ever feel deliberatly attacked by a hacker?

[BirdDad]

I noticed that a computer that was off turned itself on when I was 2 feet from it,I know that I may have wake on lan enabled but nothing should have trying to access that computer at that time.
I tried trend micro's house call on it and something closed it.
I had norton 360 on this computer and I got a yellow shield alert the kind that sits in the system tray.I click on it and it says that my anti virus is turned off.WTF I didn't turn it off.
I did a scan with it and it found backdoor.formador on it and gave me no option to delete this just that it would have to be manually resolved.so after about an hour of letting a norton tech sqrew with my computer I got fed up and decided the time was right for a hard drive upgrade.
On my other machine I had trend micro internet sequrity running and it said that it was shut off.
Should I be a little bit paranoid since this all happened this week and what could I do to get this stuff to quit?

Sent to security forum. -DrPizza 1/20/08 7:54pm

 

[Ns1]

i'm sorry.


all your base are belong to us.

 

[yankeesfan]

Do you have a firewall?

 

[BirdDad]

yes there is the firewall hardware with my linksys router and then software either norton or trend micro or kapersky or on this machine where it is both norton and trend micro(yes I have both of these working on the same machine).

 

[MyThirdEye]

Originally posted by: Ns1
i'm sorry.


all your base are belong to us.

:laugh:

 

[Red Squirrel]

Hacks are most likely hardly ever deleberite. My site got hacked a while back, did a search only to find 100+ more sites hacked in the exact same way. It's people with nothing better to do.

If your lucky the hacker is just doing it to screw around, rather then to destroy, so chances are the damage is minimum I've never had my network hacked though, I would say that is MUCH worse, as it contains all your personal information and such.

 

[SketchMaster]

Originally posted by: BirdDad
...I had norton 360 on this computer...

[Redneck]Well there's your problem![/Redneck]

 

[thomsbrain]

make sure your router is actually set up to protect your network (no DMZ, minimal forwarded ports, etc, WPA wireless security, etc).

 

[BirdDad]

my router is not forwarding any ports and no DMZ WPA is enabled with quite a strong password.

 

[spidey07]

Originally posted by: BirdDad
my router is not forwarding any ports and no DMZ WPA is enabled with quite a strong password.

Doesn't matter. All it takes is viewing a website to get infected. A lot of malware will disabled your anti-virus. sounds like that's what happened.

Check the security forum on how to protect your machines. If you have wireless and it's not properly secured it's probably the kids next door playing around.

 

[SampSon]

A few tips on protecting yourself:
Don't let your kids use the computer, if they must then give them their own computer completely blocked from your own network.
Stop looking at free porn.

 

[BirdDad]

I don't look at any porn really.

 

[SampSon]

"Really?" So that means you DO look at porn sometimes?

Anyway, back to your topic. Most likely your entire ISP was targeted by some script kiddies.

 

[BirdDad]

If you must know I have sworn off all porn except for whats in movies(not porn movies but real movies)

 

[Red Squirrel]

oh and DONT USE IE. I'm not saying Firefox or Opera are 100% safe, but you are MUCH safer using those then IE. There are much less hijacks targeted at the alternatives. I've never heard of any but I won't rule them out completly. There are various add ons for firefox such as noscript which will help prevent these type of browser attacks.


Also, do all p2p in an isolated environment such as a VM.

 

[blackangst1]

Originally posted by: RedSquirrel
oh and DONT USE IE. I'm not saying Firefox or Opera are 100% safe, but you are MUCH safer using those then IE. There are much less hijacks targeted at the alternatives. I've never heard of any but I won't rule them out completly. There are various add ons for firefox such as noscript which will help prevent these type of browser attacks.


Also, do all p2p in an isolated environment such as a VM.

The whole IE isnt safe thing isnt really true anymore. With the patches to IE7 its about the same as FF. Sure, FF has noscript add-ons, but you can also add on something like Norton's browser protection as well. There has also been quite a few patches to FF for venerabilities lately. Most attacks come via javascript or activeX, both of which can be turned off in IE7 ( I do). I often test my own PC's security by hitting a few of the top 10 baddies as reported by...hell cant remember its bookmarked at home...but a site that lists the top bad sites...I rarely if ever get infected using either browser.

Theyre about the same nowadays.

edit: AFAIK

 

[mechBgon]

Originally posted by: BirdDad

Should I be a little bit paranoid since this all happened this week and what could I do to get this stuff to quit?

some stuff you could do

And yes, you should be a bit paranoid these days. Not just of the Internet, but also flash drives, MP3 players, external hard drives, cameras, digital picture frames, burned CDs and DVDs. Malware can travel by those methods as well. If you can make a Limited account work for you in WinXP, that would be a solid start. Vista with UAC enabled is better yet.

 

[stevem326]

Originally posted by: mechBgon

Originally posted by: BirdDad

Should I be a little bit paranoid since this all happened this week and what could I do to get this stuff to quit?

some stuff you could do

And yes, you should be a bit paranoid these days. Not just of the Internet, but also flash drives, MP3 players, external hard drives, cameras, digital picture frames, burned CDs and DVDs. Malware can travel by those methods as well. If you can make a Limited account work for you in WinXP, that would be a solid start. Vista with UAC enabled is better yet.

I would take mechBgon's advice. He helped me out with a virus/malware problem I had a few weeks ago and I'm good-to-go now. One of the first things spyware/malware/viruses do is to try to shut down any anti-virus or anti-spyware software you have running on your system so it sounds to me like something got in. I wouldn't visit any banking or credit card websites and type in your user name, password, etc. until you figure out where the infection is and get it cleaned up. If a keylogger has been installed it could send all of your log-in details to the hacker.

Keep in mind that many of these things just reinstall themselves once you think you've wiped them out and rebooted your system. Sometimes they are nearly impossible to get rid of because they install themselves in your registry and various folders throughout your OS. Some people end up just nuking their entire HD and starting over. Hope that doesn't happen to you, though. Good luck!