Please Help! There is a hacker on my tail.

[cheesygoldfish]

A few days back there was a guy i met who got angry at me and hacked my computer from my IP that he got from my email. At the time, I had no firewalls (not even windows firewall0 He tracked everything I did and told me what i just did through email.

I downloaded zonealarm and ever since, the number of blocked inbound connections has gone up every second I am on the internet. (now at 4000)

My computer is still acting weird. I believe he's still recording everything. I am afraid he steals personal info.

What should I do?? i already bought spy sweeper and kaspersky and scanned everything.

Is zonealarm a bad firewall? What do you reccommend?

Thanks a million.

 

[Harvey]

Zone Alarm and other firewalls report the IP address of your attacker. You can find the ISP at Arin.net. File an abuse complaint with his ISP. Include your log file to show the time and date stamps of his attacks.

If he e-mailed you, the complete header could show the IP address he used. You should also file an abuse complaint with the ISP he used to send the threat. Include the entire message, including a copy of the complete header from that e-mail.

Showing the complete header of your e-mail messages is not the default. If you don't know how to do it, check the help section of your e-mail prog under header.

Good luck.

 

[cheesygoldfish]

Originally posted by: Harvey
Zone Alarm and other firewalls report the IP address of your attacker. You can find the ISP at Arin.net. File an abuse complaint with his ISP. Include your log file to show the time and date stamps of his attacks.

I have zonealarm free. Where do I click to find who tried to access my computer.

 

[cheesygoldfish]

Originally posted by: Harvey
Zone Alarm and other firewalls report the IP address of your attacker. You can find the ISP at Arin.net. File an abuse complaint with his ISP. Include your log file to show the time and date stamps of his attacks.

If he e-mailed you, the complete header could show the IP address he used. You should also file an abuse complaint with the ISP he used to send the threat. Include the entire message, including a copy of the complete header from that e-mail.

Showing the complete header of your e-mail messages is not the default. If you don't know how to do it, check the help section of your e-mail prog under header.

Good luck.

I use gmail. can i find IP with it?

 

[Harvey]

Originally posted by: cheesygoldfish
I have zonealarm free. Where do I click to find who tried to access my computer.

In Zone Alarm, click Alerts & Logs, Log Viewer for your current log file.

The default setting for Zone Alarm is to start a new log file every day and post it in a folder. I believe the default is C:\Windows\Internet Logs. I keep continuing log files turned off to avoid building up a large folder of useless information, and I turn it on when I need the information to address a problem.

I use gmail. can i find IP with it?

You can. If your stalker uses gmail, your SOL because they mask the IP address of the sender in the header.

 

[gorcorps]

Originally posted by: Harvey

Originally posted by: cheesygoldfish
I have zonealarm free. Where do I click to find who tried to access my computer.

In Zone Alarm, click Alerts & Logs, Log Viewer for your current log file.

The default setting for Zone Alarm is to start a new log file every day and post it in a folder. I believe the default is C:\Windows\Internet Logs. I keep continuing log files turned off to avoid building up a large folder of useless information, and I turn it on when I need the information to address a problem.

I use gmail. can i find IP with it?

You can. If your stalker uses gmail, your SOL because they mask the IP address of the sender in the header.

Then how did this guy get the IP of the OP through email?

 

[thawolfman]

Maybe he wants your Nintendo DS....!

 

[GundamSonicZeroX]

Originally posted by: thawolfman
Maybe he wants your Nintendo DS....!

:Q That fiend!

 

[cheesygoldfish]

Thanks for all the replies guys.

When i checked my zonealarm log, all of the blocked (hackers, adware) had a destination IP of (my ip):33333

33333 is my bittorrent port I forward on my router. Is this a vulnerability, should I remove it??

 

[CTho9305]

When you disconnect from a bittorrent network, lots of other clients may still try to connect to you for a while, because they don't realize you quit your bittorrent app. Those aren't actually attacks.

 

[thescreensavers]

i hate ZA I use sygate. When ever I connect to an IRC network my firewall goes off. But I know its nothing o wory about. Sygate tells me the IP exactly in the log and I can back track it.

 

[wheresmybacon]

Originally posted by: gorcorps

Originally posted by: Harvey

Originally posted by: cheesygoldfish
I have zonealarm free. Where do I click to find who tried to access my computer.

In Zone Alarm, click Alerts & Logs, Log Viewer for your current log file.

The default setting for Zone Alarm is to start a new log file every day and post it in a folder. I believe the default is C:\Windows\Internet Logs. I keep continuing log files turned off to avoid building up a large folder of useless information, and I turn it on when I need the information to address a problem.

I use gmail. can i find IP with it?

You can. If your stalker uses gmail, your SOL because they mask the IP address of the sender in the header.

Then how did this guy get the IP of the OP through email?

especially since he uses gmail. this doesn't add up.

 

[Atheus]

Originally posted by: hungfarover
especially since he uses gmail. this doesn't add up.

yea...

cheesygoldfish: can you show us one of these emails you got where he was reporting your activity?

 

[xtknight]

Report his IP to the DoD.

 

[cheesygoldfish]

Sorry, i deleted the message already.

Could he have gotten my IP if I used gmail??

Thanks

 

[Oceandevi]

Where did you meet him? There are programs that make ppl look like scary hackers, but the few I have seen were stopped by anti virus and spyware removal apps.

 

[Atheus]

Why would you delete the message?

Originally posted by: cheesygoldfish
Could he have gotten my IP if I used gmail??

No.

I doubt you have a 'hacker' after you at all.

 

[Kevin1211]

Originally posted by: cheesygoldfish
A few days back there was a guy i met who got angry at me and hacked my computer from my IP that he got from my email. At the time, I had no firewalls (not even windows firewall0 He tracked everything I did and told me what i just did through email.

I downloaded zonealarm and ever since, the number of blocked inbound connections has gone up every second I am on the internet. (now at 4000)

My computer is still acting weird. I believe he's still recording everything. I am afraid he steals personal info.

What should I do?? i already bought spy sweeper and kaspersky and scanned everything.

Is zonealarm a bad firewall? What do you reccommend?

Thanks a million.

you should really contact the authorities. Give them his email address.. Dont be scared! heh

 

[you2]

Well if he's real hacker - you need to reformat your harddisk and reinstall your system. Also, spend $15 bucks and get a hardware firewall - its cheaper than the software crap and more effective. Hum. Oh yea - when you reinstall your computer (which you won't do until after you have a hardware firewall) skip windows and go with something a bit more secure. Maybe dos or system 7. Neither of them support tcp which is guaranteed to leave your system secure.

 

[Lemon law]

I somewhat agree with you2---any hacker worth his salt will have put a back door on your system--and its likely to be hard to find---so nuke the system---overwrite the hard drive with random one and zero's---and reinstall windows---then some sort of multilayered defense is all you need to keep him out---consider Linux as a more secure option---but a standard software firewall, an AV, some spyware apps, and process control should keep even the most determined hacker out. Nothing wrong with adding a hardware firewall.---if you have win XP pro surf with a limited account and a software restriction policy---I am even as I post this---its all in the consolidated security thread---and in John's malware guide.

But you got owned because you had no defense---no need to get so paranoid about overkill.

 

[ArchAngel777]

I see a lot of voodoo talk in here... Doing a low level format is possibly the most ridiculous thing I read in here to *stop* this. Though to be fair, 10 years ago I thought hackers had more power than they really do. I suppose once you work security for companies you sort of figure out that a lot of this stuff is voodoo.

Anyway, good luck... A simple quick format and reinstall of windows will do the trick. I also agree with a hardware firewall.

 

[Ruptga]

I've heard hardware firewalls mentioned before, you all mean a router with a built in firewall right?

 

[ArchAngel777]

Originally posted by: ADDAvenger
I've heard hardware firewalls mentioned before, you all mean a router with a built in firewall right?

Yes

 

[Atheus]

Guys, he already said he has a router, and it's guaranteed to run NAT by default - they all do these days.

Another reason I think it unlikely his system has actually been attacked by an individual. Not because it's particularly difficult to get into a system behind one of these things, but because it requires effort, and it is extremely unlikely that someone who knows what they're doing would go to any kind of real effort to penetrate some guy's home computer.

I think the likely scenarios are:

1) There was a virus of some kind in the original email, the user clicked it, and it then reported the user's activity. Most likely there was never a human involved in the attack.
2) It is all a trick and the computer is not compromised at all.

 

[Atheus]

Originally posted by: ArchAngel777
I see a lot of voodoo talk in here... Doing a low level format is possibly the most ridiculous thing I read in here to *stop* this.

I wouldn't consider a low level format overkill for a serious attack - you want to make sure you get the boot sector and everything, people are getting more clever in where they hide their code. I even heard about someone flashing a malicious firmware onto the graphics card.

Probably not necessary in this case though of course.

Though to be fair, 10 years ago I thought hackers had more power than they really do. I suppose once you work security for companies you sort of figure out that a lot of this stuff is voodoo.

Really? The more I learn the more I realize just how much _is_ possible. Can you give an example?