Hacked - Jemsite
Off-topic / Miscellaneous Talk about miscellaneous stuff off-topic and not related to music, guitars or bands. No music, gear or anything guitar related here please.

 
LinkBack Thread Tools Display Modes
post #1 of 13 (permalink) Old 04-09-2005, 02:53 PM Thread Starter
 
Join Date: Feb 2001
Location: Montréal, Canada
Posts: 374
Unhappy Hacked

Well my suspicions have been confirmed, my computer's been/is hacked.

2 months ago I decided I'd install a P2P program to preview some music. I also installed a BETA version of messenger.

Last week I get my internet bill and i have 23 gigs in uploads ( only allowed 10 per month).

I figured It's cause I left the P2P app running...my fault, I'll pay. Since then I've uninstalled the software.

Today I browsed my "internet consumption update" on my ISP's web site and it said I already have 6.8 gigs in uploads....

When I type netstat -a in DOS there are other ISP's connected...

Man this bites. Looks like i'm due for a re-install.

I dunno if I got hacked through MSN Beta (also now removed) or the P2P.

Anybody else get hacked? What did you guys do?

I feel a bit violated...I also do all my banking and transfers via the net. manoman.
30yroldpig is offline  
Sponsored Links
Advertisement
 
post #2 of 13 (permalink) Old 04-09-2005, 06:19 PM
 
Join Date: Dec 2004
Location: Manchester, England
Posts: 105
Re: Hacked

dont worry you havent been hacked, a P2P (peer to peer) is a program that lets the whole world share files, and u downloading files means your sharing them, so when you download a file, it auto shares it (you can turn this off so you dont share files) so sharing files means you are letting ppl download the files that you have downloaded from you, and this is why your upload bandwith is going up!

i hope tht made sence
bizkit666 is offline  
post #3 of 13 (permalink) Old 04-09-2005, 06:35 PM
 
Join Date: May 2003
Location: London, England
Posts: 796
Re: Hacked

have you scanned for spyware?
Artist is offline  
post #4 of 13 (permalink) Old 04-09-2005, 07:22 PM
 
Join Date: Dec 2000
Location: Chicagoland, IL.
Posts: 4,348
Reviews: 1
Re: Hacked

You could have EASILY picked up a trojan and are being used as a slave to send out mass emailings unbeknownst to you.
Which P2P system did you install?
2ndly, I would get a firewall installed ASAP.
3rd, run all manor of virus and spyware scanning to detect any infiltration.
Another way to find some of these is look at the running processes and look up the ones that don't look familliar to you, normally you should see 25-no more than 40-ish (with a lot of apps open) I try to keep my total processes as low as possible just so I know when something new is running on my machine. I haven't had a cirus or reinstall in 2 years since I built my machine. (with the exception of when I swapped over to a raid 0 config.)

Hope this helps.
There are also bandwidth meters to see incoming and outgoing traffic on all ports.


Bamm
bammbamm is offline  
post #5 of 13 (permalink) Old 04-09-2005, 11:43 PM
 
Join Date: Mar 2005
Location: Maryland
Posts: 116
Re: Hacked

Firstly,turn off all your active x updates as that is a major cause for hacker interference if you run xp...just get a firewall running and a program called zone alarm to alert and diable people from accessing your modem. run some anti-virus program and/or ad-aware , check the path if there is a problem and check it manually in your registry , if worse comes to worse just disable file sharing and reformat/defrag. . Like bam said you normally have a tagged section showing bandwith traffic and try to check whats running at startup. hope that helps
Ralsch is offline  
post #6 of 13 (permalink) Old 04-09-2005, 11:49 PM
 
Join Date: Sep 2002
Location: Bellevue, WA
Posts: 1,687
Re: Hacked

1. Enable a firewall. Better yet, use hardware router if you have one.
2. Run full virus and spyware scan. Microsoft scanning tool is pretty good.
3. Do not use P2P clients that are not written in Java, .NET languages (C#, VB.Net, Managed C++) or other language that is fully protected against buffer overflows.

I'm actually surprised nobody actively targets P2P clients like emule, edonkey, gnutella, etc. They were written by hobbyists, they expose ports to the web, and they most likely have more holes than Swiss cheese. Best of all, source code is often available, so you don't have to guess.

Look for a client written in Java or for Microsoft .NET platform. This automatically prevents a whole bunch of attacks. Many attacks are simply not possible on the systems that use runtime buffer length checking. I run Azureus myself, and it works pretty darn good. Also, before installing P2P software, google on the web to make sure that stuff you install doesn't come with spyware. P2P programs often have spyware. Once you install this stuff on your machine the only safe way to remove it is to rebuild the machine.

Last edited by microdmitry; 04-09-2005 at 11:50 PM. Reason: typo
microdmitry is offline  
post #7 of 13 (permalink) Old 04-10-2005, 10:54 AM Thread Starter
 
Join Date: Feb 2001
Location: Montréal, Canada
Posts: 374
Re: Hacked

Hi guys thanks for the replies.

Firstly I've been running zonealarm since I began surfing the web. I'm using an anti-virus (AVG FREE) and everytime i finnish surfing, i run add aware SE as well as Spybot-search & destroy. I know they're only freebee wares but I can't afford new software now and I don't believe in hacked software (no pun intended)

I understand the principle of P2P apps (was running shareazaa), what I don't understand is why, when I cleared ALL my shared files associated with shareazaa, there were 6.8 gigs in uploads. That's why I suspect that I've been hacked or as Bamm said had a trojan installed.

I'll look into all those options, Bamm, I have about 30 running processes, but to be perfectly honest, I don't really know what they all mean.

Once again, many thanks guys

Cheers
Pat
30yroldpig is offline  
post #8 of 13 (permalink) Old 04-10-2005, 11:29 AM
 
Join Date: Aug 2003
Location: Odense S, Denmark
Posts: 9,952
Re: Hacked

Get a program called hijackthis (use google to find it) and do a scan with it. The program will list the processes you are running then post the log file here.

Regards

André



fettouhi is offline  
post #9 of 13 (permalink) Old 04-10-2005, 12:42 PM
 
Join Date: May 2002
Location: Milton Keynes,UK
Posts: 2,355
Re: Hacked

Quote:
Originally Posted by Pat knup
Hi guys thanks for the replies.

Firstly I've been running zonealarm since I began surfing the web. I'm using an anti-virus (AVG FREE) Cheers
Pat
Pat, Have used AVG for about 6 years now, after hearing of it on #UKMG and have never had a virus issue on the freeware version ... As for the P2P stuff, I rarely use Win*x and have never suffered unduley, Nor do i get spyware scans show up anything untoward.

Hope you get sorted out bro

Rob
Jem7RB MK is offline  
post #10 of 13 (permalink) Old 04-12-2005, 08:20 PM Thread Starter
 
Join Date: Feb 2001
Location: Montréal, Canada
Posts: 374
Re: Hacked

Rob, thanks for the encouragement, but I'll steer clear from P2P software.

So far everything seems back to normal, although I havn't really kept my system running long enough to see if there was any more activity.

André check your inbox, I've emailed you a Hijack this log.

Many thanks everyone.

Cheers
Pat
30yroldpig is offline  
post #11 of 13 (permalink) Old 04-12-2005, 08:39 PM
 
Join Date: Jan 2004
Location: UK
Posts: 491
Re: Hacked

Go to this page:

http://www.answersthatwork.com/Taskl...s/tasklist.htm

It is a list of almost all the programs that could be running in your task list (what processes are running in ctrl-alt-del) and what they do, and whether you need/want them. It's worth checking out and comparing to your tasklist every now and again to make certain you've not picked up anything nasty (in addition to all the other advice above).
Serratus is offline  
post #12 of 13 (permalink) Old 04-12-2005, 09:02 PM
 
Join Date: Apr 2005
Location: Rochester, NY/Boston, Mass
Posts: 1,019
Reviews: 6
Re: Hacked

Get yourself a nice mac that runs OS X. I got one thru school and I hate PCs now, viruses/hacking isn't an issue. The new mac mini is only 500-600 bucks and it works great. Personally i'd recomend a good G4 if you can afford it. I've got a powerbook. It works great.
Jemwielder is offline  
post #13 of 13 (permalink) Old 04-15-2005, 05:49 PM Thread Starter
 
Join Date: Feb 2001
Location: Montréal, Canada
Posts: 374
Re: Hacked

Quote:
Originally Posted by Jemwielder
Get yourself a nice mac that runs OS X. I got one thru school and I hate PCs now, viruses/hacking isn't an issue. The new mac mini is only 500-600 bucks and it works great. Personally i'd recomend a good G4 if you can afford it. I've got a powerbook. It works great.
Thanks but no thanks. I work with G4's and G5's at the studio and I don't find OSX all that stable.
30yroldpig is offline  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Jemsite forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address

IMPORTANT: You will be required to activate your account so please ensure that your email address is correct.

If you do not receive your activation check your spam folder before using the CONTACT US form (at the bottom right of each page).



Email Address:
OR

Log-in










Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Similar Threads
Thread Thread Starter Forum Replies Last Post
FS: Jackson PS4 Japan, hacked up!! Boston $100 tanpsi Classified Ads: Guitars and Gear 2 01-11-2008 01:08 PM
Hacked!!! John Finn Off-topic / Miscellaneous 9 03-20-2006 07:09 AM
Jemsite Hacked? caprile Forum Announcements and Member Help 6 04-02-2005 02:43 PM

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome