Hacked questions

[pegasis]

Hello

How is it possible to tell if your computer or network has been hacked?

what tools can be used to scan or look for files?

is there a way to make a cheap intrusion detection device?

I was told to check my email address at this site;
https://validator.w3.org/

what does checking it at that site do?
(looking for errors in the parse of your email)


if you run the tree command and a lone file shows up unattached to a directory, what is that telling you?
is that your suspect file?

Is there a way to use bio-identification (finger print reader) with your computer to prevent from being hacked?

your feedback is most appreciated

 

[Elixer]

Define 'hacked'
What are you seeing that makes you think you were 'hacked'?

Are you running AV programs & malware detection software like Malwarebytes, or Spybot Search & destroy?

 

[pegasis]

oh yes of course, and it had absolutely no effect

no alerts were posted

 

[JEDIYoda]

When you reboot your computer do you get a smiley face with the words == Gotcha!!! on the boot up screen??

 

[pegasis]

no num nut!

 

[Mike64]

How is it possible to tell if your computer or network has been hacked?

Define 'hacked'

^ This. There's no single way to figure out if someone has done "any or all" of the various things people refer to as "hacking" in the pejorative sense. Also, what do you mean by "your computer"? Literally just the physical machine in your possession, or stuff like email and other online accounts? In other words, what are you concerned may have happened? Malware being installed on your machine itself? Someone stealing personal information from files on your actual hard drive? Getting passwords and thus access to email and other services that aren't physically on your computer?

 

[mikeymikec]

I was told to check my email address at this site;
https://validator.w3.org/

Err, that's a website for checking HTML (web page) code for standards compliance.

 

[pegasis]

Gee Mike your so helpful.. thanks

mike; yes I know it is for checking HTML

is there any meaningful technical info in this forum relevant to prevention and detection of hacking???

 

[mikeymikec]

Gee Mike your so helpful.. thanks

mike; yes I know it is for checking HTML

First things first, asking for help while adopting a hostile attitude is likely to reduce the chances of people offering you help.

Second, you posted something very odd, which I quoted, pointing out the flaw in what you posted, to which you respond saying that you already knew that. In which case, why post it in the first place? If you feel the need to try and sound like you know what you're talking about while simultaneously asking for help, then you're only lowering your chances of receiving explanations that are likely to help you.

is there any meaningful technical info in this forum relevant to prevention and detection of hacking???

You're not going to like this answer, but you've asked such a generalising question that this is the only likely answer you're going to get without volunteering further information: For example, you arrive home one night. How can you tell that someone has been in your house without your permission? What was their likely purpose? How proficient are they at breaking and entering without leaving evidence behind?

Your question regarding the tree command is a somewhat more specific question but it's not necessary by any stretch of the imagination for a hacker to either mess with the file system or with the file system drivers (either could produce such a result theoretically). For example, a well-known rootkit in recent years created its own disk partition to store its files on and modified the boot loader instead. I don't know what to make of the result you received with the tree command, but then I think I was in college the last time I seriously used the tree command so I don't know its foibles. An innocent file system issue could be the cause of an odd result with a program that queries the file system.

I personally don't trust biometrics very much, but without knowing the reason(s) why you're asking such questions in the first place, it's very difficult to supply advice to help defend against whatever is going on.

 

[Elixer]

Gee Mike your so helpful.. thanks

mike; yes I know it is for checking HTML

is there any meaningful technical info in this forum relevant to prevention and detection of hacking???

Only if you supply us with more details on WHY you think you are hacked?
If this is all 'in theory' type of question, then state that.

Otherwise you are just wasting everyone's time.

 

[pegasis]

I know I was hacked, but I am not going to be too specific.

they hacked into my yahoo account, because I called yahoo and said why can't I log in.

They told me, you have activity coming from Russia in your yahoo account.

1.2 billion account have been hacked

and they did a preliminary scan and found something


so my question still is; what tools can be used by the individual to find, locate detect
hacking activity or evidence of hack?

 

[pegasis]

I know I was hacked, but I am not going to be too specific.

they hacked into my yahoo account, because I called yahoo and said why can't I log in.

They told me, you have activity coming from Russia in your yahoo account.

1.2 billion account have been hacked

and they did a preliminary scan and found something


so my question still is; what tools can be used by the individual to find, locate detect
hacking activity or evidence of hack?

 

[Elixer]

I know I was hacked, but I am not going to be too specific.

they hacked into my yahoo account, because I called yahoo and said why can't I log in.

They told me, you have activity coming from Russia in your yahoo account.

1.2 billion account have been hacked

and they did a preliminary scan and found something


so my question still is; what tools can be used by the individual to find, locate detect
hacking activity or evidence of hack?

You actually need to post specifics, since this does not prove that you were hacked.
It means that you used either simple passwords, or that you use the same password on multiple sites, and there was a breach someplace, or they got lucky with your password.

So, again, without full disclosure on what is going on, was it only yahoo, or multiple sites, how strong was the password(s), do you run pirated programs, do you allow people to access your machine remotely, did you get a call from Dell/Microsoft/Norton telling you to give "them" access?
I could go on, but, but I hope you see the point here...

Suffice to say if you actually think your system is compromised in some way, like with a key logger, then, the ONLY rational solution is to clean install the OS again.

 

[mikeymikec]

Suffice to say if you actually think your system is compromised in some way, like with a key logger, then, the ONLY rational solution is to clean install the OS again.

Also, on the "clean install", don't run any program files that are on your current installation (e.g. copying an installation program from the old setup to the new one and running it there), install everything from a source that you can have reasonable confidence that it's clean (e.g. the official website), and leave off any software that you aren't very confidence of the source being clean. Of course, there are theoretical ways for malware to survive a clean install but I've never seen them "in the wild".

Personally I think this is just another case of Yahoo getting hacked and that there's nothing wrong with your machine. I bet it was Yahoo that said that they "found something on your machine", because it's a lot nicer for some tech support rep to say the problem is at least partly at your end rather than admitting that the problem is entirely at their end and that they very likely screwed up big time, again. The fact that Yahoo evidently admitted to the OP that 1.2 billion accounts have been hacked (Does Yahoo have this many any more? Did it ever? However, even if the figure is 30,000 it's still their problem).

OP, if you want to indulge in a search for malware with no symptoms to work on, then go for it, but don't expect a definitive conclusion at the end of it. Run a full scan with your virus scanner, download Malwarebytes from www.malwarebytes.org (free version, don't sign up for a trial) and tell that to run a custom scan, tick all of your drives and tick the rootkit option. You could also then try removing your anti-virus scanner and putting on another free one such as avg (avg.com) or avast (avast.com) and telling that to run a full scan.

 

[John Connor]

If you want to prevent being "haxxed" you need to learn how they do it and stay up to date on all the tools and tricks of the trade. Twitter has people that share info. Start with Sans and ask questions in Google and learn. Like, do you think your DNS can be poisoned at a hotel? Google that. Then learn how to combat it. There are many facets to "haxxing."

 

[John Connor]

...or just buy a Captain Crunch whistle. Go to DEFCON in Vegas every year and, well learn.

 

[Fardringle]

Did you pay Yahoo support a fee to check your computer? If so, the 'hack' was probably the fake support number you called (not Yahoo) since Yahoo support - what little they still have - consists primarily of resetting email passwords and (rarely) recovering accidentally deleted email messages.

 

[HeXen]

Server got hacked? If so that's on Yahoo's end, nothing you can do except change passwords after you assume they acknowledged and fixed the breach.
On computers the safest and quickest imo is just to do a complete reformat and always keep backups on a separate, portable HD. I never keep anything on a Windows drive and use 1pass for my browser passwords but then again I don't browse the web with Windows.

 

[Fallen Kell]

I know I was hacked, but I am not going to be too specific.

they hacked into my yahoo account, because I called yahoo and said why can't I log in.

They told me, you have activity coming from Russia in your yahoo account.

1.2 billion account have been hacked

and they did a preliminary scan and found something


so my question still is; what tools can be used by the individual to find, locate detect
hacking activity or evidence of hack?

Well, your email account getting hacked and your computer getting hacked are possibly two completely different things. Your email could have been hacked and your home computer may be completely safe and have been untouched. Or your home computer may have been hacked leading to the breach of your email account's password.

As stated, without more information it is hard to tell which is the case. Most likely case is that your email password was compromised due to weak password, shared password (with another site which was hacked), or flaw in yahoo's systems which allowed for the breach.

Now that doesn't mean your computer wasn't hacked, but usually such a hack of a home system would not expose itself just to access some random person's email (if you are a celebrity, or high ranking business owner, or political figure, well, then yes, they might just do it to access your email). They would much rather stay hidden on your system and install rootkits and keyloggers to capture things like online banking information and then use it to transfer money (most likely buying bitcoins and then transferring them). An email account of Joe Random user is worth like $0.001, but their banking information might be worth a few hundred dollars.