Firewall Wizards mailing list archives
RE: Help, some one's hacked into my home computer
From: sean.kelly () lanston com
Date: Mon, 17 May 1999 10:56:57 -0400
i'm on a cable modem, i run back officer friendly, stepped away from the desktop for a few hours, came back and saw the alerts. I've done a find on all the files changed today and compared them with the times that they were on. I'm stumped on what to do next. This is happening right now, realtime. Can anybody please respond.
I know zilch about back officer friendly so I'm going to respond just to the rest of the msg. First thing I'd do is get that machine off the net or at least shut down server services such as FTP. If you have valuable stuff on there you might as well start off by keeping them from getting any more than they already have. With any luck you have logs of the event. First step is to collect all the data you have on the attack and if you have an ip address or any other data, contact the domain admin of the attacker's ip -- forward log segments, etc. It may not fix your immediate problems but it may very well at least get the attacker's account revoked. I've gotten accounts revoked for things as simple as portscans and failed nuke attempts so it DOES work. As for your machine. Im afraid the safest thing would be a full reinstall of everything. Reinstall the OS and restore all the data from a backup if you have one. There's a good chance you won't pick up everything they've done to your computer and it's better to be safe than sorry. As for the prevention... get your hands on a 486 and a couple network cards, install freebsd and make the machine a firewall/proxy. This list is a great resource so I won't go into details, but it's possible to have a bit of protection for next to nothing. Sean
Current thread:
- Help, some one's hacked into my home computer Denise Lucas (May 16)
- Re: Help, some one's hacked into my home computer Paul D. Robertson (May 17)
- "Some of you have been asking for this, so here it is." Philip S Holt, Security Engineer / Network Engineer (May 23)
- <Possible follow-ups>
- Re: Help, some one's hacked into my home computer Robert Graham (May 17)
- Re: Help, some one's hacked into my home computer Bill Pennington (May 17)
- RE: Help, some one's hacked into my home computer sean . kelly (May 17)
- Re: Help, some one's hacked into my home computer Andrew Fessler (May 17)
- Re: Help, some one's hacked into my home computer Philip Molloy (May 17)
- Re: Help, some one's hacked into my home computer Bill_Royds (May 17)
- Re: Help, some one's hacked into my home computer Paul D. Robertson (May 17)