- This topic has 11 replies, 4 voices, and was last updated 16 years, 4 months ago by
.
-
Posts
-
Hello,
I am kindly seeking some help here! My connection at home is dial-up Connection and recently i’m suspecting of one my friends spying on me when he made a mistake. I usually talk with my husband who travels most of the time and we have a lot of problems to discuss and it’s pretty annoying when you feel such private discussions could be spied on by one of your best friends. How can I make sure?? I hope i’m wrong!
Has your friend access to your computer or do you only know him over the internet? Have you done virus/trojan/spyware scans?
Actually niq we both know this friend since years but he has no access to my computer. he lives in another town and I have never opened any attachmenet from him. I check my computer regularly and chase off any trojan or spayware. But I do know he knows more than he should and there’s no way me or my husband would have told him our own problems!!!!
It began one day on MSN while I was chatting with my husband and he was on line and we said our hellos and from that day i feel he spied on us!!niq6566 wrote:Has your friend access to your computer or do you only know him over the internet?You made me realize something else.. In matter of two days i should take my laptop to maintenance. How can i make sure afterwards that there’s nothing being installed.. like sniffers?:confused:
I know i’m paranoid please endure with me but since i began suspecting my friend and i feel violated and feel to be more careful!i’m no expert on sniffers and keyloggers, but there are tools that can detect if any are installed on your comp/laptop. Some can be detected by antispy and anti-virus scanners as well.
You say that this person is a good friend of yours, have you ever asked him why he knows those private things?I have but he answered in away that I wouldn’t know for sure. It confused me even more. I know it’s not our problem if he heard us talking private stuff or revealed some of our problems because it’s not our fault , i havn’t invited him to such private conversation..This friend is very good guy but still when I met him months ago I couldnt stop thinking of all my talks with my husband.. it’s silly and mean same time.
It could be possible that this “friend” has networked your computer to his. That would explain why you don’t have a trojan. Networking would allow him access to your computer. Then, with software, he could view your Message Archive without your password.
In messenger go to Messenger–>Preferences–>Archive and uncheck the box for Enable Archiving.
membernc wrote:It could be possible that this “friend” has networked your computer to his. That would explain why you don’t have a trojan. Networking would allow him access to your computer. Then, with software, he could view your Message Archive without your password.In messenger go to Messenger–>Preferences–>Archive and uncheck the box for Enable Archiving.
:confused: :confused: :confused:
Do u think that is possible between two different countries?I have a fire wall on my pc too..Does that work good?
I will uncheck the enable archiving thing too.. Thank so much membernc!
beinghacked wrote::confused: :confused: :confused:
Do u think that is possible between two different countries?I have a fire wall on my pc too..Does that work good?
I will uncheck the enable archiving thing too.. Thank so much membernc!
Yes its possible to remotely connect to a single user PC anywhere in the world,but its not easy.The hacker needs an IP address for starters,it depends on the form of attack as well,Netbios attacks are a commonly used method to obtain a computers identity and then the hacker would try to find a backdoor into the target computer.RAS(remote access service or remote access server)is another method but is a little more tricky.It also depends on your firewall setup,if all your ports are closed or stealthed(which is better security)that also makes it harder to gain access.Also your IP renews everyday(changes on a daily basis)so that also makes it harder to track it down,but not impossible.
The latest windows updates would help secure your pc even more,it depends on which operating system you are using.Also make sure your ports are not open.
Use the shields up test at https://www.grc.com/,which performs a simple port scan to see if your ports are closed or open or stealthed.Or try symantecs online security scan at http://security.symantec.com/ to check that all your ports are closed or at best stealthed.All this probably isnt neccessary but just for peace of mind I would suggest you check everything.
If you are infected with a keylogger or a trojan and your anti virus doesnt pick it up then you could go to http://housecall.trendmicro.com/ and use the free online scanner just to double check.
Some people say netstat -n command in command prompt isnt good for picking up dodgy stuff but I personally like using it to monitor the ports on my PC,if you have a dodgy server running,collecting information on your computer then more than likely netstat -n will show its name and which port its running on,.If you dont know how to use netstat then google it.
As stated earlier anti spyware software like Spybot search & destroy,lavasoft,webroot, all pick up most keyloggers.
If you havent taken your pc to a repair shop as yet,I would suggest you ask them to check your computer with their scanners if you are unsure yourself.Good luck
tinethle, thanks so much for the valuable information and time you spent to deliver it to me. I really appreciate it.
Ok now i’m certain i have a hacker thanks to the detecters given by tinthle.
What are the best solutions to beat that , does this fire wall do it http://helpdesk.doit.wisc.edu/page.php?id=3487
??
Are you mac or windows operating system?I’m assuming you’re mac by the norton firewall(mac)link you provided.I’ve never been a big fan of norton personally but thats not to say its not a good firewall.Any firewall is better than no firewall.It should provide good protection provided its setup correctly,ideally you should be looking at stealthed ports or closed ports,no open ports unless you open them yourself.
If you have come to the conclusion that you have a hacker on your tail via using netstat then you probably should consider looking up the IP addresses or port numbers first before assuming its a hacker.
example from netstat -an command:
TCP 192.1**.*.*:1040 83.*.27.*:6885 ESTABLISHED
192.1**.*.*: represents my IP, 1040 and 6885 repesents the ports,83.*.27.* represents the destination IP,outside world IP,in this case I’m using a P2P client(torrent)to download files from a host @ 83.*.27.* .. etc etc…Established are live connections meaning that the port is open,is used by a program or process,you would need to keep an eye on established connections because if you didnt allow the connection,open the port yourself then someone may have opened it from the outside world.There are many sites on the net which do IP lookups whoiswho,so in this case I would put in 83.*.27.* , and traceroute the IP to find out the location of the attacker.Having said that hackers are not stupid,and they would mask their true IP address,by using proxies(false IP’s)
# Well Known Ports These run from 0 to 1023, and are bound to the common services that run on them (for example, mail runs on channel 25 tcp/udp, which is smtp (Simple Mail Transfer Protocol) so if you find one of these ports open (and you usually will), it’s usually because of an essential function.
# Registered Ports These run on 1024 to 49151. Although not bound to a particular service, these are normally used by networking utilities like FTP software, Email client and so on, and they do this by opening on a random port within this range before communicating with the remote server, so don’t panic (just be wary, perhaps) if you see any of these open, because they usually close automatically when the system that’s running on them terminates (for example, type in a common website name in your browser with netstat open, and watch as it opens up a port at random to act as a buffer for the remote servers). Services like MSN Messenger and ICQ usually run on these Ports.
# Dynamic/Private Ports Ranging from 49152 to 65535, these things are rarely used except with certain programs, and even then not very often. This is indeed the usual range of the Trojan, so if you find any of these open, be very suspicious.
So generally speaking the higher port numbers are the ones to be supicous of.But thats not the say that the hacker won’t use lower numbered ports as well.The fact you’re on dialup means that this person can only retrieve information while you are online(dialled up),as opposed to dsl or cable-which is always on.
If you setup norton firewall to stealth or close all ports,and use medium settings on inbound and outbound traffic then you should be ok.If you have scanned your machine with AVG and found no virus’s then you are probably ok,AVG also picks up keyloggers if present.But it doesnt hurt to use some of the online AV scanners,like norton security or trendmicro just for a second opinion.
Of course your account may have just been cracked,using a cracking program and a password list(which doesnt need to be connected to your computer to work),in which case you should change your password and any other important information on that account.
sorry for the length of this post.
- You must be logged in to reply to this topic.