MAKING YOUR COMPUTER SYSTEM SECURE AFTER IT’S BEEN COMPROMISED

From: remove (_at_yahoo.com)
Date: 08/13/03 

Date: Wed, 13 Aug 2003 04:54:36 +0400

Copyright 2003 by Debbie X. All rights Reserved. No part of this
publication may be reproduced in any form or by any means, or stored in
a data base or retrieval system, without prior written permission of the
publisher. You may pass along this information, but give credit where
credit is due.

I highly recommend keeping the hacked hard drive and purchasing a new
one. Of course you could mirror the drive, but you still need a
replacement drive to perform this task. You can’t produce the same
results by replicating files versus viewing the actual hard drive
itself. If your system was used to attack and crash a Network, or
System, you have proof for the FBI or any Law Enforcement Agency. This
would show you were not involved in any illegal activities until you
discovered your system was hacked.

The proper method is to re-format your hard drive, and install from
original CD-ROM. To safe guard against software manufacturer employee
malicious activity always virus check your CD-ROM. Not too long ago, I
decided to install X Software Application on a computer, media form was
a CD-ROM. Immediately, Norton Anti-virus told me a suspicious file
named "install.exe" was trying to load into my hard drive boot sector.
We all know an application doesn’t need to load in a boot sector of a
drive. After telling the computer not to install this application, it
still made it’s way and changed the name of my hard drive. The computer
access slowed down, while viewing directories the screen started to move
back and forth.

Virus check all floppy disks because hackers DO install a Backdoor,
Trojan Horse, or Virus on disks. They enjoy doing this especially when
you’re online using your computer, with a floppy in the drive. My
preference is to obtain a replacement CD-ROM if your software
applications are on a floppy. What concerned me most is a Backdoor was
planted in a .zip file and unopened. Norton’s Anti-virus application
couldn’t detect it. Let’s one day you come along and for no reason, you
decide to open this .zip file, voila, the Backdoor is unleashed.

There will always be evil code applications (to knock your system into
becoming a victim) out in this world which anti-virus applications won’t
be able to catch. Either the Trojan Horse already installed on your
system will eat the floppies alive, or hacker’s will. Hackers will bind
or disguise their applications and install them on your floppy disks.
Many Trojan Horses "hide" all traces of their applications they run on
your system. On your computer perform a search for a file named
"backdoor.zip". I will warn you now, if you unleash this baby after a
complete application install and go online, you will unleash many of the
secrets to the "underground" hackers world.

A number of Internet Service Providers allow free dial-up access with
DSL and Cable connections. Note: Hackers are taking advantage of your
canceled accounts even when they were closed. Until certain Internet
Services Providers and Telecommunication Companies correct their major
error; telecon your ISP and ask them to change your password since
malicious hackers are abusing your canceled account, holding you liable.

Disabling all unnecessary Window Services will assist in making your
computer system secure. How to accomplish this task is presented under
"Windows Services you might want to disable". If running any type of
Server, update the latest application patches.

Once you are able to view all Hidden Files and Folders, it would be
smart to make a backup copy of your registry. To perform this, do the
following:

A. Select Start, Run, type in Regedit, and press enter.
B. Then Select Registry, Export Registry File
C. In the box, type a name like "3-21-02.txt"
D. Select Save.

You can open this file in any text editor. What you want to do first is
check the bottom of the file. Hardware/Application/Device Driver
information can be setup by hackers at the bottom of the file. What I
did was "incorporate" one registry entry at a time. You could see a
major difference. Each time you save the registry file it will create a
file called RB000.CAB and so forth, depending on how many copies that
you have saved. If you perform the backup when the hackers are abusing
your system, you might only see 30 lines of text, the next time 100, and
so on. This is a clear sign that your computer is compromised.

Tracker
I know how important it is for me not to define myself by how others
perceive me.

Interested in purchasing my book named "Security Minds versus Malicious
Minds" visit:
www.securityminds2003.com
It will teach you to learn about Windows, the Internet and Hacking

To view some kick *** artwork, visit:
http://www.captiveimagery.com/index.cfm