Re: MAKING YOUR COMPUTER SYSTEM SECURE AFTER IT'S BEEN COMPROMISED

From: Paul Overway (paul_at_i.hate.spam.logico-solutions.com)
Date: 11/03/03 

Date: Mon, 3 Nov 2003 08:23:52 -0500

Please consult your physician and check your Haldol dosage. 

--
Paul Overway
Logico Solutions, LLC
www.logico-solutions.com
"Jene Keller" <f2byline@yahoo.com> wrote in message
news:d3e3462a.0311022017.54d9eee2@posting.google.com...
> Copyright 2003 by Debbie X.  All rights Reserved.  No part of this
> publication may be reproduced in any form or by any means, or stored
> in a data base or retrieval system, without prior written permission
> of the publisher.  You may pass along this information, but give
> credit where credit is due.
>
> MAKING YOUR COMPUTER SYSTEM SECURE AFTER IT'S BEEN COMPROMISED:
>
> I highly recommend keeping the hacked hard drive and purchasing a new
> one.  Of course you could mirror the drive, but you still need a
> replacement drive to perform this task.  You can't produce the same
> results by replicating files versus viewing the actual hard drive
> itself.  If your system was used to attack and crash a Network, or
> System, you have proof for the FBI or any Law Enforcement Agency.
> This would show you were not involved in any illegal activities until
> you discovered your system was hacked.
>
> The proper method is to re-format your hard drive, and install from
> original CD-ROM.  To safe guard against software manufacturer employee
> malicious activity always virus check your CD-ROM.  Not too long ago,
> I decided to install X Software Application on a computer, media form
> was a CD-ROM.  Immediately, Norton Anti-virus told me a suspicious
> file named "install.exe" was trying to load into my hard drive boot
> sector.  We all know an application doesn't need to load in a boot
> sector of a drive.  After telling the computer not to install this
> application, it still made it's way and changed the name of my hard
> drive.  The computer access slowed down, while viewing directories the
> screen started to move back and forth.
>
> Virus check all floppy disks because hackers DO install a Backdoor,
> Trojan Horse, or Virus on disks.  They enjoy doing this especially
> when you're online using your computer, with a floppy in the drive.
> My preference is to obtain a replacement CD-ROM if your software
> applications are on a floppy.  What concerned me most is a Backdoor
> was planted in a .zip file and unopened.  Norton's Anti-virus
> application couldn't detect it.  Let's one day you come along and for
> no reason, you decide to open this .zip file, voila, the Backdoor is
> unleashed.
>
> There will always be evil code applications (to knock your system into
> becoming a victim) out in this world which anti-virus applications
> won't be able to catch.  Either the Trojan Horse already installed on
> your system will eat the floppies alive, or hacker's will.  Hackers
> will bind or disguise their applications and install them on your
> floppy disks.  Many Trojan Horses "hide" all traces of their
> applications they run on your system.  On your computer perform a
> search for a file named "backdoor.zip".  I will warn you now, if you
> unleash this baby after a complete application install and go online,
> you will unleash many of the secrets to the "underground" hackers
> world.
>
> A number of Internet Service Providers allow free dial-up access with
> DSL and Cable connections.  Note:  Hackers are taking advantage of
> your canceled accounts even when they were closed.  Until certain
> Internet Services Providers and Telecommunication Companies correct
> their major error; telecon your ISP and ask them to change your
> password since malicious hackers are abusing your canceled account,
> holding you liable.
>
> Disabling all unnecessary Window Services will assist in making your
> computer system secure.  How to accomplish this task is presented
> under "Windows Services you might want to disable".  If running any
> type of Server, update the latest application patches.
>
> Once you are able to view all Hidden Files and Folders, it would be
> smart to make a backup copy of your registry.  To perform this, do the
> following:
>
> A.  Select Start, Run, type in Regedit, and press enter.
> B.  Then Select Registry, Export Registry File
> C.  In the box, type a name like "3-21-02.txt"
> D.  Select Save.
>
> You can open this file in any text editor.  What you want to do first
> is check the bottom of the file.  Hardware/Application/Device Driver
> information can be setup by hackers at the bottom of the file.  What I
> did was "incorporate" one registry entry at a time.  You could see a
> major difference.  Each time you save the registry file it will create
> a file called RB000.CAB and so forth, depending on how many copies
> that you have saved.  If you perform the backup when the hackers are
> abusing your system, you might only see 30 lines of text, the next
> time 100, and so on.  This is a clear sign that your computer is
> compromised.
>
> Tracker
> I know how important it is for me not to define myself by how others
> perceive me.