Re: THESE ARE SIGNS TO LOOK FOR TO TELL YOU YOUR COMPUTER IS HACKED/OWNED:

From: George Hester (hesterloli@hotmail.com)
Date: 03/01/03


From: "George Hester" <hesterloli@hotmail.com>
Date: Sat, 1 Mar 2003 12:15:31 -0500

This is what I mentioned before. Hysteria. How can anyone beleve you are saying anything truthful in all the hysteria Tracker?

-- 
George Hester
__________________________________
"snailmail" <snailmail222000@yahoo.com> wrote in message news:b177251.0303010423.36622371@posting.google.com...
> You can copy and pass on this information as long as you give the
> owner credit where credit is due.
> 
> THESE ARE SIGNS TO LOOK FOR TO TELL YOU YOUR COMPUTER IS HACKED/OWNED
> ON A WINDOWS PLATFORM:
> 
> A.  Hackers disable your Daylight Savings Time.
> B.  The clock on the desktop can be one hour ahead or one hour behind,
> on occasion.
> C.  Your Network Places Icon on the desktop disappears.
> D.  If using a Windows platform: when you start your computer, your
> original screen will pop up, but since the hackers need to boot into
> their Server(s), the system will quickly re-boot and the original
> screen will appear twice.  But your system may re-boot twice instead
> of once when loading Windows OEM versions.
> E.  If your computer system occasionally re-boots on it's own, the
> hacker may need to update their Servers to make their computer system
> function properly.
> F.  If you play Yahoo Games, you may find yourself being kicked out of
> the board your playing in.  If your winning a game and you're the
> host, the hacker may not let you back in to finish.  This means you
> just lost a game at the hackers expense. When the computer was hacker
> safe, I went back to playing games and haven't been booted out of a
> game, since.
> G.  A browser application you install to filter out, or kill file
> certain individuals will not function indefinitely.  When your
> computer system is owned, you aren't able to filter out people in your
> browser for more then 1-2 days.  A number of computer owners whose
> systems have been owned, have advised me they also had the same
> problem.  Because hackers were using your illegally installed Servers
> for posting to the Internet, this is why you are unable to filter or
> kill file them.  This information was very apparent to myself and
> other ferret owners whose computer were owned.
> H.  When you begin to see Usenet remarks, made on behalf of your
> personal life which is private information.
> I.  Some of your personal files are modified years before they were
> created.  I have seen a number of personal files modified 7-8 years
> before they were even created.  How to accomplish this trick: Select
> Start, Settings, Control Panel, Date/Time, where the year is, Select
> the up or down arrow and, viola.  Then open up any file and Select
> Save.  A new creation date is present.
> J.  You will find a number of files hidden/readable only, which is
> common practice.
> K.  When you find additional information in your boot.ini file which
> relate to a Virtual Private Network, this can be either software,
> hardware or device driver oriented.
> L.  Under Search for Files and Folders, you do a search on any file
> modified in the past month, you will see files which just don't need
> to be modified, or files you don't even recognize.  For the simple
> minded, you'll want to focus on the files which you don't recognize. 
> Unless your a skilled professional, you won't realize which files need
> to be present or modified, but give it a try anyways.  [To perform the
> above you will need to see all Hidden Files and Folders.]
> M.  Select Start, Settings, Control Panel and Network, and look at,
> following network components showing.  If you see one AOL adapter and
> have never used AOL, then two AOL adapters,  two TCP/IP, two Dial-Up
> adapters, one or two Virtual Private Network adapters, your computer
> could be owned.  A Virtual Private Network is widely used by hackers
> because it can host up to 254 users. "This applies to the average
> Internet user who has one modem, one ISP and isn't running any FTP,
> HTTP, NNTP, PROXY, SMTP, SOCKS, SQL, or SQUID SERVER."  My skills
> working with VPNs is almost zero.  Every victims system I've seen had
> two VPNs set-up and they were only using a modem to connect to the
> Internet.
> N.  Next, Select Start, Run, type Regedit, Select Registry, Select
> Export Registry File, in the box type a name say 4-12-02.txt and
> Select save.  Then open this file with a text editor, and you might be
> shocked to find what really is installed on your computer system. 
> Check the bottom of this file, hackers love to install a bunch of
> applications, Servers files and device drivers.
> O.  You have to turn your computer off by the power supply on a some
> what regular basis.
> P.  Installing a Network Interface Card will cause problems until the
> hackers configure this device into their Servers or Virtual Private
> Network they setup on your computer.
> Q.  You find your cd-rom drive opens and closes without your
> permission.
> R.  You could hear an annoying beep coming from your system speakers.
> S.  Your windows screen goes horizontal or vertical.
> T.  The screen saver picture changes without your permission.
> U.  On occasion your mouse is out of your control or has an
> imagination of it's own.  But this could also be caused by a corrupt
> mouse driver.
> V.  All of a sudden, your speakers decide to play you some music.
> W.  Installing a hardware/software firewall for the first time can
> cause a number of different problems for you to set-up and configure. 
> Considering you didn't have these installed from the beginning of your
> computer going on the Internet.
> X.  Your firewall logs show alerts at 12:00 then 11:22 then 12:16 and
> back to 11:59.
> Y.  If using a dial-up/cable/dsl connection you see a number of pings,
> port 0, to your computer.  The reason is so that the hackers can see
> if your computer is active/alive. A system needs to be online for the
> hackers to access these Servers.  What the hackers actually do is port
> scan your Internet Service Provider Block of IP addresses and find
> your computer either with file sharing enabled or a Backdoor/Trojan.
> Z.  If someone is port scanning your system, in your firewall logs the
> port assignment aren't in any type of order.  You might see a probe at
> port 1,10,9,8,6,12,6,43 etc.
> AA.  When you find you have to set Zone Alarm firewall on medium
> instead of high settings.
> BB.  Once you can view all Files and Folders search for files named
> spool*.*.
> CC.  You may find another installed version of your software firewall
> application on your hard drive.  You will need to Show all Hidden
> Files and Folders under your Settings, Control Panel, Folder Option
> and View, if using a Windows Platform (excluding 2000,NT and XP).
> DD.  When you see too many,  Pings - port 0, HTTP/Proxy - port 80,
> 8080, 3128,  SMTP - port 25, FTP -  port 21, NNTP - port 119 port
> probes.  Your computer is probably running an illegal "VPN server";
> "web server"; "proxy"; "mail and news"; "ftp"; which hackers are
> attempting to access for their own personal use.
> EE.  If you don't see your computer node/source IP address on a
> consistent basis to the right side of your firewall log, your system
> is hacked/owned. (See the firewall logs below.) The hackers are
> entering through your system to attack other "Networks and Systems",
> so their identity can't be traced.
> FF.  When you perform a traceroute on an IP address and you lose your
> node/source IP address, ISP routers IP.  Or when you don't see your
> node/source IP address at all.
> GG.  If you see the following in your Black Ice Defender INI file. 
> Yes! folks, here are the IP addresses of the owners who took over my
> Domains:
> a.  trust.pair = 168.143.114.50,2000xxx
> b.  200.10.69.8,2000xxx
> c.  172.149.134.138,2000xxx
> d.  12.231.23.99, 2003xxx
> e.  12.231.11.119,2003xxx
> f.  209.213.79.152,2003xxx
> g.  [Trusting] = trust.pair=206.134.133.10,2003xxx
> 
> Beef's ol'lady


Relevant Pages

  • Re: Is your system Hacked/Owned
    ... > There are a number of ways to tell if your Windows system is hacked. ... > Select Start, Control Panel, Network, and if you see two ... > have found the hackers love to install a bunch of their crap here. ...
    (comp.security.firewalls)
  • Re: Securing Your Computer
    ... > Select Start, Control Panel, Network, and if you see two ... Hackers don't install VPN connectoids under the ... Before you go online, port scan your ...
    (comp.security.firewalls)
  • Re: What to see if you computer is hacked/owned, read this!
    ... USENET POST WARNING ... > A. Hackers disable your Daylight Savings Time. ... Your Network Places Icon on the desktop disappears. ... A browser application you install to filter out, ...
    (comp.security.misc)
  • Re: What to see if you computer is hacked/owned, read this!
    ... USENET POST WARNING ... > A. Hackers disable your Daylight Savings Time. ... Your Network Places Icon on the desktop disappears. ... A browser application you install to filter out, ...
    (comp.security.firewalls)
  • Re: What to see if you computer is hacked/owned, read this!
    ... USENET POST WARNING ... > A. Hackers disable your Daylight Savings Time. ... Your Network Places Icon on the desktop disappears. ... A browser application you install to filter out, ...
    (alt.computer.security)