Need some answers, thanks!

[euterpe]

Hi everyone, I'm another newbie and have to say I am learning a lot here from everyone, thanks.
Here's my problem: I made a message board for me and two of my friends, made it unfindable by any means I could. A place where, yes, we said some very private and personal things,
Somehow this man, who has had nothing better to do than harrass me and play mind games for months, found it. We wouldn't have even cared if somehow complete strangers had wandered in somehow and read our diaries, so to speak, but the thought of him reading them is nauseating.
We moved it, remodeled, renamed.. seemed smooth sailing,and then I noticed an odd thing this morning, the "who is online" said there were two guests, (one was me) only it wasn't the other people, and whoever it was did not show up on the tracker.
I guess my questions are:
How could he find this and not show up on the tracker? Based on all the sick stuff he has done I am not paranoid in assuming it is him. Is there anyway he can track our movements on the net?
(why I am so afraid the answer is yes?)
I know we took chances in doing this and maybe in the scheme of things it isn't that important....but he just won't leave us alone, it's like this incredibly sick power play from someone who uses all his time and energy to make trouble for people both online and off.
Any ideas for tightening up the security?
Thanks for listening and for any thoughts on this!

[E-1]

If this 'guy' is following you from BB to BB then it seems you, or one of your friends has a machine that is compromised.

Check your machines out for Trojans etc. check your firewall configs and then re-set your passwords on your BB's.

Might help.

[[WebCarnage]]

Hmmm...some guy eh? Well it must really suck to be you. But have you ever stopped to think that maybe your friends is leeching information about this online diary (?)? If not, two words: Back door. Maybe this guy just found you on ICQ or something and started a small chat...sent you his *picture* and wham. Your infected. Which means he can see all the webpages you've been to - including the URL - as well as 'reading' the password in plaintext (if there is one to enter this 'place'). Pretty sick eh? You betcha.

Try telling all your friends to get the latest update for their AntiViral Kit as fast as they can, and scan their whole computer. Or maybe it could be an Admin from your host (if your diary is something like: www.euterpe_dairy.com). Highly doubt it though. But still...check and patch the obvious. Then ask away if that doesn't work.

[Tedob1]

when you 'moved" the board, did you move it to another server, or just open up a new message board with the same service provider.

[VanEck]

Yes, I would definitely recommend that you and your friend do a in depth scan of your PCs for any trojans. Also, I would suggest password protecting your board, but only after assuring that the two of you have no back doors on your systems. Do you have any idea who this person may be? Do you know if he is on the same LAN as you? Perhaps even the same ISP? These are the things you need to consider before you can get away from him and regain your privacy.

[Vorlin]

Another thing to check is to see if this message board you set up logs IPs for the administrator. After checking your machine for viruses/backdoor trojans/etc, change all your passwords again, make sure your email client isn't sending remote mail w/o your knowledge (you know, putzing along, you log into a site with user/pass and booya, outlook express fires off an email to said person). Another thing to do is go download ZoneAlarm from www.zonelabs.com and allow only your browser. This forces all applications attempting to access the local network or the outside internet to "ask" for permission. You'll get a good idea of what's running in the background really quick (see said outlook express mail comment above). Once all this is done, go back to the boards, get the ip address from any logged posts this guy/gal/it has done and contact the boards administrators (the people who run the site) and figure out how to get a password authentication into your board (would tell you about the wonders of apache but alas, this is winblows). Hope this helps!

[Conf1rm3d_K1ll]

Originally posted by euterpe
Here's my problem: I made a message board for me and two of my friends, made it unfindable by any means I could. A place where, yes, we said some very private and personal things,
Somehow this man, who has had nothing better to do than harrass me and play mind games for months, found it. We wouldn't have even cared if somehow complete strangers had wandered in somehow and read our diaries, so to speak, but the thought of him reading them is nauseating.

My first rule on PC security is that you must assume that EVERYTHING you do online is being watched. IMHO it was rather foolish to reveal "private and personal things" on the 'net.

Originally posted by euterpe
How could he find this and not show up on the tracker? Based on all the sick stuff he has done I am not paranoid in assuming it is him.

Only the paranoid survive! If you were paranoid in the first place than strange, stalking men wouldn't be reading your deepest darkest secrets. I've read stories that The US DoD hardly ever use the 'net to transfer data. If they require data transfered it's placed on a disk and sent with an armed guard. Now that's security!


Anyway, as everyone has stated check your OS for trojans and keyloggers....and good luck.

[euterpe]

Thank you everyone for your advice, thoughts, and comments which are appreciated and valued.,and which will be put into use. I ran a virus scan which came up clean, and am waiting to hear from the others. I guess there could be several possibilities and yes, an initial breach of security and trust could be part of it as someone mentioned. Also, there was something strange that happened around Thanksgiving though. This fall a person just appeared on my icq and wanted to chat. He called himself "Nice Guy", and said he had found me by picking me at random by putting my first name in a search and picking me. This didn't quite sound right, I tried doing this myself and I never came up. I don't think I am even in the directory. Maybe my subsequent curiousity to solve a mystery and hope it was someone I wanted it to be led me into some of this. Then around Thanksgiving my icq database just evaporated into thin air, could not be found. The program wasn't deleted accidentally or anything like that. It probably was this man. Yes, I do know who he is and at least one of his isp numbers and he lives on the other side of the country. He seems to derive great pleasure from this cat and mouse game. He says he has 3 computers, claims to have been a US intelligence agent doing "black box" work, (whatever that is) and also a computer encrypter for the govt, who gets flown into Washington! Looks like I have found myself
a real winner of an admirer/hater.....and like I said the mind games have been going on a long time.
Yes, we made a new board onto the same server/provider, which was EZ board. I have tried everyway I could think of to find it in a conventional way and it is unfindable.
And yes, we were foolish to put our most personal things up on the net. But better late than never, the mice will inject themselves with some stronger doses of paranoia, better judgement, and carefulness! Once again, thank you to all of you, will be implementing and trying out all your suggestions.... And will just keep learning by reading this board.

[Vorlin]

More than likely, while this guy seems to have some things on you, I doubt seriously he's anything he stated and he *may* have 3 computers or whatnot, but why would he benefit from telling you the truth about himself when he's after information on you? Bragging rights maybe, but I don't think so. From what it sounds like, you had some kind of keylogging prog installed without your consent or knowledge and he could get usernames/passwords, even into shares on your machine to do whatever he wanted. Program databases get corrupted yes, but disappear? No.

As for the 'mice injecting' comment, I'd prefer to think of a mouse with an MP40 and a few pounds of C4.

Oh, you might run 'netstat -a' from your command prompt. That will tell you all connections your machine has at that moment. Make sure you recognize everything there. Get zone alarm, and don't allow anything. You might even disconnect from the net before doing so, if the keylogger is present.