Trackers Second Review Response
From: removevalid (_at_yahoo.com)
Date: 09/30/03
- Next message: Murray Cooper: "Re: Trackers Second Review Response"
- Previous message: Renegade: "Re: Browser Information"
- Next in thread: Murray Cooper: "Re: Trackers Second Review Response"
- Reply: Murray Cooper: "Re: Trackers Second Review Response"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 01 Oct 2003 01:24:38 +0400
Remember, we’re talking about Windows Platforms (excluding 2000,NT,XP)
and my book was written for basic home computer users only. It’s has
seen grown into a book which will help three levels of computer Windows
users.
> HACKERS SECRET WEAPONS:
>
> A. Hackers disable your Daylight Savings Time.
As mentioned before, there is not a logical reason for a "hacker" to do
this and make themselves obvious. It poses no advantage whatsoever.
ME: Just letting people know that on occasion, my screen would ask if I
wanted to change the daylight savings time. My guess is the hacker was
just playing games with me and my computers. What reason would anyone
else request this behavior but hackers.
> B. The clock on the desktop can be one hour ahead or one hour behind,
> on occasion.
See A
ME: Tracking computer time is very important if you want to track down
a hackers malicious activity. The same applies for your clock time
changing regularly on your system. You have already seen a copy of the
hackers firewall log and how the dates and time change from month to
month. Can you imagine having an IP from Seattle appear in your log
which was posted one month prior to today’s date. Think about it!
> C. Your Network Places Icon on the desktop disappears.
Common Windows bug. Corrupted explorer file, faulty hardware (NIC card),
corrupted registry. No hacker purpose. See response to A.
ME: One day the Network Places Icon is on the desktop for a few days and
then it disappears for a few days. May be a week later this Icon again
appears for a few hours and then it disappears. We never could connect
this icon with any network mapping of drives. It’s just a sign to look
for when your computer is hacked/owned.
> D. If using a Windows platform: when you start your computer, your
> original screen will pop up, but since the hackers need to boot into
> their Networks, or Server(s), the system will quickly re-boot and the
> original screen will appear twice. But your system may re-boot twice
> instead of once when loading Windows OEM versions.
Can be caused by full logs and OS errors. System setting can force a
reboot if logs are full or if OS does not load properly. Installation of
wallpaper and images on the desktop can cause unusual activity at start
up especially if the items conflict.
ME: This activity is something to watch for because the system would
also reboot on it’s own after the computer was loaded. You have to also
remember that we were changing between DHCP, PPP and dial-up every few
minutes or every few hours and the owned system was running two Virtual
Private Networks. Same applies to E!
> E. If your computer system occasionally re-boots on it’s own, the
> hacker may need to update their Networks, or Servers to make their
> computer system function properly.
See D. Possible BO or Netbus installation.
> F. If you play Yahoo Games, you may find yourself being kicked out of
> the board your playing in. If your winning a game and you’re the host,
> the hacker may not let you back in to finish. This means you just lost
> a game at the hackers expense. When the computer was hacker safe, I
> went back to playing games and haven’t been booted out of a game,
> since.
Software error. Communication issues between your ISP and Yahoo. The
term "hacker safe" implies that the system had been reloaded or
repaired. Reloading software would replace corrupted software allowing
normal access.
ME: As stated, when the system was hacked I found myself being booted
out of Yahoo games on occasion. After the computers hard drive was
formatted, applications installed from CD-ROM only, Windows services
disable, anti-virus and firewall installed, I wasn’t booted out of any
Yahoo games from that point on.
> G. A browser application like Netscape, or Internet Explorer you use
> to filter out, or kill file certain individuals will not function
> indefinitely. When your computer system is compromised, you aren’t
> able to filter out people in your browser for more then 1-2 days. A
> number of computer owners whose systems have been compromised, have
> advised me they also had the same problem. Because hackers were using
> your illegally installed Servers for posting to the Internet, this is
> why you are unable to filter or kill file them. This information was
> very apparent to myself and other ferret owners whose computer were
> compromised.
Corruption in the kill file database, erroneous entries in the database.
Email spoofing to newsgroup.
ME: All I can fess up to is that after the computers were secured,
e-mail addresses in these applications and other e-mail applications
were able to be filtered out. Other ferret owners wouldn’t give me
their permission to post their e-mail addresses to verify my statement.
One ferret owner wasn’t even able to filter out or block certain e-mail
addresses in their e-mail application.
> H. When you begin to see Usenet remarks, made on behalf of your
> personal life which is private information.
There is a wealth of information available about anyone on the Internet.
A bit of searching can reveal very personal info. Social engineering may
have been used as well.
ME: Believe me, there is a ton of information a person can discover
about any one who uses the Internet and posts to it. What I’ve
discovered on this topic is very "scary". Private information means -
What you type on your computer keyboard at home that "no one" in the
world would be able to view except you or your family. But, all of a
sudden you find other Internet users posting your personal adventures
and life experiences. This is in my book so I will discuss it here.
BTW- The Trackers made me write this personal information in my book and
the story written is a bit embarrassing. How
Dag & Cate (ferret owners) were discovered is because I write prisoners
and their letters are written on my computer. They made a Usenet post
about this and this is how I discovered their hacking activity.
> I. Some of your personal files are modified years before they were
> created. I have seen a number of personal files modified 7-8 years
> before they were even created. How to accomplish this maneuver: Select
> Start, Settings, Control Panel, Date/Time, where the year is, Select
> the up or down arrow and, viola. Then open up any file and Select
> Save. A new creation date is present.
No logical reason for a "hacker" to change dates on files. Serves no
purpose unless it is to prevent shareware from expiring and normally the
dates on those files are moved forward not backward. Many system files
have old dates as the dates on the files indicate when they were
originally created. MS still uses files that were created years ago and
the dates on the files were not changed. You can verify this by
exploring any MS CD.
ME: We’re only talking about "personal files", not system files as you
mention. My only reasoning behind this is: the hackers were reading all
my personal files and they didn’t want me to discover their activity.
All I can tell you is that many of my personal files, whether recently
created or older files, had creation dates which were 7-8 years prior to
them being written.
> J. You will find a number of files hidden/readable only, which is a
> common practice in the hacking world.
Windows and other software uses hidden files. Not an indicator that a
"hacker" made the changes. Also possible with a corrupted FAT table.
ME: Your correct! The hackers aren’t going to allow you to see all the
Folders and Files on your drive which they are utilizing to store their
malicious activity. The hackers hid on a number of systems their
directories with pornography pictures, remailer stats, zipped files, to
name a few. If you can’t see a hidden file "no one" knows why it’s
there in the first place and most basic computer users don’t understand
why one folder is lighter then the other. Off the top of my head I
can’t totally remember the significance of the readable only files which
were discovered. There were a number of files which needed to be put in
archive mode and to remove the readable only status.
> K. When you find additional information in your boot.ini file which
> relate to a Virtual Private Network, this can be either software,
> hardware or device driver oriented.
Installing a VPN poses no advantage to a "hacker" aside from the ability
to encrypt data transfers.
ME: Believe me, I’ve physically seen more then my share of hacked/owned
computers running Virtual Private Network(s) (VPN). In my possession is
a number of victims hard drives which were owned by hackers. These
hackers have installed one or two VPNs on the these drives. I will
admit, my knowledge with VPNs is zero, but curiosity taught me a few
things after speaking with a Network dude. Select Start, Settings,
Control Panel and Network if your a basic home owner and verify if your
computer is running any VPN adapters. This is all you need to hear
about this issue, period. My words are proof enough for the basic home
user.
> L. Under Search for Files and Folders, perform a search on any file
> modified in the past month, you will see files which just don’t need
> to be modified, or files you don’t even recognize. For the basic
> computer user, you’ll want to focus on the files which you don’t
> recognize. Unless your a skilled professional, you won’t realize which
> files need to be present or modified, but give it a try anyways. [To
> perform the above you will need to see all Hidden Files and Folders.]
Files are updated constantly by using the OS and software on the
computer. Most software installations contain numerous files and a basic
Windows installation contains hundreds to thousands of files. It indeed
would be impossible for most users to recognize all of the files. This
exercise would not indicate any hacker activity.
ME: When you view the files which were accessed in the past month, it
will reveal a wealth of applications and files you have or a hacker has
opened and accessed. Say for example you see:
c:\msoffice\excel\(filename) and you haven’t accessed Excel in two or
more months, this means the hackers were looking in this directory and
reading your personal files.
> M. Select Start, Settings, Control Panel and Network, and look at,
> following network components showing. If you see one AOL adapter and
> have never used AOL, then two AOL adapters, two TCP/IP, two Dial-Up
> adapters, one or two Virtual Private Network adapters, your computer
> could be compromised. A Virtual Private Network is widely used by
> hackers because it can host up to 254 users. "This applies to the
> basic Internet user who has one modem, one ISP and isn’t running any
> FTP, HTTP, NNTP, PROXY, SMTP, SOCKS, SQL, or SQUID >SERVER." My skills
working with VPNs is almost zero. Every victims >system I’ve seen had
two VPNs setup and they were only using a modem >to connect to the
Internet.
AOL installs along with many applications and has been included on base
OS installations since early releases of Windows 95. VPN's serve no
useful purpose to a "hacker" beyond the ability to encrypt the data
transfer stream.
ME: The above statements are for the basic computer user, not for a
companies or corporations benefit. My point is: if your computer is
accessing the Internet though a dial-up connection and you have one
modem, you should only see "One Dial-up Adapter and One TCP/IP Dial-up
Adapter" under your Network settings, period. Windows doesn’t install a
Virtual Private Network by default (I have not tested 2000,NT/XP). So
how do you think any VPN connection was set-up since Microsoft doesn’t
install this by default? It’s because your computer is already
hacked/owned by malicious hackers. DUH!
> N. Next, Select Start, Run, type Regedit, Select Registry, Select
> Export Registry File, in the box type a name say 4-12-02.txt and
> Select save. Then open this file with a text editor, and you might be
> shocked to find what really is installed on your computer system.
> Check the bottom of this file because hackers love to install an array
> of applications including Network/Server files and device drivers.
No need to export the registry file to view it. Registry entries are not
added to the "bottom" of the registry. Each registry area has a purpose
and contains specific information. Making all "hacker" entries at the
"bottom" of the file would result in applications not running properly.
ME: When you load an application, the needed files to run this
application will be seen in your registry. Hardware/Application/Device
Driver information can be setup by hackers at the bottom of the file.
After viewing all "hidden" Folders and Files, what I did was
"incorporate" one registry entry at a time. You could see a major
difference. Each time you save the registry file it will create a file
called RB000.CAB and so forth, depending on how many copies that you
have saved. If you perform the backup when the hackers are abusing your
system, you might only see 30 lines of text in the registry, the next
time 100 lines, and so on. This is a clear sign that your computer is
compromised.
> O. You will have to turn your computer off by the power supply on a
> regular basis.
I assume this means you are unable to select shutdown from the start
menu. This was a common bug in 95 and 98 on some manufacturers computer.
Patches were released to repair this bug.
ME: Had to laugh at your remarks, but it’s cool. One of the main
reasons the computer had to be shut down by the power supply was because
of switching from DHCP, PPP, dial-up on a regular basis. Most basic
computer users wouldn’t be running three different Internet Service
Providers along with Cable. Even utilizing DHCP and dial-up also caused
the system to hang and I wasn’t able to shutdown by any means except the
power supply. Not being able to shut down your system on a regular
basis is one clear sign your computer is hacked/owned, trust me.
> P. Installing a Network Interface Card will cause problems until the
> hackers configure this device into their Servers or Virtual Private
> Network they setup on your computer.
Removing and re-installing a NIC should include deletion of the drivers
and ensuring that the old card is not still bound to any protocols.
Installing a new NIC would require configuring the OS to recognize the
NIC and bind protocols and services to it.
ME: This is correct! In the case of my hacked computers, two different
Network Interface Cards were installed on a number of occasions. If an
individual configures a NIC properly, there should be no problems after
the fact. I can’t remember off the top of my head all the problems we
ran into, but there were significant enough problems to mention this in
my book.
> Q. You find your CD-ROM drive opens and closes without your
> permission.
Possibly and indicator of Netbus and/or Back Orifice installation.
Potential "hacker" activity. Can also be caused by a defective drive.
> R. You could hear an annoying beep coming from your system speakers.
Possible system alert or Netbus/BO trojan installation.
> S. Your windows screen goes horizontal or vertical.
Bad video card, loose video connections, BO installation
> T. The screen saver picture changes without your permission.
Registry corruption.
> V. All of a sudden, your speakers decide to play you some music.
CD set to Autoplay or BO installation. Application running in
background.
ME: Q-T and V deals with having a Trojan Horse on your computer and some
of the tricks these Trojan Horses can play on you.
> U. On occasion your mouse is out of your control or has an imagination
> of it’s own. But this could also be caused by a corrupt mouse driver.
Correct about the mouse driver. Can also be caused by lint/ dirt build
up o the mouse rollers or on the optical sensor as well as by a
defective mouse.
ME: If you find you have updated the mouse drive, cleaned the lint/dirt
build-up, but your mouse still has an imagination of it’s own, your next
best bet is your computer is hacked/owned. Do your own research in
Google/Yahoo concerning the questions people ask about mouse control.
Just remember, "most" Windows users don’t realize they need to disable
Windows services before they stick their computer on the Internet. By
that time, a malicious hacker has probably already infected their
system. Deal with it, learn my ways or stay the victim; it’s your
choice.
> W. Installing a hardware/software firewall for the first time can
> cause a number of different problems for you to setup and configure.
> Considering you didn’t have these installed from the beginning of your
> computer going on the Internet.
?? Makes no sense
ME: When your computer goes on the Internet for the first time and you
haven’t installed a hardware or software firewall, expect to spend extra
time trying to get them to function properly and configure them. By
this time, the hackers have probably already installed their Virtual
Private Network(s) and they have to make the new hardware and software
function with their settings in their VPN(s). You will find at this
point that your computer will re-boot itself from time to time. Hackers
aren’t all that smart and they do make their own mistakes when they try
to configure hardware and software to function with their VPN(s).
HA-HA!
> X. Your firewall logs show alerts at 12:00 then 11:22 then 12:16 and
> back to 11:59.
Sort log by time and not even type, port, etc.
ME: Zone Alarm and Blackice Defender report alerts by date and time in
order if your system isn’t hacked or owned. If your Windows Platform
system is hacked or owned the hackers are abusing it to hack into other
computers, networks and servers. Other criminals are also using your
computers for their illegal activity, whether it be to set-up a murder,
purchase drugs, guns, explosives or identity theft. So they have to
change their date and time so their "tracking activity will be harder to
track down".
> Y. If using a dial-up/cable/dsl connection you see a number of pings,
> port 0, to your computer. The reason is so that the hackers can see if
> your computer is online. A system needs to be online for the hackers
> to access these Networks and Servers. What the hackers actually do is
> port scan your Internet Service Provider Block of IP addresses and
> find your computer either with file sharing enabled or a
>Backdoor/Trojan present.
Possible OS fingerprinting attempt although crude and ineffective. As
port 0 is reserved for special use as stated in RFC 1700. Coupled with
the fact that this port number is reassigned by the OS, no traffic
should flow over the internet use this port. Pings and port scans are
two separate items. Many services on the internet, including your ISP,
will ping your system to ensure your system is still online. If you
system is properly secured, port scans, at worst will result in a DOS
attack.
ME: For one, if your Internet Service Provider (ISP) pings your
computer, the IP addresses would be similar in nature. For example: my
IP address is 207.14.155.12, if your ISP pings your computer, their IP
address would be like 207.14.0.0. Your firewall log pings wouldn’t come
from say 12.144.15.5, 155.19.133.10, 66.19.24.87, 12.231.57.197,
203.122.19.74, 12.231.62.18, 64.110.82.252, 24.24.17.103. My examples
deal with a hacker coming in using a Trojan Horse versus a Backdoor.
When a Backdoor is installed, certain hackers don’t necessarily need to
ping your system because once it’s online the Backdoor alerts the hacker
that the system is online. Hell, here is an excerpt from my book which
was one way we caught NCF, a ferret owner who was discovering what was
on our hard drives. Notice the change of the computer IP addresses and
ask yourself how a computer can go from having a 38.x address to 168.x
address. An individuals firewall log tells so many stories, but only if
you know how to read and understand them. If your on a Windows Platform
(minus 2000,NT,XP) and you didn’t disable certain services then
installing a firewall isn’t going to keep your computer hacker secure.
BTW- The only Newsgroup I had visited for years was alt.pets.ferrets and
NCF was the only user using Suite224.
FWIN 5/25/2000 11:46:40 AM -8:00 GMT 208.131.247.203
247-203.suite224.net 0 38.28.67.34 0 ICMP No
FWIN 5/25/2000 11:46:40 AM -8:00 GMT 208.131.247.203
247-203.suite224.net 0 38.28.67.34 0 ICMP No
FWIN 5/25/2000 11:56:48 AM -8:00 GMT 208.131.247.203
247-203.suite224.net 2037 38.28.67.34 79 TCP No
FWIN 5/27/2000 11:09:10 PM -8:00 GMT 208.131.247.221
247-221.suite224.net 0 0 ICMP No
FWIN 5/27/2000 11:09:10 PM -8:00 GMT 208.131.247.221
247-221.suite224.net 0 0 ICMP No
FWIN 5/30/2000 10:46:32 AM -8:00 GMT 208.131.247.101
247-101.suite224.net 0 0 ICMP No
FWIN 7/3/2000 11:22:56 PM -8:00 GMT 208.131.247.56 247-56.suite224.net 0
168.191.230.174 0 ICMP No
FWIN 7/3/2000 11:22:56 PM -8:00 GMT 208.131.247.56 247-56.suite224.net 0
168.191.230.174 0 ICMP No
> Z. If someone is port scanning your system, in your firewall logs the
> port assignment aren’t in any type of order. You might see a probe at
> port 1,10,9,8,6,12,6,43 etc.
Most port scanning software will randomize the order the ports are
scanned. A skilled "hacker" will not scan all ports since there are not
services running on all ports nor are there potential vulnerabilities
associated with all ports.
ME: Port scanning applications normally will randomly scan port numbers
in order. In a few of the sample firewall logs shown in my book you
will see port numbers not in any random order. "The Trackers" weren’t
able to figure out why a hacker would scan port number
1,10,9,8,6,12,6,43, versus having them scanned in a random order. Basic
computer users, take a closer look at your firewall logs and see if you
also have port numbers being scanned as shown above.
> AA. When you find you have to set Zone Alarm firewall on medium
> instead of high settings.
IF ZA is misconfigured, some applications may be unable to communicate
and access to external systems (the internet) may not be possible.
Indicative of poor configuration and not "hacker" activity.
ME: The only applications which were running at the time was Netscape
4.7, Nortons anti-virus and Eudora 5.1 when Zone Alarm had to be tamed
down to a "medium setting" for these applications to run. The only
exception may have been because we were also running Blackice Defender
simultaneously.
> BB. Once you can view all Files and Folders search for files named
> spool*.*.
Spooler files are used by the system. Not sure what other use you
believe they have.
ME: All I can say is that a file spool*.* was accessed on a regular
basis and it appeared on a weekly search of files accessed.
> CC. You may find another installed version of your software firewall
> application on your hard drive. You will need to Show all Hidden Files
> and Folders under your Settings, Control Panel, Folder Option and
> View, if using a Windows Platform (excluding 2000,NT and XP).
Illogical for a hacker to install a firewall that would eliminate or
limit access to your system. Possible indicator of improper installation
or a cross linked directory structure.
ME: The additional Blackice firewall proved to me that it was probably
connected to the Virtual Private Network(s). Blackice firewall on my
computer proved that one firewall was mine and another belonged to a
hacker. A few of the logs had other computer IP addresses which weren’t
owned by me.
> DD. When you see too many, Pings - port 0, HTTP/Proxy - port 80, 8080,
> 3128, SMTP - port 25, FTP - port 21, NNTP - port 119 port probes. Your
> computer is probably running an illegal "VPN server"; " web server";
> "proxy"; "mail and news"; "ftp"; which hackers are attempting to
> access for their own personal use.
It is not "illegal" to run any of the servers mentioned above. The above
demonstrates a lack of understanding of the difference between a ping
and a port scan at best. It is not an uncommon occurrence to have
multiple ports scanned by multiple sources. Cure is to install an
properly configure a
firewall to block these scans.
ME: There was no mention of running these servers and them being
illegal, which wasn’t my point. It was confirmed that my computer was
running one of them "anonymous remailers", but for legal purposes, most
of this information had to be removed from my book. From all the
evidence in my possession, there is no doubt in my mind that malicious
hackers install and set-up the above listed servers on innocent victims
computers. Once the computers were hacker secured, very few port scans
appeared in the firewall logs from the above listed port numbers.
> EE. If you don’t see your computer node/source IP address on a
> consistent basis to the right side of your firewall log, your system
> is compromised. (See the firewall logs below.) The hackers are
> entering through your system to attack other "Networks, or Servers and
> Systems", so their identity can’t be traced.
Missing firewall log so interpreation is difficult. Firewall logs may
indicate your local machine as 0.0.0.0, 127.0.0.1 as well as by the IP
address. A properly configured firewall would not permit entry to allow
"hackers" to use your system to attack others.
ME: EE is only a partial excerpt from my book which is helping computer
users learn about Computers, the Internet and Hacking. Many basic
computer users don’t install a firewall until after their computer is
hacked and owned. By this time, installing a firewall is useless,
period. You were already informed that my computer was running Zone
Alarm and Blackice Defender; what good did these do for me, nothing.
Every computer on the Internet is assigned and IP address and this
address will appear on the right side of your firewall log. If your ISP
IP bank of numbers is, let’s say 12.231.xx.xx, then your IP address
listed in your firewall log would be 12.231.xx.xx. If your computer is
hacked or owned you may see that your IP address to the right of your
log is say, 155.16.222.134 or 64.12.133.22. If you need a more
technical answer, visit the below Website.
http://hackingtruths.box.sk
> FF. When you perform a traceroute on an IP address and you lose your
> node/source IP address, ISP routers IP, or when you don’t see your
> node/source IP address at all.
As stated above, a firewall may identify your machine in the logs in a
number of ways.
ME: A firewall has nothing to do with performing a traceroute on an
IP. I had many interesting talks with security and network techs and
they were very interested in seeing these traceroutes. In the first
example, you can see that my IP address is 12.231.38.174 and my ISP
routers used to target 64.154.60.81. In the second example, my computer
doesn’t even exist at all and neither are there any routers to pass
through to get to the target IP. In the third example, my computer does
exist, but none of my ISP routers are present to get to the target IP.
address. Target: 64.154.60.81
Nodes: 15
Node Data
Node Net Reg IP Address Location Node Name
1 1 - 12.231.38.174 47.404N, 122.311W c1577824-a
2 - - 0.0.0.0 Unknown No Response
3 1 - 12.244.80.1 Unknown
4 1 - 12.244.72.10 Unknown
5 1 1 12.123.44.114 Unknown
gbr1-p60.st6wa.ip.att.net
6 1 1 12.122.5.161 Unknown
gbr4-p70.st6wa.ip.att.net
7 1 1 12.123.44.133 Unknown
ggr1-p370.st6wa.ip.att.net
8 2 2 192.205.32.206 Unknown att-gw.sea.level3.net
9 3 2 64.159.16.162 Seattle
ae0-56.mp2.seattle1.level3.net
10 3 2 64.159.1.46 Atlanta
so-3-0-0.mp2.atlanta1.level3.net
11 3 2 64.159.3.10 Atlanta
gigabitethernet11-1.hsipaccess2.atlanta1.level3.net
12 4 2 63.209.216.206 Unknown unknown.level3.net
13 3 3 64.154.61.2 Unknown
br-1-p-5-1.atl2.prod.usenetserver.com
14 3 3 64.154.60.134 Unknown
br-2-ve-2.atl2.prod.usenetserver.com
15 3 - 64.154.60.81 Unknown
Target: 198.32.128.68
Nodes: 2
Node Data
Node Net Reg IP Address Location Node Name
2 1 1 198.32.128.68 Unknown pacbell-nap.idc.ad.jp
Target: 207.115.63.142
Nodes: 2
Node Data
Node Net Reg IP Address Location Node Name
1 1 - 12.231.38.174 47.404N, 122.311W c1577824-a
2 2 1 207.115.63.142 Yonkers
newscon02-ext.news.prodigy.com
To summarize this chapter:
Many of the items here are not indicative of any "hacker" activity but
instead indicate a misconfigured or corrupt OS and/or installed
software. Some items can be attributed to faulty hardware. The couple
of items that may be indicative of "hacker" acidity involve annoyances
caused by a BO or Netbus installation. BO and Netbus have been
detectable by anti virus software for years. Proper use of AV software
to scan the local system as well as any email attachment would prevent
infection by these trojans. Numerous references display a lack of
understanding of ICMP (ping) traffic and port scans by confusing one
with the other. A lack of a basic understanding of TCP/IP and firewall
log entries are indicative in a number of the items as well. There is
also a complete lack of knowledge of registry configuration and layout
as well as the purpose for entries in the registry. Poor grammar and
sentence structure is apparent throughout this chapter.
This poster made one of "The Trackers" pissed off and since they aren’t
being paid to respond to these reviews, I don’t know how willing they
will be to answer the other reviews. They only read the first six pages
and they decided to respond without reading any further.
THE TRACKERS: You know I could spend the rest of my life giving
examples of what I’ve found on a number of computers. My finds and
research on these items are at a basic computer user level. I have
proof of all the material, my research and found facts.
You review my material and come up with it could be this or that. This
is what I’ve been saying, you show no proof that in fact, it could be is
in fact the reason for the fault.
It seems that most of your remarks are your assumption of facts with no
back up of where you came to these conclusions; no backup of these
facts. Ten people can read a page of material and if two people would
agree on their finds, I would be surprised.
I wrote what I found, how I went on to discover the cause and who was
doing this. So why do I have to agree with other finds? There is no
rime or reason to facts like it could be, may be. I never wrote that
this may, could be, these are my facts, my research and my finds.
Books are written for information of certain facts. How these are used
is up to the reader. I’ve said many times before of the hacking books
I’ve read and each author’s fact start out the same and do in fact
arrive to different conclusions. Example: She found a penny, she found
an old penny, she found a 1930 penny, he found a dirty penny, he found a
rusty penny. Each describes what they found which is a penny. How a
person chooses to describe their find is up to the person. I chose to
write my finds in my own words, so why should I need to be advised how I
should state the facts by a computer expert, specialist, or engineer.
You come along and say it could be a dirty penny, but have no proof of
the condition the actual person found it in. I’m the actual person so I
felt I could write what I did with facts, the proof I found and back-up
of these. So how can what I say be called wrong? Ten hackers break
into ten computers, each using different ways, their ways. Hackers
break into hackers computers ten different ways, each method of hacking
works best for the individual. How can any one individual know all the
different tricks of the trade. I wrote of my experience in my own way.
Each authors book is his way, his findings, otherwise there would be
only one book.
ME: I gave you a key and told you the year, model and make of the car.
I told you where it was parked. I want people to approach the car on
your own level and decide what to do with it. Drive it or leave it
there!
The Best Kept Secrets of Backdoors, Cracking, Firewalls, Hacking,
Proxies, The Internet, Trojan Horses, Virtual Private Networks, Virus,
Windows and different types of Servers can be found at:
http://geocities.com/secure20032220000/
Tracker
- Next message: Murray Cooper: "Re: Trackers Second Review Response"
- Previous message: Renegade: "Re: Browser Information"
- Next in thread: Murray Cooper: "Re: Trackers Second Review Response"
- Reply: Murray Cooper: "Re: Trackers Second Review Response"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
