Re: Hackers Secret Weapons - Virtual Private Networks
From: Mike (nospam_at_notherematey.com)
Date: Fri, 5 Sep 2003 14:20:59 +0100
"Tracker" <"snailmail(remove/valid)222000"@yahoo.com> wrote in message
> For one, if your on a Windows Platform and you didn't disable a number
> of services which are enabled by default, including file and print
> sharing, the chances of your computer being hacked/owned are very high.
> Also, if you haven't secured your browser or e-mail programs this can
> cause your computer to be hacked/owned. Not disabling these services
> and not having a firewall or anti-virus program from the beginning of
> your computer going on the internet, is a loss cause. Backdoors and
> Trojan Horses disable your anti-virus and firewalls. So checking for
> open ports no matter where you go or how you test your ports will not
OK up to here. Nothing that we don't know already though.
> give you accurate results. GRC shields-up has on one occasion showed my
> computer as having port 110 open. The reason for this is because a
> malicious hacker was using my e-mail application at the time my computer
> was checked for open ports.
Uh-Oh. Gone a bit off the rails here. You do understand the difference
between a client and a server application don't you? GRC would only see port
110 open if you were running a server. Your client connects to port 110 on a
remote server and does not open port 110 on your machine.
> If your on a Windows Platform (minus XP and NT), select Start, Settings,
> Control Panel, Folder Options, View and make sure you select and have a
> dot in the circle where it says Show Hidden Files and Folders.
What about some instructions for the NT & XP users? What do they do?
> Select Start, Control Panel, Network, and if you see two AOL adapters,
> two TCP/IP, two dial-up adapters, one or two Virtual Private Network
> adapters your computer has what hackers install called a Virtual Private
> Network, BEWARE!
This is of course complete bollocks. A VPN connection could be there quite
legitimately for connection to a corporate network. The fact that there are
two of everything has probably got more to do with multiple network
connectors than hackers!
> If you find your system re-boots itself from time to time, this
> is another sign that an Administrator (hacker) has to update your
> hacked system.
Or you have the Blaster worm (minus windows 95 and 98)
> Select Start, type regedit, select Registry, Export Registry, and in
> the box type say 3-12-02.txt and say OK. Then open this file with
> a text editor or word application and you might be "shocked" to find
I thought I'd try this for a laugh. I was shocked. It created a 70Mb text
file which brought Notepad to its knees and contained exactly the same thing
as I could see in REGEDIT. I fail to understand how exporting the registry
to a text file will actually show anyhting that can't be seen in REGEDIT.
> really is installed on your system. Check the bottom of this file,
> hackers love to install a bunch of their crap here.
Phew! Nothing there! Just a bunch of undechiperable crap.
> What these hackers do is disable your anti-virus program using Trojan
> Horses, which makes checking for viruses or trojans useless. If running
> a software firewall, the hackers install another version of what your
> and program it so you aren't able to see their activities.
> Once these factors take into play, the best bet to keep the hackers
> out of your system is to perform the below.
> My suggestion would be to keep the hard drive (sent it to the FBI, minus
> personal files). Or make a copy of your entire hard drive, this way if
> the hackers have destroyed any system using your computer, at least you
> have evidence if the FBI ever come knock on your door. The Trackers
> would like a copy, but that's another story in itself.
> You might want to format the hard drive, install from CD-ROM only and
> obtain a free port scanner for your operating system. You can download
> one from zdnet.com, and before you go online, port scan your own
> computer to check for any open ports. Backdoors, Trojan Horses and
My head is in a spin. I can download a port scanner from zdnet but I musn't
go online before I do a port scan using a port scanner I can download from
zdnet but I cant go online......
> Viruses are not the consideration you need to be concerned with when
> your system is hacked. Your system can also be running a Proxy Server,
> NNTP Server, SMTP Server, Web Server, SQL Server and a Virtual Private
> Network. All of these factors need to be taken into consideration.