please someone help me

Discussion in 'Networking and Computer Security' started by janejane, Aug 9, 2004.

  1. janejane

    janejane Geek Trainee

    Likes Received:
    0
    Trophy Points:
    0
    Hello everyone, i dont know what else to do here hoping for a miracle. Here it goes, i have a friend at work who is a computer genius, he fixes my computer when it is broken. I have a funny feeling that he can remotely access my computer and get personal info on me. The reason being is he will mention stuff to me during the course of a day, that no one would know, only me and my computer, can someone help me to see if i can find out if this is possible? please please please help......thanks jane
     
  2. Big B

    Big B HWF Godfather

    Likes Received:
    145
    Trophy Points:
    63
    If it's a broadband connection, make sure you have a firewall. Hardware or software, either one.

    2ndly, password management. Don't allow your browser to save your passwords for you, and change your current ones.

    Also, make sure your anti-virus (you do have one, right?) is up todate.

    What OS are you using, anyway? XP does have some built-in features that would allow someone to remotely manage your PC.
     
  3. Sniper

    Sniper Administrator Staff Member

    Likes Received:
    59
    Trophy Points:
    63
    on your desktop, right click on My Computer and select properties and then select the remote tab! make sure Remote Desktop and Remote Assistance are not selected!

    There are many ways a user can access your computer, that one of many!
     
  4. Anti-Trend

    Anti-Trend Nonconformist Geek

    Likes Received:
    118
    Trophy Points:
    63
    Welcome! As you suspect, your PC 'guru' friend may have left a so-called "back door" in your PC so that he can remotely administrate and/or spy on it. If you want, you can use a free port-scanning service such as GRC.com's Shields Up! It can scan many commonly-used ports to see if they're open, shut or filtered (firewalled). Unfortunately, this will not tell you exactly what is running on an open port, and it can only scan in small increments of 100 ports (you have over 65,000 ports!)

    I am willing to help you a little further than this, if you're willing. I can use the excellent network analysis software "nmap" to thoroughly scan your system, and then report to you exactly what your system looks like to everybody on the Internet. This would reveal whether or not you really do have a back door, and if so, what software/version it is. Of course, this would require some amount of trust, as you know me even less well than you know the individual whom you suspect of spying on you. :rolleyes: I can get your IP address simply from you visiting our website, however I will not proceed with the nmap scan without your implicit approval.

    Now, in all fairness, I do something similar with my clients as well, so that I can help them from the comfort of my own home. But it's only upon prior consent, and only using a very secure service called "OpenSSH". Even then, I only check to make sure there are no major problems and that the system is updating normally. Does this individual deserve the benefit of the doubt in this respect, or are you pretty certain that he's violating your trust by spying on your daily activities? If the latter is the case, we can direct you as to how you might lock down your system so that *nobody* can breach your security. If all this sounds too fishy to you, I understand, so no hard feelings! But, if you decide you'd like my assistance, feel free to reply to this message or IM me at one of the many messanger services listed on my profile. Also, you might want to check out the networking and security FAQ, as there may be some helpful snippets in there for you.

    All the best,
    -AT
     
  5. Tim Wiseman

    Tim Wiseman Geek Trainee

    Likes Received:
    0
    Trophy Points:
    0
    Hi there,

    Ok, this program is pretty handy for things like this:.

    http://files1.majorgeeks.com/files/f670becb6af62308cdbe9f5c6c741855/spyware/hijackthis.zip

    Its called HiJack this and once run it will display everything that is presently running on your PC. If you download it, unzip it, run it and then copy and paste the results back into this forum we should be able to tell if anything is running that allows remote access.

    Its a great tool for seeing exactly what your PC is doing !

    Tim
     
  6. Waffle

    Waffle Alpha Geek

    Likes Received:
    38
    Trophy Points:
    0
    :eek: There's a girl in the forum!! :eek:

    :swt:




    ;)
     
  7. Addis

    Addis The King

    Likes Received:
    91
    Trophy Points:
    48
    if you are using a 3rd party firewall check through the trusted program lists and make sure you havn't let anything suspicious through. then type msconfig into the run box and go to startup. this should show you programs started on boot. the software will probably have left changes in the registry so sift through though this can be difficult.
     
  8. Anti-Trend

    Anti-Trend Nonconformist Geek

    Likes Received:
    118
    Trophy Points:
    63
    Hmm, the reason I suggested an NMAP scan rather than a simple net-service query is that well-crafted trojans, such as many sub-7 variants, actually report themselves to the system internally as Windows components. To the outside though, the service can be seen for what it really is... Now, this isn't true for every little script-kiddie, hex-edited backdoor, but some of the more sophisticated trojans are very sneaky. :nin:
     

Share This Page