Re: Have I been hacked?

From: Karl Levinson [x y] mvp (jamescagney90210@excite.com)
Date: 12/28/02 

From: "Karl Levinson [x y] mvp" <jamescagney90210@excite.com>
Date: Sat, 28 Dec 2002 13:58:56 -0500

If he was able to get into the administrative shares, his account is
probably in the local Administrators group on your PC... check and see.

"jim" <jim@hotmail.com> wrote in message
news:uljP9.226$Fj2.134796@news2.news.adelphia.net...
> I agree in the sense that he probably was just 'joyriding' because he
> stumbled upon an obvious weakness. He isn't normally a malicious type as
far
> as I know. No files or drives are shared except the usual admin shares
> (which I will remove) and sensitive files are encrypted and password
> protected so he probably didn't get anything for his trouble.
> This is the 2nd incident I've found in his profile but the 1st time, I had
> set up his user acct on my PC to solve probs he was having with email -
then
> forgot to delete it. Once discovered, I deleted the profile, changed all
my
> passwords & enabled auditing. Since I couldn't prove anything one way or
the
> other, nothing was said or done.
> I am a Babe-In-The-Woods as far as security is concerned but I will be far
> more knowlegeable by Mon. morning...
>
> Thanks for all your help!
>
>
>
> "Karl Levinson [x y] mvp" <jamescagney90210@excite.com> wrote in message
> news:e8g3UTnrCHA.2488@TK2MSFTNGP12...
> > RE: auditing, I agree.
> >
> > http://securityadmin.info/faq.htm#auditing
> >
> > I doubt you were "hacked," in the sense that I doubt there were any
> > permissions set up to block this person from looking into the files. I
> say
> > this because these restrictions would need to be manually added by your
> > company and are not the Windows default.
> >
> > Snooping on your computer is still unethical and hopefully your company
> has
> > a written policy against doing this, but I doubt any special talent was
> > necessary other than just trying the doorknob and opening the unlocked
> door.
> >
> > Signs of more typical "hacking" could often be seen in the audit logs
> and/or
> > if you did the following:
> >
> > http://securityadmin.info/faq.htm#hacked
> >
> >
> > "Martin" <Martin@nospam.bot> wrote in message
> > news:029c01c2ae13$1a7bae40$d6f82ecf@TK2MSFTNGXA13...
> >
> > > I suggest you change permissions on your folders "security
> > > settings" and configure the use of these folders to be
> > > audited. This way you can see if it happens again.
> >
> > > >-----Original Message-----
> >
> > > >Have I been hacked? If so how? What else should I be
> > > looking for?
> > > >
> > > >Please help as his job will depend on the outcome and I'd
> > > hate to get him
> > > >fired if he was just poking around where he had W2K
> > > permissions to do so.
> >
> >
> >
> >
> > ---
> > Outgoing mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.423 / Virus Database: 238 - Release Date: 11/25/2002
> >
> >
>
> 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.423 / Virus Database: 238 - Release Date: 11/25/2002