help

TheMSsForum.com: The Microsoft Software Forum

I have been illegally networked for over a year. Got a
new computer 2 months ago with HP home. This person (I
know the identity) has worked around firewalls, Mcafee,
Zone Alarm, you name it. Ive wiped the drives 3 times
but persistent information is being stored in C;, D; S;
K; F; G: drives, jsut that I know of. Microsoft has told
me they are obviously into the registry and Im at a loss
to stop this. Any ideas?
Top

help by sgopus

sgopus
Wed Jul 02 19:55:22 CDT 2003

If you have the proof, go to the FBI Fraud division
and see what they can or are willing to do.
also speak to your local police dept and file charges
against them!



>-----Original Message-----
>I have been illegally networked for over a year. Got a
>new computer 2 months ago with HP home. This person (I
>know the identity) has worked around firewalls, Mcafee,
>Zone Alarm, you name it. Ive wiped the drives 3 times
>but persistent information is being stored in C;, D; S;
>K; F; G: drives, jsut that I know of. Microsoft has told
>me they are obviously into the registry and Im at a loss
>to stop this. Any ideas?
>
>.
>
Top

Re: help by Jason

Jason
Wed Jul 02 21:01:05 CDT 2003

* sgopus <fredd@hotmail.com>:
> If you have the proof, go to the FBI Fraud division
> and see what they can or are willing to do.
> also speak to your local police dept and file charges
> against them!

Or better yet as the feds and local cops have better things to do with
thier time, install an avp, a firewall, a spyware remover etc..

Jason
Top

Re: help by sgopus

sgopus
Wed Jul 02 22:07:18 CDT 2003

I guess you missed the part where he said the invader has
gotten around firewalls and etc...
It's the reason I said (if you have proof) report them!


>-----Original Message-----
>* sgopus <fredd@hotmail.com>:
>> If you have the proof, go to the FBI Fraud division
>> and see what they can or are willing to do.
>> also speak to your local police dept and file charges
>> against them!
>
>Or better yet as the feds and local cops have better
things to do with
>thier time, install an avp, a firewall, a spyware remover
etc..
>
>Jason
>.
>
Top

Re: help by Super_Geek

Super_Geek
Mon Jul 07 13:37:25 CDT 2003

kathy asks a question to do with PCs, Super_Geek dives in and tries to
help:
>I have been illegally networked for over a year. Got a
>new computer 2 months ago with HP home. This person (I
>know the identity) has worked around firewalls, Mcafee,
>Zone Alarm, you name it. Ive wiped the drives 3 times
>but persistent information is being stored in C;, D; S;
>K; F; G: drives, jsut that I know of. Microsoft has told
>me they are obviously into the registry and Im at a loss
>to stop this. Any ideas?
>


Being 'illegally networked' is different to being hacked. If you know
the person who has hacked you, do as sgopus says and report them. Here
are some links that may help you do just that:
http://securityadmin.info/faq.htm#trace describes how to use
www.network-tools.com and http://visualroute.visualware.com, and then
info on reporting hackers.

The information stored on the drives is probably the key element in the
hacker's ability to by-pass your firewall. Try getting a new firewall,
but first you must rid the files on those drives.
If you have wiped the drives already, and the files are coming back, you
must either be infected with a virus which is putting the files back,
the format tool has been altered, (unlikely but possible,) or they are
being copied from your network. I recommend removing all network shares
(or at least putting them as read-only,) and then formatting the drives.
If the primary hard disk (the one with the OS,) is separate from drives
D, S, F and G, use the fdisk command in dos to delete the whole
partition rather than formatting. Then use the dos format tool as
opposed to the windows one.
Now that you have been hacked, re-installing windows would be sensible
to remove all traces of the hack. However, if this is awkward, you need
a good trawl through the registry and some serious scanning using
spy-ware and up-to-date virus scanners.

Some links to help you:
http://securityadmin.info/faq.htm#trace
http://securityadmin.info/faq.htm#harden
http://www.microsoft.com/security/

FIREWALLS
ZoneAlarm is the most widely used, but there's also www.agnitum.com,
www.kerio.com and www.sygate.com.

Online Virus scanning
http://www.pandasoftware.com/activescan/com/activescan_principal.htm
http://housecall.trendmicro.com/

A google search also came up with:
http://www.ciac.org/ciac/
http://www.cert.org/tech_tips/

Hope this helps!
--
Super_Geek, 16
"How do I set a laser printer to stun?"
-My website is currently under construction, but I'll post a link here soon forFAQs.
Top