Re: hacking incident using DameWare remote

From: Karl Levinson [x y] mvp (levinson_k@excite.com)
Date: 01/07/03


From: "Karl Levinson [x y] mvp" <levinson_k@excite.com>
Date: Tue, 7 Jan 2003 14:55:38 -0500


"Chris" <chrisbernard00@hotmail.com> wrote in message
news:085801c2b663$9b5dd2b0$d6f82ecf@TK2MSFTNGXA13...
> On Sun Jan 5 2003 My system was entered using DameWare
> remote by a user who I have all Event/Application Log
> Files on, I have IP address, etc. He did so by me not
> changing my admin password, that being said, I am
> receiving no help from this persons ISP, wanadoo.fr,..what
> else can I do and who else can I contact to help me in
> stopping this person, the DameWare staff has been helpful
> but no one else???

If Dameware was not installed by you, and you don't get any help from the
authorities, you might also consider some of these steps to see what else
was done and how it was done to prevent it from happening again. Doing
these things may reduce the chance of actually prosecuting this person, but
unless you're really lucky, you don't have much chance of this happening
anyways.

http://securityadmin.info/faq.htm#hacked
http://securityadmin.info/faq.htm#re-secure
http://securityadmin.info/faq.htm#harden

However, without the authorities getting involved, you probably won't get
any satisfaction against this person or persons.



Relevant Pages

  • Re: hacking incident using DameWare remote
    ... >On Sun Jan 5 2003 My system was entered using DameWare ... >remote by a user who I have all Event/Application Log ... Wanadoo should be blocked from all internet access, ...
    (microsoft.public.inetserver.iis.security)
  • hacking incident using DameWare remote
    ... On Sun Jan 5 2003 My system was entered using DameWare ... remote by a user who I have all Event/Application Log ...
    (microsoft.public.inetserver.iis.security)