|
-
March 25th, 2002, 10:43 PM
#1
Junior Member
Need Help
Ok
I'm currently being spyed on and I'm not sure how to protect my pc. mail, chat etc. All my mail, chat ..is being intercepted and i have no idea how to protect my against this. Some sort of monitoring programme is in place. Please can somebody help.
-
March 25th, 2002, 10:47 PM
#2
You can start by getting PGP - Pretty Good Privacy. It is an encryption tool, mainly used for email, but can be used to encrypt files also. But that will not work with an Instant Messenger or IRC. There is a secure IM out there. The name evades me now. But the person who you are chatting to, must have the same IM client, and have the encryption feature turned on. Also, there might be a keylogger. I am not sure how to detect those, as I have never played around with that.
-
March 25th, 2002, 10:56 PM
#3
You need a firewall you can download load some at www.download.com look for zonealarm but you computer is never really safe. Also look for any programs that you didnt put into your computer Called Trojan Horses.
I GOt this from Cyrus: www.cyruslabs.com
Cleaning Trojan horses
The first step into securing your windows box would be to see exactly how you are vulnerable. Once you have seen how you are vulnerable you can fix those vulnerabilities. One of the first steps for Windows is to check to see if you have a trojan horse installed on your system. These can hide for long periods of time and still be undetectable. So they way to see if you have a trojan horse is WHILE YOUR OFFLINE you load up the ms dods prompt and then you type in the command "netstat -a" without the quotes. What this tells the computer to do is to list all open ports on your computer. Now you can compare the open ports on your compute to those of lists of the most common trojan horses around which can be found at here. Now once you have identified the trojan horse that is on your computer you must go to remove it. This is not hard. You have to go to "start" then to "run" then you type in "regedit" without the quotes. Then a window will pop up and list several weird looking folders. You have to check the plus sign next to the one called HKEY_LOCAL_MACHINE and then click on the plus sign on the one called SOFTWARE and then click on the plus sign on MICROSOFT then do the same to WINDOWS and once again on CURRENTVERSION and then you will highlight the folder named "RUN" and check for anything suspicious looking. If you do find something that looks suspicious then all you have to do is highlight it and hit the delete key on your keyboard and say yes to the warning. Now once you clean out your RUN folder you must go to the RunServices folder. It's somewhere below RUN and then you look for anything suspicious under RunServices. And again if you find something rather suspicious then just hit the delete key on your keyboard. Then once you have disinfected that then your almost through. Now you have to go over to the win.ini file that is inside your c:/windows/ folder. You can do this in notepad and then opening up the win.ini file and looking under the load="" section. That is found on the top of win.ini. Then after you have finished looking at win.ini you must look at system.ini. This can be accomplished again by opening it up in notepad and looking under the load="" line. Now if either in win.ini or system.ini you found something that shouldn't be there, then you just highlight the name of the file and then just delete it. Note: in the win.ini you will usually find something called explore.exe. DO NOT delete that. That is a critical important windows program that lets you interface with your files. Once you have reviewed all of your registry and "startup" points then just restart your computer in a trojan free environment.
also check out the Computer Security Bible Volume 1 also by cyrus it is a really easy read
PEACE
-
March 25th, 2002, 11:01 PM
#4
1. Run Tauscan from www.agnitum.com
2. Run anti-virus www.mcafee.com www.norton.com
3. Install firewall www.sygate.com www.neoworx.com www.agnitum.com(outpost)
4. play safe (uninstall Outlook Express)
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
March 25th, 2002, 11:14 PM
#5
The only secure computer is one that is turned "OFF" and in a locked room with the HDD removed and in your back pocket. Ehh, heh, heh. Other than that. Scan for virii, trojans, and malware. Never let "buddies" use your system. Install a personal firewall, use encrytion for personal stuff, password protect everything (use complex passwords such as: *&%^&$E&(^)*^)5" and so fourth. Most important of all is two things. Never trust any download from anyone (scan it before opening it, no HTML etc...) and make sure you update with current hot fixes/patches. Oh yeah, make sure you have file sharing turned "OFF" unless you absoulutely need it.
Just be security minded always.
The COOKIE TUX lives!!!!
Windows NT crashed,I am the Blue Screen of Death.
No one hears your screams.
-
March 25th, 2002, 11:59 PM
#6
gstudio:
I'm not sure if it's the one that you're thinking of, but Trillian (www.trillian.cc) supports encrypted Instant Messenging. I've never used that feature myself, but I noticed it listed and thought perhaps that was what you were referring to.
-
March 26th, 2002, 12:09 AM
#7
I use Trillian when I'm on my win box,
It has an encryption feature...
btw:
I think Vorlin runs a mirror for trillian... I'm not sure. However he has donated to those guys and girls... Therefor If you want to know something about it ask Vorlin, he probably knows.
-
March 26th, 2002, 12:56 AM
#8
Junior Member
A simpler and more user friendly version of Scarface212's registry editing techniques: Click 'Start', then 'run'. Within the run box, type the command 'msconfig' (again, without the quotes.) This will start an application specifically designed to configure what your system runs and what it dosent upon boot time. Far more user friendly than messing around with registry links, and its more less likely that you can accidently delete the wrong key or get lost or something. You are probably going to me most interested in the tab named 'startup'. Within here is a list of every windows application that is set to be executed upon boot time. If you do have a trogan, theres a 99.9 chance that you'll find it listed in here somewhere. Next question is "Which one is my trogan?" Its quite plausable that it could be discuised as some legitimate program. No easy way around this one, but if you know what should and should not be running on your system its not impossible. Applications such as "Taskbar display controls, Scanregistry, Taskmonitor, Systemtray, LoadPowerProfile, SchedulingAgent" are probably legitimate, so leave them in peace. Anything else left could be your trogan. Applications with names such as "Netbus, Backorfice, Sub7, Server" are suspicious, so they should be removed. If your not seeing any names such as those, you are going to have to compare a list of applications you know are installed on your system with those set to be executed upon boot time. Also, it might be a good idea to perform all these changes while in safe mode (Hit F8 before the initial Windows boot screen logo appears, then select Safe mode from the menu). The reason for this is you can be sure that your trogan is not going to be loaded with the rest of the operating system, so it dosen't have a chance to write itself back into the registry if it finds you have deleted it.
There, I hope thats helpful and not to lengthy.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
