RE: my pc hacked?

From: Lucas Zaichkowsky (LZaichkowsky_at_cyracom.net)
Date: 09/17/03

  • Next message: Nick Owen: "RE: penetration tester advice"
    To: "'hong li'" <hong_li_98@yahoo.com>, <security-basics@securityfocus.com>
    Date: Wed, 17 Sep 2003 12:13:04 -0700
    
    

    What kind of router? What code version? What does the configuration file
    look like? What kind of connection are you making? telnet, ssh, console?

    When you say the PC is running slow, do you mean the CPU is under heavy load
    or is there just a lot of hard drive activity?

    -Lucas

    -----Original Message-----
    From: hong li [mailto:hong_li_98@yahoo.com]
    Sent: Wednesday, September 17, 2003 7:06 AM
    To: security-basics@securityfocus.com
    Subject: my pc hacked?

    Hi, all

    I think my workstation was hacked. (windows 2000
    professional) When I connect to the router
    to do some configurations through hyperterminal and I
    can see the password on the screen, even with
    encrypted password. The pc was incredible slow. I
    tried netstat -na and did not see the suspicious
    connection. Show processes and only see one suspicious
    "webcompserver.exe"
    (did not google this yet). I tried to use nmap to
    scan ports and shows all posts are closed.

    Any idea or suggestions whether the pc was hacked?

    Thanks in advance,

    Hong

    __________________________________
    Do you Yahoo!?
    Yahoo! SiteBuilder - Free, easy-to-use web site design software
    http://sitebuilder.yahoo.com

    ---------------------------------------------------------------------------
    Captus Networks
    Are you prepared for the next Sobig & Blaster?
     - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
     - Precisely Define and Implement Network Security
     - Automatically Control P2P, IM and Spam Traffic
    FIND OUT NOW - FREE Vulnerability Assessment Toolkit
    http://www.captusnetworks.com/ads/42.htm
    ----------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    Captus Networks
    Are you prepared for the next Sobig & Blaster?
     - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
     - Precisely Define and Implement Network Security
     - Automatically Control P2P, IM and Spam Traffic
    FIND OUT NOW - FREE Vulnerability Assessment Toolkit
    http://www.captusnetworks.com/ads/42.htm
    ----------------------------------------------------------------------------


  • Next message: Nick Owen: "RE: penetration tester advice"