PowWeb Forums - The Perfect Community for the Perfect Host  

Register now to interact with over 11,000 members! Registered users have Posting Privileges, free access to Private Messaging, Email Notifications and more.

Go Back   PowWeb Community Forums > The PowWeb Platform > General Issues / Questions
User Name
Password
Register FAQ Members List Search Today's Posts Mark Forums Read

Closed Thread
 
Thread Tools
Old 3-9-03, 03:48 PM   #1
Bdiddy
Guest
 
Posts: n/a
Is someone hacking into my computer?

Okay, recognizing that there are some very computer savy people in these forums, I thought I'd ask this question here. Here's my situation:

Yesterday, someone apparently hacked into my Hotmail account and changed my password and user info. After many e-mails to Hotmail support, they confirmed someone had changed the password. Today, I logged into OPS for Powweb and noticed that the last IP address was not mine and obviously someone else's.

All of my username and passwords are different and virtually impossible to guess and NOBODY knows them but me - I'm sure about that. The Powweb and Hotmail usernames and passwords are completely different, so they would have had to get both from somewhere.

I have DSL and have a router with a built in firewall which is enabled and the logs show no unauthorized user attempts to get in.

Here are my questions: (1) could someone hack through the firewall without leaving a trace? (2) how are they getting my passwords if they have hacked into my computer or if they havent?(3) If I change my passwords, can they get them again? (4) would reformatting my harddrives and downloading an additional firewall work? Should I report the IP address to Powweb or the the IP's ISP?

Thanks for your help..I'm really worried about this...
 
Old 3-9-03, 08:41 PM   #2
Philatelius
Postmaster General
 
Philatelius's Avatar
 
Join Date: Aug 2002
Location: Philosateleia
Posts: 115
Reputation: 5
Can't help ya there, but bumping this back to the top of the heap in the hopes that someone else can....
__________________
http://www.philosateleia.com/
Philatelius is offline  
Old 3-9-03, 11:01 PM   #3
Croc Hunter
Mod.. with bite..
 
Croc Hunter's Avatar
 
Join Date: Sep 2002
Location: Australia
Posts: 7,304
Reputation: 449
You've been hacked

Run any .exe lately ? These executable files if corrupt can install small programs onto your computer known as trojans, backdoor, piggybacks and so on when you hit the net they let the creator know your online and they use this as an open doorway. Your firewall won't detect them it believes you want this activity as you set up the program. If well written your activity light won't even blink.

Windows recently released a patch for their media player. An exploit was found where people could deliver code to your machine if/when viewing movies online.

Once in it's not hard to scan registry or cab files and find passwords. Some can deliver a package through the backdoor which is memory resident holding like the last 5000 key strokes.

So what can you do ?
Update update update. Update everything regularly. Your firewall antivirus system files viewers do them all then run a full system scan. Familiarise yourself with the lingo. While I don't condone hacking and cracking if you know how to do it you'll know how to stop it. So I'll stick some links in here. If you find anything sus on your machine PM me I love getting these internet terrorists shut down. Did you keep that IP address ?.

http://www.cleo-and-nacho.com/mainpages/hacking.htm
http://combat.uxn.com/
http://www.hip97.nl/
http://www.mozilla.org/hacking/
http://dir.yahoo.com/Computers_and_I...ption/Hacking/
__________________
Croc Hunter MSC :
Croc Hunter is offline  
Old 3-9-03, 11:09 PM   #4
Croc Hunter
Mod.. with bite..
 
Croc Hunter's Avatar
 
Join Date: Sep 2002
Location: Australia
Posts: 7,304
Reputation: 449
10 good reasons to hate Hotmail

Close your Hotmail account.

http://www.google.com.au/search?hl=e...e+Search&meta=
__________________
Croc Hunter MSC :
Croc Hunter is offline  
Old 3-10-03, 12:14 AM   #5
Bdiddy
Guest
 
Posts: n/a
Thanks for the responses.

I've gotten even more scared now that I checked out those links and will definitely get rid of my Hotmail account. I changed all of my passwords and also downloaded Zone Alarm to compliment my router firewall. It picked up 5 attempted acess attempts within 5 minutes that my router firewall missed.

I download the XP updates when they come out and have an auto updating virus program, so that should be okay.

I haven't downloaded any .exe programs lately, but could there be a trojan in a program I downloaded a while ago and someone's just calling on it now?

My final questions, I guess, are (1) if I've changed all of my passwords (with both firewalls enabled) and always have the firewalls enabled, can they still run any scripts remotely (Zone Alarm seems much more comprehensive than my router firewall)? And, (2) should I reformat my harddrive if my virus program doesn't find anything and it continues to happen?

And I do have the IP address if you (or anyone else) would like it....

Last edited by Bdiddy; 3-10-03 at 12:16 AM..
 
Old 3-10-03, 12:38 AM   #6
Croc Hunter
Mod.. with bite..
 
Croc Hunter's Avatar
 
Join Date: Sep 2002
Location: Australia
Posts: 7,304
Reputation: 449
Quote:
Originally posted by Bdiddy
Thanks for the responses.

My final questions, I guess, are (1) if I've changed all of my passwords (with both firewalls enabled) and always have the firewalls enabled, can they still run any scripts remotely (Zone Alarm seems much more comprehensive than my router firewall)? And, (2) should I reformat my harddrive if my virus program doesn't find anything and it continues to happen?

And I do have the IP address if you (or anyone else) would like it....
(1) Yes
(2) That's a very radical fix. If your antivirus detects notrhing. Try trend micro online scanner. Also see the latest trojans and fixes.
http://www.trendmicro.com/en/home/global/enterprise.htm

Post the suspect IP here. I'll check it out.
__________________
Croc Hunter MSC :
Croc Hunter is offline  
Old 3-10-03, 12:43 PM   #7
kraskin
Guest
 
Posts: n/a
That is truly scary!!

I had something similair happen to me...but it was my paypal account that was infiltrated!! Fortunately I caught it in time...and the money has been pulled back..but the thought that someone can gather information on my accounts and use it against me..that is just SCARY.

Katie
 
Old 3-10-03, 12:57 PM   #8
glc
Guest
 
Posts: n/a
Not to arouse suspicion or something but maybe it's an ET spy looking over your shoulder from space.

Anyway hope this bump helps.
 
Old 3-10-03, 05:32 PM   #9
Bdiddy
Guest
 
Posts: n/a
Well, I used the site posted in another message on this board to track the IP address of the hacker and it came back to a major technology company in the area where I live. I called and talked to the head technology security officer and he seemed legitimately upset that one of its customers was hacking into computers and he said "they'd take action."

(Of course, now the hacker will try even harder to access my computer when he finds out I traced him, but oh well -- if he leaves his IP address, he can't be THAT good)

Just a note about PayPal: I got two separate e-mails, one supposedly from PayPal doing a "routine security check" and one from Ebay claiming the same thing. Both asked for your login info. Lucky, I was a little suspicious. Later, I read that both e-mails were hoaxes and if you responded, you were sending your login info to someone...so if anyone gets those e-mails, don't answer them!
 
Old 3-10-03, 05:51 PM   #10
Bdiddy
Guest
 
Posts: n/a
One more question:

This may be WAY farfetched. I was just wondering if PowWeb changed the configuration file for Webstats. Mine used to update once a day at 12:00 am PT, now it updates several times a day. Did PowWeb do an upgrade or something? I'm on Space. I couldn't find any topics about it with a quick search of the boards.

I'm just making sure because the person was in my PowWeb account and all...
 
Closed Thread

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 12:19 AM.


Contents ©PowWeb, Inc. ~ vBulletin, Copyright 2000-2007 Jelsoft Enterprises Limited.