Re: system hacked

From: karl [x y] (jamescagney90210@excite.com)
Date: 08/07/02 

From: "karl [x y]" <jamescagney90210@excite.com>
Date: Tue, 6 Aug 2002 18:58:35 -0400

When troubleshooting firewall problems, the first thing to do is check the
firewall logs right after a failed access to see what if anything is being
blocked, then consider writing a rule to open up that port or disable or
modify the rule that blocked the packet, assuming your log tells you that
information.

"Neal Stoughton" <nmstough@uci.edu> wrote in message
news:OwVgfFXPCHA.2048@tkmsftngp08...
> Thanks for the very helpful responses such as this.
>
> I am trying to secure my machine by using a firewall, and I want to use
> something reliable like the built-in Microsoft Internet Connection
Firewall
> in XP. I tried to enable it and then unblock the various ports that I am
> using, but I couldnt get it to work. Even though I would unblock port 80,
> for instance, the web server was not accessible anymore.
>
> Any idea why this is happening?
>
>
> "karl [x y]" <jamescagney90210@excite.com> wrote in message
> news:eEGhpJNPCHA.2016@tkmsftngp11...
> > I agree as well, though you'll have the same problem if you don't secure
> the
> > new machine and all the other machines. It's probably a good idea to
> change
> > all the passwords on the network and check other machines for signs of
> > intrusion.
> >
> > Fport from foundstone.com, sygate from sygate.com and languard file
> > integrity checker from www.gfi.com [all free for non-commercial use] as
> well
> > as an antivirus scanner and a trojan scanner such as www.pestpatrol.com
> > and/or www.gfi.com can all help you detect whether there has been an
> > intrusion. The books Incident Response is also helpful here [and
Hacking
> > Exposed 3rd edition is helpful to learn how to secure your system].
> >
> > Whether or not you reinstall, you'll still want to secure your systems.
> > Choose a good password for all your login IDs [and change all the
> passwords
> > after the system is secure], install all microsoft security patches and
> > follow the security checklists for windows and IIS, including installing
> > IISlockdown including URLscan, all available at
> > www.microsoft.com/security, use an antivirus program like Norton that is
> set
> > to download updates every day, use a hardware and software firewall
> starting
> > with Sygate [free for noncommercial use, software firewall] and Netgear
> > [starting at $70 US], disable Client for Microsoft Networks / NetBIOS
over
> > TCP on your internet-facing network interface, etc.
> >
> >
> > "RWare" <ryanware1@hotmail.com> wrote in message
> > news:#x96MPLPCHA.2416@tkmsftngp09...
> > > I would second Matt's recommendation of rebuild. No way would I trust
> the
> > > machine without that.
> > >
> > >
> > > "Matt W." <MMWoeppel@rmscoinc.com> wrote in message
> > > news:0cb601c23ca8$1f183e50$37ef2ecf@TKMSFTNGXA13...
> > > >
> > > > >-----Original Message-----
> > > > >It appears that my Windows XP professional workstation
> > > > has been hacked. I
> > > > >find that something called service "a" has been installed
> > > > and it runs a file
> > > > >called "1.exe". I have no idea what else is going on.
> > > > My system appears to
> > > > >be used for denial of service attacks to other systems.
> > > > What should I do to
> > > > >fix it?
> > > > >
> > > > >--
> > > > >--
> > > > >Neal Stoughton
> > > > >
> > > > >
> > > > >.
> > > >
> > > >
> > > > Whenever I feel that my computer has been compromised, I
> > > > always format the computer and re-install. You never know
> > > > what backdoors the hacker has installed on your system.
> > > >
> > > > But, if you do not wish to format and re-install, run a
> > > > virus check, hope that it picks it up, and removes it.
> > > >
> > > > You can also install a firewall, either sygate or zone
> > > > alarm (both free), and hopefully the firewall will prevent
> > > > your computer from being used in DoS attacks.
> > > >
> > > > Best of luck
> > > >
> > > > Matt W.
> > >
> > >
> >
> >
>
>

Relevant Pages

  • Re: Need advice about hacking and security
    ... All of my email accounts - Hotmail, Yahoo, ... > Outlook also requires a lot of tweaking to secure it. ... In some states, there are laws with teeth, ... > You probably need a firewall to start. ...
    (comp.security.misc)
  • Re: What security package for SBS?
    ... I have a secure Windows network. ... I also have a secure MacMini and on occasion a secure Ubuntu. ... With a business class firewall stripping crap off all incoming traffic and properly implemented security policies in addition to giving your users absolutely no admin rights, there is no reason to believe you can't create a secure Microsoft Network. ...
    (microsoft.public.windows.server.sbs)
  • Re: Firewall - Limit Geographic Area
    ... Firewall - Limit Geographic Area ... > times more secure than a Microsoft Windows machine can be). ... Redhat is conservative about what they release ... > - do not reuse passwords between your server and, say, random ...
    (RedHat)
  • Re: PC Hack Prob
    ... Windows Update ... Have I mentioned that Microsoft has some stuff to help secure your computer ... You should at least turn on the built in firewall. ... ANTIVIRUS SOFTWARE ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Wanting To Try FreeBSD: Security Question.
    ... How hard is it to secure FreeBSD for a desktop computer? ... The relatively minimal pf.conf file for the firewall I run on my laptop, ... A firewall is not the end of all your security needs. ...
    (comp.unix.bsd.freebsd.misc)
Quantcast