you direct connect to him (via) Aim, yahoo ect.....
The best thing I can tell you to do is to keep a eye on your logs and keep in touch with your Isp.
Also something might be wrong with you're Yahoo Messenger. You could try to uninstall it then re-install it. That might help, it couldn't hurt anyway.
Hi -
Do you mean he was able to take screenshots of your computer?Quote:
he had my comp on his cam
Try asking if you could see the pics. If he doesnt let you, its all BS
If he does show you, go scan your computer for viruses. You can go to Trend Micro for free virus scans.
If trend micro doesnt find anything, do a netstat. Use a program called XWHOIS to go with it.
You can find it here
This is how-
• Download XWHOIS first
• Unzip it to C:\Windows
• Go to Run
• Run command.exe
• Exit Yahoo - Internet Explorer (everything on the internet except for your firewall and Explorer)
• Type in netstat -n
• If a list of IP addresses comes up in the console, type in XWHOIS for each IP address there. It should be able to trace back to the guy (If hes connected to your computer)
• If there wasnt a list of IP addresses to start with, the guy was lying.
And if you still dont feel safe (or dont feel like doing any of this), report this to the yahoo abuse service - click.
If they dont do anything, contact your ISP. If that doesnt do anything either, you can always make a new screename :D
-Hope this helps
jus to add to the ad-aware spy remover, this is also a great freeware tool too. http://spybot.eon.net.au/index.php?l...&page=download - its spybot
Hi,
You might want to read this tutorial i found on google. It teaches how not to get booted - click
-Hope this helps
Have you recently downloaded any pictures with the extension .exe? lol Listen I say there is a good chance it's just a trojan so get a firewall and a cleaner and stay DISCONNECTED cause if it is a trojan and someone means business it aint a thing for them to wipe your drive. This is no big deal really just take precaution. You could also log his IP and later resolve it, record the time of attack, and contact his ISP with the information and violation. Assuming, of course, that is the case.
if you get the macfee firewall it will stop programs from entering your computer and messing with your files or kicking you off of the net at the sametime if you need more info email me and i will he;l you the best that i can
First I'll give you a few tips about sniffing a connection. Sniffing lets somebody read what is going over the network (IMs, web requests, file downloads, etc). In order to do it you have to be either on your local network (you said you're the only computer on it, so thats not the case) or on the network your connecting to (In this case Yahoo's network, I PROMISE you he's not on that network). You can't just sniff a connection from anywhere.. few exceptions, but if this guy is going after you like you say he is then I doubt he would know any of those methods.
So on to the other ways he might be doing something. Like its been said before, Trojans. They're small applications that let people take controll of your computer over the internet. Programs like subseven and bo2k are pretty popular among the skript kiddies (forgive me if there are more out, I just can't think of them off the top of my head). They'll let people do things such as take a screenshot of your computer, open cdrom drives, format the computer, and all sorts of other annoying stuff. They're pretty trival to get rid of, a good antivirus such as Norton or Mcafee should be enough to get rid of *MOST* trojans.
If you're freaked out just because Yahoo keeps closing, it might just be a software problem. Try reinstalling yahoo. It also might be a booter program, they're harmless. All they do is send strings of HTML and such in an IM window and yahoo doesn't know what to do with it so it closes the program (correct me if I'm wrong here. Its been along time since I've had to deal with one of them. Ahhh.. back in the old AOL days.).
Here's my take on the whole situation. If the guy has been bragging that he has screenshots of your computer and has been telling you he's a hacker, the most likely he's just trying to scare you or he's a script kiddie that wants attention. He's probably not good enough to invoke any high tech hacks to get on your system. If he has anything its most likely a trojan on there that you installed on accident. If you have a CD burner go back up all your music on it and any other files you may need. Try to stay away from backing up any executables (screensavers, games, etc). If you don't have a burner go, go get one they're cheap and its not hard to install. After that, if you're REALLY worried about this and none of the other applications have shown anything (antivirus doesn't detect anything etc..) then reformat the computer. **IMPORTANT** make sure you have everything you need backed up!! Once its formated its ALL gone, you can't get it back.