Re: Is someone watching my computer?
- From: "@lf" <alf@xxxxxx>
- Date: Sat, 13 Jan 2007 13:06:25 +0100
greyteabox@xxxxxxxxx wrote:
....
I am using Windows XP. I have installed Norton Internet Security 2006
and Ad-Aware SE, but still wonder how others can infiltrate my
computer. I assume there are VNC type applications and keyboard
loggers that have ways of getting around both Norton and Ad-Aware.
And other security software as well.
Are there ways to detect the use of programs like VNC and key loggers
sending data out by looking at firewall logs?
Hm... No.
Well, in a fact, the answer is sometime (Norton logs all kind of things). But you should have advance knowledge to interpret logs in a proper way (Norton is not interpreting always in a correct way).
Is Norton a good tool
for doing this with?
It has extremly high hardware demands, it is very unstable, and tends to fight with your OS. So IMHO it is not, there are other software.
Other suggestions for analyzing my network
traffic?
Sniff it, but that demand advance knowlage.
As an experiment I made a copy of winvnc and renamed it as
systemfile.exe. After launching it, Norton came up with the regular
message asking if it was ok to give this application to the Internet.
It certainly didn't say that this looked like WinVNC given a different
name... Couldn't one of these monitor programs be given an official
looking name and launched along with everything else?
There is a technique called process infection doing that. You are not defending yourself from malware by employing some software, but by not running malware. Limited account on Windows helps. AV is only a helpper, everyone can do a mistake or malware is using some exploit and it don't need to interact with user to download, install and run itself.
Therefore...I have been wondering about reviewing network traffic...Any
advice?
Well, since you are asking you probably can't do it, sorry but that is usually a fact.
Anyway, for example http://www.wireshark.org/ This is sniffer, can you use it?
Or http://insecure.org/nmap/ Now how to use this to find malware, and test your firewall?
If you know how, good for you, do it. If you don't, yes I know that is advanced, I'm home user like you (i.e. familiar with your troubels). So I would advice you something else. Simplier to do, well it is simplier than sniffing.
1. If you have a router with NAT and firewall builtin use it.
2. Use Limited account for daily usage.
3. Think about using something lighter than Norton, check reviews on internet and pick something.
4. Keep your OS up to date, and use some alternative browser (Opera, Firefox).
5. Think while you working, many malware authors relies on a fact that users don't think while they work. They run everything served to them.
6. Run away form warez, crackz, XXX content.
7. Shutdown services you don't need, and configure software in a way that software don't connect to internet if you don't need it.
8. Use NTFS on your partitions.
9. Backup
I belive that you don't need to be 1337 g33k to do this, little bit of googling and reading manuals and you can do all of that.
Take a look on this utilities, you might find it usefull:
http://www.microsoft.com/technet/sysinternals/Security/ProcessExplorer.mspx
http://www.microsoft.com/technet/sysinternals/Networking/TcpView.mspx
http://www.microsoft.com/technet/sysinternals/Security/Autoruns.mspx
http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx
Many things these utilities do, you can do from your OS, but I found this simplier to use. Well, they have GUI.
Note this. Despite any software or firewall solution you are using, _You_ are ultimate protection, and vulnarbililty in a same time. Try to be protection most of the time.
.
- References:
- Is someone watching my computer?
- From: greyteabox
- Is someone watching my computer?
- Prev by Date: Re: Is someone watching my computer?
- Next by Date: Firewall webcam/online game problem.
- Previous by thread: Re: Is someone watching my computer?
- Next by thread: Re: Is someone watching my computer?
- Index(es):
Relevant Pages
|
