Re: system hacked
From: Neal Stoughton (nmstough@uci.edu)
Date: 08/06/02
- Next message: joanne: "history"
- Previous message: Robert Moir: "Re: System firewall"
- In reply to: karl [x y]: "Re: system hacked"
- Next in thread: karl [x y]: "Re: system hacked"
- Reply: karl [x y]: "Re: system hacked"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Neal Stoughton" <nmstough@uci.edu> Date: Tue, 6 Aug 2002 10:48:09 -0700
Thanks for the very helpful responses such as this.
I am trying to secure my machine by using a firewall, and I want to use
something reliable like the built-in Microsoft Internet Connection Firewall
in XP. I tried to enable it and then unblock the various ports that I am
using, but I couldnt get it to work. Even though I would unblock port 80,
for instance, the web server was not accessible anymore.
Any idea why this is happening?
"karl [x y]" <jamescagney90210@excite.com> wrote in message
news:eEGhpJNPCHA.2016@tkmsftngp11...
> I agree as well, though you'll have the same problem if you don't secure
the
> new machine and all the other machines. It's probably a good idea to
change
> all the passwords on the network and check other machines for signs of
> intrusion.
>
> Fport from foundstone.com, sygate from sygate.com and languard file
> integrity checker from www.gfi.com [all free for non-commercial use] as
well
> as an antivirus scanner and a trojan scanner such as www.pestpatrol.com
> and/or www.gfi.com can all help you detect whether there has been an
> intrusion. The books Incident Response is also helpful here [and Hacking
> Exposed 3rd edition is helpful to learn how to secure your system].
>
> Whether or not you reinstall, you'll still want to secure your systems.
> Choose a good password for all your login IDs [and change all the
passwords
> after the system is secure], install all microsoft security patches and
> follow the security checklists for windows and IIS, including installing
> IISlockdown including URLscan, all available at
> www.microsoft.com/security, use an antivirus program like Norton that is
set
> to download updates every day, use a hardware and software firewall
starting
> with Sygate [free for noncommercial use, software firewall] and Netgear
> [starting at $70 US], disable Client for Microsoft Networks / NetBIOS over
> TCP on your internet-facing network interface, etc.
>
>
> "RWare" <ryanware1@hotmail.com> wrote in message
> news:#x96MPLPCHA.2416@tkmsftngp09...
> > I would second Matt's recommendation of rebuild. No way would I trust
the
> > machine without that.
> >
> >
> > "Matt W." <MMWoeppel@rmscoinc.com> wrote in message
> > news:0cb601c23ca8$1f183e50$37ef2ecf@TKMSFTNGXA13...
> > >
> > > >-----Original Message-----
> > > >It appears that my Windows XP professional workstation
> > > has been hacked. I
> > > >find that something called service "a" has been installed
> > > and it runs a file
> > > >called "1.exe". I have no idea what else is going on.
> > > My system appears to
> > > >be used for denial of service attacks to other systems.
> > > What should I do to
> > > >fix it?
> > > >
> > > >--
> > > >--
> > > >Neal Stoughton
> > > >
> > > >
> > > >.
> > >
> > >
> > > Whenever I feel that my computer has been compromised, I
> > > always format the computer and re-install. You never know
> > > what backdoors the hacker has installed on your system.
> > >
> > > But, if you do not wish to format and re-install, run a
> > > virus check, hope that it picks it up, and removes it.
> > >
> > > You can also install a firewall, either sygate or zone
> > > alarm (both free), and hopefully the firewall will prevent
> > > your computer from being used in DoS attacks.
> > >
> > > Best of luck
> > >
> > > Matt W.
> >
> >
>
>
- Next message: joanne: "history"
- Previous message: Robert Moir: "Re: System firewall"
- In reply to: karl [x y]: "Re: system hacked"
- Next in thread: karl [x y]: "Re: system hacked"
- Reply: karl [x y]: "Re: system hacked"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
