I have a sneaky suspicion...

EmperorMing · Post by **EmperorMing** » 2003-09-25 07:54pm

That my FTP was hacked yesterday. I did a reboot and was prompted for a new password on my own XP box, which is something I had configured not to do. The default home page was set top something really strange, and the system could not get back onto the network or the internet.

At least everything was intact, so I wiped the drive the OS is on and reinstalled.

I had left a certain 'port' open on my router to run the FTP, and it's mosty likely they came in there.

Next time, however...

TrailerParkJawa · Post by **TrailerParkJawa** » 2003-09-25 08:00pm

That sucks. I bet it feels a bit erie to know someone was sneaking around your system.

EmperorMing · Post by **EmperorMing** » 2003-09-25 08:29pm

Yeah, pissed me off a bit.

However, when I set it up, I had no illusions that it was completely safe.

One reason why my boot drive was only 5 gb; easy to wipe in case something like this happens.

I'll bring it back up, just m,ore secure than what it was previously.

Chardok · Post by **Chardok** » 2003-09-25 08:58pm

In the same vein, what IYO, is the best anti-hack/antivirus software? Mcafee? norton? Combo of zonealarm and something else? thoughts?

Faram · Post by **Faram** » 2003-09-26 02:51am

Chardok wrote:In the same vein, what IYO, is the best anti-hack/antivirus software? Mcafee? norton? Combo of zonealarm and something else? thoughts?

Buy a cheap NAT device. Dlink and Linksys has them that eliminates a lot of script kiddies.

I have f-secure as anti virus solution and it works fin for me. I have read a lot of bad things about the latest releases of norton and symantc in general so I would stay avay from their products.

EmperorMing · Post by **EmperorMing** » 2003-09-26 04:27am

Chardok wrote:In the same vein, what IYO, is the best anti-hack/antivirus software? Mcafee? norton? Combo of zonealarm and something else? thoughts?

Hardware out fornt all the way. And set your stuff up in depth.

Router/firewall, internal firewall and such. Lock down the unessecary services. And don't share the drive the OS is on.

Slartibartfast · Post by **Slartibartfast** » 2003-09-26 10:45am

Didn't you run a Windows Update? I think it's the .NET framework that made me see that horrendous Welcome screen until I disabled the extra user it installed...

EmperorMing · Post by **EmperorMing** » 2003-09-27 04:01am

Slartibartfast wrote:Didn't you run a Windows Update? I think it's the .NET framework that made me see that horrendous Welcome screen until I disabled the extra user it installed...

I don't use winbloze update...Or let it use me for that matter.

I would rather drop the patches in myself than let the installer do it.

Einhander Sn0m4n · Post by **Einhander Sn0m4n** » 2003-09-27 04:31am

This is probly academic at this point, but what was the homepage set to? And can you get HijackThis and post a log?

phongn · Post by **phongn** » 2003-09-27 11:23am

What FTP server did you use?

EmperorMing · Post by **EmperorMing** » 2003-09-27 05:11pm

Einhander Sn0m4n wrote:This is probly academic at this point, but what was the homepage set to? And can you get HijackThis and post a log?

Some page I have never visited. And the drive has already been wiped and restored.

EmperorMing · Post by **EmperorMing** » 2003-09-27 05:12pm

phongn wrote:What FTP server did you use?

Bulletproof FTP. I'll reopen shop, just on a higher port...

Psycho Smiley · Post by **Psycho Smiley** » 2003-09-27 07:01pm

Slartibartfast wrote:Didn't you run a Windows Update? I think it's the .NET framework that made me see that horrendous Welcome screen until I disabled the extra user it installed...

Well, I'm glad you posted that, because I just ran an update and didn't know why my system was doing that! Damned Windows...

TrailerParkJawa · Post by **TrailerParkJawa** » 2003-09-28 01:17pm

Chardok wrote:In the same vein, what IYO, is the best anti-hack/antivirus software? Mcafee? norton? Combo of zonealarm and something else? thoughts?

Dont forget to change the factory password for your router. Dont laugh, Ive come across DSL/Cable routers where folks just leave the password what is was out of the box. There are ways to figure out what brand of router you are talking too and then simply guessing the password.

EmperorMing · Post by **EmperorMing** » 2003-09-28 04:35pm

TrailerParkJawa wrote:
Chardok wrote:In the same vein, what IYO, is the best anti-hack/antivirus software? Mcafee? norton? Combo of zonealarm and something else? thoughts?
Dont forget to change the factory password for your router. Dont laugh, Ive come across DSL/Cable routers where folks just leave the password what is was out of the box. There are ways to figure out what brand of router you are talking too and then simply guessing the password.

There are too many peeps that still do that. Thank gawd I run a non-linky router and have the default settings changed.

Xon · Post by **Xon** » 2003-09-28 11:28pm

TrailerParkJawa wrote:
Chardok wrote:In the same vein, what IYO, is the best anti-hack/antivirus software? Mcafee? norton? Combo of zonealarm and something else? thoughts?
Dont forget to change the factory password for your router. Dont laugh, Ive come across DSL/Cable routers where folks just leave the password what is was out of the box. There are ways to figure out what brand of router you are talking too and then simply guessing the password.

My router only accepts connections to the html adin panel from the lan. Not from the internet side.

What type of retard leaves a router remote admin panel accessable from the internet by default!