MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: security problems
December 06, 2019, 04:09:20 PM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
December 06, 2019, 04:09:20 PM

Login with username, password and session length
 Featured Sites:
News
New  New Poll on our main page!
"My experience with Vista..."
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: security problems  (Read 1442 times)
hells_angel
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 2


Bookmark and Share

View Profile
« on: April 12, 2004, 05:05:11 AM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version:Windows XP
Problem Application Name & Version:
Problem Hardware Make & Model:
Error Messages:



I've had problems with my ex boyfriend accessing my computer somehow.  I don't know exactly what it is he's doing, but he knows everywhere and everything I do.  Can he be accessing my pc from somewhere else?  And if he can, how do I stop this.  I don't think I've got a virus/trojan or spyware...but I'm not positive.  Can I find out who and where someone's accessed my accounts...if they have been accessed?   I'd appreciate any suggestions....thank you!!
Logged

 
Dizzy
Sr. Member
****

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 125


Bookmark and Share

View Profile
« Reply #1 on: April 13, 2004, 02:15:11 AM »

Hi h_a,

Welcome to the best forum on the net. Grin

The very first thing I would do would be to download and install a good firewall like Zone Alarm (free) just in case he knows a thing or two and is accessing your computer remotely (highly unlikely, but it is better to err on the side of caution.)

Next, download, install and update Spybot S & D and use the Immunize feature in the program.  Let it scan for problems and have it fix anything it finds that is marked in red.  This will remove any spyware from your system and it should detect any keyloggers as well.

Next, go change your passwords at every site where you log in, including email.  Make sure it is a strong password - one that isn't found in the dictionary, contains at least 6 characters and includes upper case, lower case, numbers and a special character.  This makes it virtually impossible to crack.  An example would be:  Mts45@  Notice the capital, lower case, numbers and special character (@).

If you think you may have a trojan, a good, free AT is available called a
Logged




I am a "One Off Gem."

Just ask My Julian. [Cheesy]
hells_angel
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 2


Bookmark and Share

View Profile
« Reply #2 on: April 13, 2004, 09:20:01 AM »

Can you tell me how he could access my computer remotely.  I think if I understood how he's doing it...it'd help me prevent it better.  Thank you for your time and advice...I truely appreciate it!!
Logged

 
Dizzy
Sr. Member
****

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 125


Bookmark and Share

View Profile
« Reply #3 on: April 16, 2004, 03:44:41 AM »

Hi again,

Accessing your computer remotely = hacking.  I couldn't begin to explain it here even if I understood it.  You need to follow the advice I posted above starting with the firewall.  A firewall prevents unauthorized access to your PC.

Dizzy


Logged




I am a "One Off Gem."

Just ask My Julian. [Cheesy]
sixpac
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 45


Bookmark and Share

View Profile
« Reply #4 on: April 18, 2004, 05:33:30 PM »

In the IT world, a Trojan horse is used to enter a victim's computer undetected, granting the attacker unrestricted access to the data stored on that computer and causing great damage to the victim. A Trojan can be a hidden program that runs on your computer without your knowledge, or it can be 'wrapped' into a legitimate program meaning that this program may therefore have hidden functions that you are not aware of. Trojans can be used to siphon off confidential information or to create damage. Within the network context, a Trojan is most likely to be used for spying and stealing private and sensitive information (industrial espionage). The attacker's interests could include but are not limited to:
Credit card information (often used for domain registration or shopping sprees)
Any accounting data (email passwords, dial-up passwords, Web services passwords, etc)
 Confidential documents Email addresses (for example, customer contact details)
Confidential designs or pictures Calendar information regarding the user's whereabouts
 Using your computer for illegal purposes, such as to hack, scan, flood or infiltrate other machines on the network or or Internet

There are many different types of Trojans, which can be grouped into seven main categories.Note, however, that it is usually difficult to classify a Trojan into a single grouping as Trojans often have traits would place them in multiple categories. The categories below outline the main functions that a Trojan may have.

Remote access Trojans
Data-sending Trojans (passwords, keystrokes etc.)
Destructive Trojans
Denial of service (DoS) attack Trojans
Proxy Trojans
FTP Trojans
Security software disablers

Anti-virus software recognizes only a portion of all known Trojans and does not recognize unknown Trojans.

Although most virus scanners detect a number of public/known Trojans, they are unable to scan UNKNOWN Trojans. This is because anti-virus software relies mainly on recognizing the "signatures" of each Trojan. Yet, because the source code of many Trojans is easily available, a more advanced hacker can create a new version of that Trojan, the signature of which NO anti-virus scanner will have.

To effectively protect your network against Trojans, you must follow a multi-level security strategy
You need to implement gateway virus scanning and content checking at the perimeter of your network for email, HTTP and FTP - It is no good having email anti-virus protection, if a user can download a Trojan from a website and infect your network.
You need to implement multiple virus engines at the gateway - Although a good virus engine usually detects all known viruses, it is a fact that multiple virus engines jointly recognize many more known Trojans than a single engine.
You need to quarantine/check executables entering your network via email and web/FTP at the gateway. You have to analyze what the executable might do.

Remote access Trojans
These are probably the most publicized Trojans, because they provide the attacker with total control of the victim's machine. Examples are the Back Orifice and Netbus Trojans. The idea behind them is to give the attacker COMPLETE access to someone's machine, and therefore full access to files, private conversations, accounting data, etc.

The Bugbear virus that hit the Internet in September 2002, for instance, installed a Trojan horse on the victims'machines that could give the remote attacker access to sensitive data.

The remote access Trojan acts as a server and usually listens on a port that is not available to Internet attackers. Therefore, on a computer network behind a firewall, it is unlikely that a remote (off-site) hacker would be able connect to the Trojan (assuming that you have blocked these ports, of course). HOWEVER, an internal hacker (located behind the firewall) can connect to this kind of Trojan without any problems.

Data-sending Trojans (passwords, keystrokes etc.)
The purpose of these Trojans is to send data back to the hacker with information such as passwords (ICQ, IRC, FTP, HTTP) or confidential information such as credit card details, chat logs, address lists, etc. The Trojan could look for specific information in particular locations or it could install a key-logger and simply send all recorded keystrokes to the hacker (who in turn can extract the passwords from that data).

An example of this is the Badtrans.B email virus (released in the wild in December 2001) that could log users' keystrokes.

Captured data can be sent back to the attacker's email address, which in most cases is located at some free web-based email provider. Alternatively, captured data can be sent by connecting to a hacker's website - probably using a free web page provider - and submitting data via a web-form. Both methods would go unnoticed and can be done from any machine on your network with Internet and email access.

Both internal and external hackers can use data-sending Trojans to gain access to confidential information about your company.

Destructive Trojans
The only function of these Trojans is to destroy and delete files. This makes them very simple to use. They can automatically delete all the core system files (for example, .dll, .ini or .exe files, and possibly others) on your machine. The Trojan can either be activated by the attacker or can work like a logic bomb that starts on a specific day and time.

A destructive Trojan is a danger to any computer network. In many ways, it is similar to a virus, but the destructive Trojan has been created purposely to attack you, and therefore is unlikely to be detected by your anti-virus software.

Denial of service (DoS) attack Trojans
These Trojans give the attacker the power to start a distributed denial of service (DDoS) attack if there are enough victims. The main idea is that if you have 200 infected ADSL users and you attack the victim simultaneously from each, this will generate HEAVY traffic (more than the victim's bandwidth can carry, in most cases), causing its access to the Internet to shut down.

WinTrinoo is a DDoS tool that has recently become very popular; through it, an attacker who has infected many ADSL users can cause major Internet sites to shut down; early examples of this date back to February 2000, when a number of prominent e-commerce sites such as Amazon, CNN, E*Trade, Yahoo and eBay were attacked.

Another variation of a DoS Trojan is the mail-bomb Trojan, where the main aim is to infect as many machines as possible and simultaneously attack specific email address/addresses with random subjects and contents that cannot be filtered.

Again, a DoS Trojan is similar to a virus, but the DoS Trojan can be created purposely to attack you, and therefore is unlikely to be detected by your anti-virus software.

Proxy Trojans
These Trojans turn the victim's computer into a proxy server, making it available to the whole world or to the attacker alone. It is used for anonymous Telnet, ICQ, IRC, etc., to make purchases with stolen credit cards, and for other such illegal activities. This gives the attacker complete anonymity and the opportunity to do everything from YOUR computer, including the possibility to launch attacks from your network.

If the attacker's activities are detected and tracked, however, the trail leads back to you not to the attacker - which could bring your organization into legal trouble. Strictly speaking, you are responsible for your network and for any attacks launched from it.
FTP Trojans
These Trojans open port 21 (the port for FTP transfers) and let the attacker connect to your machine via FTP.

Security software disablers
These are special Trojans, designed to stop/kill programs such as anti-virus software, firewalls, etc. Once these programs are disabled, the hacker is able to attack your machine more easily.

The Bugbear virus installed a Trojan on the machines of all infected users and was capable of disabling popular anti-virus and firewalls software. The destructive Goner worm (December 2001) is another virus that included a Trojan program that deleted anti-virus files.

Security software disablers are usually targeted at particular end-user software such as personal firewalls, and are therefore less applicable to a corporate environment.







Logged

 
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page November 24, 2019, 09:43:54 PM