hello, i've got avast anti virus, and zonealarm on my laptop. still an old class mate can breake into my laptop, how can i stop him????
Printable View
hello, i've got avast anti virus, and zonealarm on my laptop. still an old class mate can breake into my laptop, how can i stop him????
Hey Hey,
How about some more details first.
How did he break in?
How do you know he broke in?
What did he access/remove?
What does your firewall say?
What open ports do you have?
What is your firewall set to block/allow?
The answers to all of these, as well as other questions, would greatly assist in helping you determine what happened and how to prevent it.
Peace,
HT
Ok, I'm just gonna get in before anyone else asks you the same thing:
Can you give us any more information. If it's an old class mate, will he tell you how they got in, and what they used. You need to explain how he's getting in before anyone can really give you any good information on how to stop him.
I mean, anyone can tell you that the easiest way to stop him would be to just not connect your computer to any kind of network, and make sure he doesn't have any physical access to it, but somehow I guess that won't help you :P. We could also tell you to set up a firewall that allows you to specify certain rules to prevent any unauthorised person from attacking, but surely zone alarm will work better for you than anything you could set up manually when you don't know how to stop him already.
So here it is...give us more information. How did the person gain access to your computer, what type of network are you on, did he attack your computer over the internet (well, anywhere remotely actually), or did he have physical access to your box. I'm guessing from the fact that you said about zonealarm that it was remote, but give us more info.
Thanks,
ac
[edit] damn you HTRegz, you got there first and managed to ask him better questions :P [/edit]
he told me he got to see what i've downloaded for the past several weeks!
he said he got in thanks to a filesharingprogram( kazaalite i think)
zonealarm doesn't warn me. both settings at high (stealth mode)
i'm connecte with ADSL, he said i had to figure out how to stop him grrrr... he send copys of my files to others, and i don't like that at all!
If he knows your username on KaZaA, he can see what all is in your Shared Folder, just like you can see what is in anyone's shared folder if you know the username.
It's not a bug, it's a feature :)
i don't share any files!
Can he see ALL files you downloaded, or just the ones you downloaded with KaZaA?
only the ones downloaded with kazaa (he mentioned some files, all downloaded via kazaa)
btw. i'm using sygate online scan now to scan my ports (tcp scan right now)
maybe he's not actually getting any more access to your computer than any other kazaa user then. Either that or he's using some exploit in kazaa. Sounds like that anyhow.
ac
he also mentioned that a firewall always let some ports stay open.... so i think he's using one of them..?
Sounds to me like bullshit, because that definately isn't true. However if you want to check your ports you can either download fport from www.foundstone.com or use netstat -aon and then view PID under task manager and compare the PID between the two to see what ports are open and what applications are opening them. Although just because they are open doesn't mean they can be see by people on the otherside of your firewall. The results of the portscan will be useful..Quote:
Originally posted here by u2petre
he also mentioned that a firewall always let some ports stay open.... so i think he's using one of them..?
Peace
HT
A firewall works the other way around... by default, all ports are (should be) closed, and YOU choose which ones to open...
Sounds to me like a KaZaA-problem :)
A decent firewall won't let any ports stay open apart from ones which you've set to be open. I think that's unlikely. I would think that if it's your kazaa list he seems to know about it's probably a kazaa thing. Maybe he knows a lot about how the kazaa network works and can get past the fact that you don't share any files/has a prog to do it for him.
ac
[edit] you have to remember that the morpheus code was available for download off their site for a while before morpheus changed. And since morpheus used the same network as kazaa for quite a while, it makes sense that ppl would have found some vulns... [/edit]
sygate has found all ports (1 to 1024) closed....?
Try port 1214...
I probably shouldn't share this, but a Google search would have turned up the same info for anybody that was interested......
http://cert.uni-stuttgart.de/archive.../msg00416.html
EDIT: granted, this is an older post.... but there are other similar posts that are more recent.
I don't believe that works anymore, groovicus. I've just tried it on myself while running kazaalite, and I get a connection refused error which leads me to believe that the "bug" has been fixed.
ac
I removed your post, u2petre, since you posted the "hacker's" IP. I can't edit your post, so here it is without the IP:
Getting back at him would be illegal, btw :)Quote:
but i think these backups from my pc will show up at school tomorrow...to bad.
btw the ftp adres from that hacker is ***.***.***.***
can i do anything to stop him er get back at him?
i know, (but what he is doing is also illigal...)
if i uninstal kazaa, those ports are closed again?
Two wrong don't make a right. If you have his IP Address, then report him to his ISP, but don't resort to illegal methods, they'll only get you in trouble.Quote:
HT
how do i see which isp he has?
Hey Hey,
You have his IP Address... Resolve it... For example.. Someone with my ISP would have an IP address similar to 65.93.84.XX and when resolved you would get Kingston-HSE-pppXXXXXX.sympatico.ca. You now know that my ISP is sympatico.ca. You would simply have to browse to sympatico.ca (or www.sympatico.ca) and look for a contact us/report abuse email address
Peace,
HT
You mentioned that you had no files shared...but no one asked where you keep the files that you download using kazaa. If you leave them in the folder that they are downloaded to, they are automatically accessible by everyone using the program. Your firewall would not block it because with ZA you allow certain programs through, so if kazaa is getting through to download stuff, the folder that you download to is open for anyone to take files from.
-.Sy.
Sound theory, except that most people no longer use kazaa (I mean really who wants spyware on their system)... they all use kazaa lite which has the option of disabling sharing, even if you have files in their, no one else can get to them because you are always sharing 0 files.Quote:
Originally posted here by .Sy.
You mentioned that you had no files shared...but no one asked where you keep the files that you download using kazaa. If you leave them in the folder that they are downloaded to, they are automatically accessible by everyone using the program. Your firewall would not block it because with ZA you allow certain programs through, so if kazaa is getting through to download stuff, the folder that you download to is open for anyone to take files from.
-.Sy.
peace,
HT