Re: Hackers Secret Weapons - Virtual Private Networks

From: Mike (nospam_at_notherematey.com)
Date: 09/05/03


Date: Fri, 5 Sep 2003 14:20:59 +0100


"Tracker" <"snailmail(remove/valid)222000"@yahoo.com> wrote in message
news:3F57B15B.76222A9E@yahoo.com...
> For one, if your on a Windows Platform and you didn't disable a number
> of services which are enabled by default, including file and print
> sharing, the chances of your computer being hacked/owned are very high.
> Also, if you haven't secured your browser or e-mail programs this can
> cause your computer to be hacked/owned. Not disabling these services
> and not having a firewall or anti-virus program from the beginning of
> your computer going on the internet, is a loss cause. Backdoors and
> Trojan Horses disable your anti-virus and firewalls. So checking for
> open ports no matter where you go or how you test your ports will not
OK up to here. Nothing that we don't know already though.

> give you accurate results. GRC shields-up has on one occasion showed my
> computer as having port 110 open. The reason for this is because a
> malicious hacker was using my e-mail application at the time my computer
> was checked for open ports.
Uh-Oh. Gone a bit off the rails here. You do understand the difference
between a client and a server application don't you? GRC would only see port
110 open if you were running a server. Your client connects to port 110 on a
remote server and does not open port 110 on your machine.

> If your on a Windows Platform (minus XP and NT), select Start, Settings,
> Control Panel, Folder Options, View and make sure you select and have a
> dot in the circle where it says Show Hidden Files and Folders.
What about some instructions for the NT & XP users? What do they do?

> Select Start, Control Panel, Network, and if you see two AOL adapters,
> two TCP/IP, two dial-up adapters, one or two Virtual Private Network
> adapters your computer has what hackers install called a Virtual Private
> Network, BEWARE!
This is of course complete bollocks. A VPN connection could be there quite
legitimately for connection to a corporate network. The fact that there are
two of everything has probably got more to do with multiple network
connectors than hackers!

> If you find your system re-boots itself from time to time, this
> is another sign that an Administrator (hacker) has to update your
> hacked system.
Or you have the Blaster worm (minus windows 95 and 98)

> Select Start, type regedit, select Registry, Export Registry, and in
> the box type say 3-12-02.txt and say OK. Then open this file with
> a text editor or word application and you might be "shocked" to find
> what
I thought I'd try this for a laugh. I was shocked. It created a 70Mb text
file which brought Notepad to its knees and contained exactly the same thing
as I could see in REGEDIT. I fail to understand how exporting the registry
to a text file will actually show anyhting that can't be seen in REGEDIT.
Please explain.

> really is installed on your system. Check the bottom of this file,
> since
> hackers love to install a bunch of their crap here.
Phew! Nothing there! Just a bunch of undechiperable crap.

> What these hackers do is disable your anti-virus program using Trojan
> Horses, which makes checking for viruses or trojans useless. If running
>
> a software firewall, the hackers install another version of what your
> running
> and program it so you aren't able to see their activities.
>
> Once these factors take into play, the best bet to keep the hackers
> out of your system is to perform the below.
> My suggestion would be to keep the hard drive (sent it to the FBI, minus
> your
> personal files). Or make a copy of your entire hard drive, this way if
> the hackers have destroyed any system using your computer, at least you
> have evidence if the FBI ever come knock on your door. The Trackers
> would like a copy, but that's another story in itself.
>
> You might want to format the hard drive, install from CD-ROM only and
> obtain a free port scanner for your operating system. You can download
> one from zdnet.com, and before you go online, port scan your own
> computer to check for any open ports. Backdoors, Trojan Horses and
My head is in a spin. I can download a port scanner from zdnet but I musn't
go online before I do a port scan using a port scanner I can download from
zdnet but I cant go online......

> Viruses are not the consideration you need to be concerned with when
> your system is hacked. Your system can also be running a Proxy Server,
> NNTP Server, SMTP Server, Web Server, SQL Server and a Virtual Private
> Network. All of these factors need to be taken into consideration.
Explain please?



Relevant Pages

  • Re: Hackers Secret Weapons - Virtual Private Networks
    ... > open ports no matter where you go or how you test your ports will not ... > computer as having port 110 open. ... 110 open if you were running a server. ... > adapters your computer has what hackers install called a Virtual Private ...
    (alt.computer.security)
  • Re: Hackers Secret Weapons - Virtual Private Networks
    ... > open ports no matter where you go or how you test your ports will not ... > computer as having port 110 open. ... 110 open if you were running a server. ... > adapters your computer has what hackers install called a Virtual Private ...
    (microsoft.public.security)
  • Re: ZoneAlarm, getting hacked a lot..
    ... The hackers have to ping (port 0) the ... easier for the hackers to get back into your computer. ... NNTP, SMTP SERVER AND USING ONE ISP AND A MODEM, HERE ARE A FEW TIPS. ... have found the hackers love to install a bunch of their crap here. ...
    (comp.security.firewalls)
  • Re: Exchange 5.5 server: no open port 25 on
    ... >new Exchange 5.5 server, installed the IMS service and patched it, yet ... >I have nothing open on port 25. ... >These are the open ports on the Exchange server: ...
    (microsoft.public.exchange.connectivity)
  • Re: What is the risk of having Port# 1433 opened ?
    ... If they know the IP address and the port of the server AND you have a weak ... password strategy then the server is much easier to break into. ... hackers or even careless or bored coworkers. ...
    (microsoft.public.sqlserver.security)