How To Get Ips Of Hackers?
<div class="IPBDescription">I dunno, you tell me.</div> Long story short: One of my female friends might have a hacker.
I would like to help her, but I don't know how to. I have heard that there is a way to find out the IP address of who is hacking.
So in other words, Do you know how to get the IP of a hacker that is accessing your computer?
I would like to help her, but I don't know how to. I have heard that there is a way to find out the IP address of who is hacking.
So in other words, Do you know how to get the IP of a hacker that is accessing your computer?
Comments
Then find out HOW they got in, fix your gaping security holes, and update your virus definitions. <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif'><!--endemo-->
I'm interested in hearing what he'd recommend. I've heard mixed opinions about any software-based firewalls like ZoneAlarm, McAfee firewall, and BlackICE.
'BlackICE Defender' is a joke. It's a highest-possible-profile... hiding the exploits available on your machine by faking that EVERY OTHER EXPLOIT ON THE FACE OF THE PLANET IS AVAILABLE.
Sounds like a good idea, hiding the incriminating letter with the mail. Problem is... it lights you up like a beacon. You'll have every scriptkiddie whose war-pinger runs across your IP address *flocking* to your machine, seeing it as hugely open with security holes. Sure, the majority of them will beat their heads against the fake exploits. Problem is, with so many drawn to your machine, chances are greatly improved that one of them will find the REAL security hole, and take over your machine. Which is ten times worse, as you *think* it's 'defended'. As noted, BID is a sad joke in security terms.
Not to mention with all those script kiddiots beating on the fake exploits, your bandwidth will be taking the brunt of the hits.. those packets STILL come to you, whether or not the associated commands get through.
Best way to deal with things (without setting up an outright Linux NAT/Firewall) is to put in ZoneAlarm, and then drop Ethereal on top of it. If you think the 'hacker' is on the machine at a given time, bring it up. Log the packets. Turn off EVERYTHING ELSE that uses the network connection, so only the intruder's link will show activity. Then log the stream to find out what they're doing.
Thing is, why does she think she has a <i>cracker</i> attacking her machine? Files changed? Things just screwing up? Make sure that none of her family has access to the machine. It's MUCH easier (and more likely) for a familial member to accidentally botch something while sitting in front of the machine, than it is that someone would be remote-attacking her system.
Er.. unless she does stupid things, like using Internet Explorer to browse (there's code that silently forces software to install and run locally, just from viewing a website) and/or Outlook/Outlook Express for e-mail access (there's code out there that downloads and executes hostile software, without even opening the e-mail itself... just checking her e-mail with those pieces of cr*p could have infected her machine with a virus or trojan).
BTW, is there any form of "retaliation" that can be done if you do get a hold of someone trying to touch your... precious? Something as simple as flipping them the bird through ASCI art maybe? <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif'><!--endemo-->
BTW, is there any form of "retaliation" that can be done if you do get a hold of someone trying to touch your... precious? Something as simple as flipping them the bird through ASCI art maybe? <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif'><!--endemo--> <!--QuoteEnd--> </td></tr></table><span class='postcolor'> <!--QuoteEEnd-->
<a href='http://www.securitysoftware.cc/apps.html' target='_blank'>http://www.securitysoftware.cc/apps.html</a>
Slap.
I haven't tested it one bit, but it's the closest and simplest tool I can remember hearing about that fits your wish list. ASCII may be difficult with it, though.
I would like to help her, but I don't know how to. I have heard that there is a way to find out the IP address of who is hacking.
So in other words, Do you know how to get the IP of a hacker that is accessing your computer?<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
You say that she <i>might</i> have a hacker? I'm not doubting your statement, just trying to pinpoint the cause, but why do you/her think it's a hacker?
I'd suggest running an anti-spy/adware program first before going through the hassle of setting up personal firewalls, IP loggers, and so on. The scanning/cleaning programs are fairly common, and work quite well.
After that, a full virus scan with the latest update may uncover something you weren't aware of. Not all viruses are designed to be damaging to a system - some just do annoying things, like making a system seem like it's being hacked, for example.
Those suggestions are given assuming that you're not entirely sure if it's actually a hacker. If you're <i>sure</i> it is, then just ignore this post. <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif'><!--endemo-->
The whois? database might be handy if you get an IP addy..really though, the chances of anyone "hacking" a home PC are minimal, nothing to gain really, more likely virus, trojans, spyware or the aforementioned script kiddies..
Get Zonealarm, not great, but free and functional.
Get AVG antivirus, free for home use, I've been running it for months with no problems, but for gods sake, keep the definitions up to date.
<a href='http://www.grisoft.com' target='_blank'>http://www.grisoft.com</a>
Scan the thing for trojans, there's a free trial of this that you can use for 14 days..
<a href='http://www.anti-trojan.net/en/' target='_blank'>http://www.anti-trojan.net/en/</a>
Check for spyware..regularly
<a href='http://www.lavasoftusa.com/' target='_blank'>http://www.lavasoftusa.com/</a>
Generally, never go near any .exe or .scr files, unless you know EXACTLY what they are , and trust whoever sent it to you..if you use internet explorer ( and lets face it, most people do..), have a good look at your security settings..
And finally, DO NOT "always trust content from Gator.com"!!111
Scan with antivirus software first for trojans and such and adware for spyware.
If someone still gets through all that you have somehow **** off an uber hacker, you may's well unplug from the net right now.
Firewall and Antivirus in one.
(Oh and the XP firewall runs over that as well!)
@Talesin
Both of those problems that you brought up are OLD AND DEAD
Neither of them exist any more, they were both fixed, please do not spread false information <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif'><!--endemo-->
/me is sick and tired of every one ragging on stuff that aint real.
BAH
I use McAfee Desktop Firewall (free for military) <!--emo&;)--><img src='http://www.unknownworlds.com/forums/html/emoticons/wink.gif' border='0' style='vertical-align:middle' alt='wink.gif'><!--endemo--> It's pretty simple to set up, comes with a nice dynamic learning mode, (annoying at times when you're trying to play new games), and has a few nice logging features.
To answer your question-at-hand, though...
netstat in command prompt shows all active connections. Look for anything funny. Also, and I've experienced this one, do a couple of tracerts to different IP's/Domains. Sometimes, the hacker will attempt to re-route all traffic through his own IP address. If you see an IP address returning tracert/nslookup queries that doesn't belong to your ISP, you might want to be a little suspicious.
Slap.
<!--QuoteEnd--> </td></tr></table><span class='postcolor'> <!--QuoteEEnd-->
Has anyone actually used this app?
Just curious, sounds fun.
What... you think MS would trash one of their own possible channels of control, just because some kids found it? No, they put on the equivalent of a 'push-and-turn' top.
ZoneAlarm can be configured to respond to both incoming *and* outgoing network traffic. So it has the ability to block remote attacks. Thing is.. with <i>most</i> trojans, the remote attacker needs to connect in to control it. ZA trips, you lock his *ss off and then perma-block the port in question until you can disinfect the trojan.
On a side note, I distrust anything Norton makes, after a previous version of SystemWorks managed to physically break a HDD during a defrag.
Slap.
<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
Has anyone actually used this app?
Just curious, sounds fun. <!--QuoteEnd--> </td></tr></table><span class='postcolor'> <!--QuoteEEnd-->
Already downloaded Slap!; I've been waiting for an attack and thus far, no necessary retaliation needed. If my friends come up, I'm going to try and ask them to make a test slap on me.
Kind of makes me want to download good ol' ICQ98 too; with the ICQ on my old computer, I use to be able to add anyone I wanted and read anyone's IP.
<a href='http://www.ceruleanstudios.com/' target='_blank'>www.ceruleanstudios.com</a>
(though reading IPs does require a plugin)
If you want to tell us more about your friend's PC config (specifically, the OS and the internet-connection method), I can throw out my more specific $.02. The config changes you make for Windows2000/XP versus Windows98 are pretty different, for example.
I really ought to just write an article about this to go in tandem with the Readyroom.org tuning guide... someday...
Of course, you can always just buy a Cisco PIX Firewall. Those can be had for as little as $5,000 (without the WIC's), and can handle up to 280,000 simultaneous connections at 370Mbps. <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif'><!--endemo-->
in the CISCO room @ my school they have a PIX that is worth oh say $20,000 and our district is to damn inane to use it, becuase a software firewall from Dell is far superior to the networking industry leaders firewall