one for the eggheads to explain

[Elewyth(TLSOA)]

right heres the scenario.. yesterday my account was hacked (reported etc..)

heres what i have running please explain to me how i can get a keylogger into my pc without downloading anything and without opening any email attachments.. i have currently on my system the following thingies to keep (or atleast i thought it would) nasty sweaty un-employed teenage hackers out...

1/ Firewall - FireWall-1, Using INSPECT, adaptive and intelligent inspection technology, integrates both network-level and application-level protection to provide the highest level of security, with access control, attack defenses, content security, authentication, and integrated Network Address Translation (NAT). FireWall-1 is integrated into the VPN-1 family of products and managed by Check Point's leading SMART management architecture.

2/ Virus Scan software - McAfee Virus-scan 7.0 Professional .. this sucker picks up pretty much anything activex related, java exploits, cookie exploits you name it, it intercepts and gives me the option to block/delete/ban source address etc..

i havent done any of the following in the last 7days (since i reformatted new HD)
1. no downloads other than game patches from trusted sites (manufacturer only)
2. no emails have been opened (my private email isnt known to anyone but my family)
3. my firewall has NEVER been disabled or turned off.

yet still these fuckers get in... i dont get it... what the fuck is the point of having all these devices if some sweaty little fuktard can still get in and rip you off.....

 

[Darzil]

Well, I'm not an expert, but run SpyBot, AdAware, etc, to see if anything got through.

Best place to keep passwords is not on PC, really. I suspect you know that, though.

Firewalls depend on their setup to be effective. Try getting hold of a portscanner (I'm sure someone can recommend) to see what holes, if any, you have, and take action accordingly.

And aye, incredibly frustrating if you're targetted.

Darzil

 

[Jayce]

There are sites that will portscan your IP address and tell you what ports are open. A firewall is not the be all and end of of security, firewalls are hackable and/or have holes that can be exploited. If you have all ******d facing ports shut/locked down and someone gets through your firewall they will still hit a blank wall. Also running a windows based system/firewall is asking for attacks as most people who hack are Bill haters and thus target windows more. Linux/Unix is not really any safer or less secure but less people try to hack into them. I run windows machines on a local network with my gateway being a non windows machine, ports locked down and then a firewall applied.

I hope you find out how this happened and can get it sorted soon.

 

[Jayce]

Why the hell is the word o u t w a r d filtered out with **'s ???

 

[Alan]

Just because people install a firewall does not mean a keylogger wont trap keystrokes on your PC. Many people can write a small keylogger that caches the keys you press then sends them over an open port (such as 110, 443,80) which are commonly open on firewalls. If someone were to write a keylogger from scratch which isnt impossible this would not be detected by any antivirus software.

not directed at anyone in perticular but..

check your firewall settings - having one is useless unless its configured and monitored

Dont store your password in a file on your PC - if you *MUST* do this then at least store it in a password protected file, and not MS Word as thats commonly used and various document password crackers exist.

Also keep your computer up to date with windows patches, there have been some recently that a firewall would not stop - but give someone access to your pc.

Unfortunatly, if someone is determined to hack a DAOC account the chances are they will... eventualy.

 

[Elewyth(TLSOA)]

thanks for the constructive replies...no my password isnt stored on my pc, so i guess the key logger picked it up when i logged in and stored it.. cant really believe that someone went to all this hassle just to hack my account ans strip it bare... really sad tbh.. just means ill be moving realm cos tbh i dont want to level to 50 in the same realm as a wanker like that... and risk losing it all again.

 

[Danya]

Rather ironic that someone who was flaming others about poor security got hacked tbh.

 

[IainC]

In 99.9% of all the 'hacking' cases that I investigate, there is no actual 'hacking' involved (and no I don't want to hear what the 'proper' definition of hacking is, I'm using it here to mean unauthorised access to files and folders on someone else's computer).
I haven't looked into this case and I wouldn't discuss details even if I had so the following is not aimed at Elewyth or any particular person but to everyone in general.

In nearly every case of a hacked account, the 'hacker' gets access to the account from being given the passwords. No keyloggers, no portscanning or trojans just the account info being handed over or left in a insecure place.

Most often it's a 'friend' who has access to the account so he can use it as a buffbot or crafting bot when the real owner isn't playing. This friend then either gives the info to someone else (without the real owner being aware of this) or keeps the information somewhere really stupid. I once investigated a multiple hacking incident where a group of friends were all sharing their accounts with each other - 12/13 accounts. One of the friends played at a cybercafe and kept all the logins to all the accounts on a piece of paper stuck to the monitor he used everyday. . .

If it isn't a friend or relative with access, then it's usually the info being stored in an insecure place - a webmail address used by several people or with an easy to guess 'secret question' or in a unencrypted text file in a shared folder - I've seen quite a lot of people leave fairly sensitive info in publically accessible shared folders, some file sharing software lets you root around all the files in designated folders and occasionally people leave things that they shouldn't in their shared directories.

As I've said, I've not looked into this particular caseso I'm not saying that any of this applies to Elewyth, it's just a general heads up on account security from a human rather than technical perspective.

 

[Marc]

Rather ironic that someone who was flaming others about poor security got hacked tbh.

As Eleywth said in the afore mentioned post..

You took the words right out of my mouth"

Here is a little gem from him after the original poster, posted about his hacking, who was in the exact same boat as Elewyth....

1. your firewall has jack shit to do with it, regardless of your firewall you either 1. gave your details to someone 2. downloaded a key logger or 3. bought a traded account.. so which was it?

i find it hard to believe that someone would actively tell you their mate hacked you.. theyre either 1. a liar 2. the hacker trying to shit you up or 3. your a liar and your trying to cover up a mistake?... so which was it?

not wishing to sound harsh but your story hardly rings true in any sense of the way you posted it.

 

[Elewyth(TLSOA)]

*snip*
to the sensible posters, it seems this key logger used a port my Firewall didnt cover that well.. although it claimed it did... hmm might have to take that up with the company that makes it... no real harm done.. just less reasons not to play WoW now...

 

[Danya]

LOL such anger. Frankly that sort of childish temper tantrum says a lot more about you than Marc.

Now where did I put that JCB, there's a lot of toys on the floor hereabouts...

 

[Heath]

*snip*

If you know so much about it..why ask us ??. And, do you really think that you would get anywhere with the company when you get a reply you don't like all you do is throw about 10 lines of insults back at them. I had to laugh when i saw it was you that got hacked. not because of the hacking itself, but for all of the useless information you say to others in the same boat. I do believe i often say.."what goes around, comes around". in this case...yep, it does.

You cant expect to bad mouth anyone who has been hacked and call them idiots or liars and then not expect the same to you when you come on here saying you have been hacked.

What i want to know is

yesterday my account was hacked

and

i already know that it was because there was a key logger on my system as it showed up on my virus scan the other morning

So, you are saying you knew it was on there BEFORE you account was hacked??. If so..did you just play blindly??. Ignore the fact it was on there??. If you found a keylogger on your pc, why didnt you do something about it..delete it, get new passwords for game etc. Seems as though you found it and thought "i am untouchable". Instead..you got shaffted. Ah well...could be worse...could have been somebody we all liked !!! :kissit:

Hope you treat the WoW players with a bit more respect than you do the DAoC ones.

 

[SevenSins]

Why the hell is the word o u t w a r d filtered out with **'s ???

Because it's a shite game that attracts a lot of forum spammers.

So www.******.com/ident434?Iwantmycashstashtogetbigger gets asterixed

 

[Boni]

*snip*

I dont know how you can say stuff like that in a technical forum and and not get outright banned.

 

[Marc]

*snip*

Funny, i thought it was you who looked the complete twat. You know nothing about me mr-i-used-to-work-for-a-computer-company-and-know-everything-there-is-to-know-about-computers-which-i-dont-actually-because-people-who-do-actually-know-all-there-is-to-know-about-computers-made-me-look-like-a-fool-in-the-previous-post, so how you can deduce that the size of my brain is equivalent to that of an amoeba is beyond me. And for the record im probably more intelligent than you ever could dream of being. So go play WoW mr-cabalist-3-second-life-tap.

 

[Marc]

I dont know how you can say stuff like that in a technical forum and and not get outright banned.

Because he always acts like this. He gets involved in posts he knows absolutely jack shit about, claiming he is right, until such time someone who does know what they are talking about gets involved and then he starts throwing insults about

 

[Jupitus]

All calm it a bit please......

 

[Chronictank]

such hate

in short:
-firewall
-keep system patched and up to date
-anti-virus with latest definitions

Generally keeps the vast majority of nasties out ur system.


It is impossible to make a computer 100% safe without never connecting it to a foreign network, in reality a technically competant and determined person will be able to eventually gain access to your system if they really want to. But lets face it xx person is highly unlikely to spend 2+ hours trying to get into youre home computer just to get ur daoc details

 

[Elewyth(TLSOA)]

So, you are saying you knew it was on there BEFORE you account was hacked??. If so..did you just play blindly??. Ignore the fact it was on there??. If you found a keylogger on your pc, why didnt you do something about it..delete it, get new passwords for game etc. Seems as though you found it and thought "i am untouchable". Instead..you got shaffted. Ah well...could be worse...could have been somebody we all liked !!! :kissit:

no what i said was on the day (as it turns out) i got jacked.. id done a scan and it had picked up the key logger.. which had until that day (wether it had been on my system longer is a guess) been inactive.. whatever it had been programmed to do it had done it in stealth mode so to speak.. and was only picked up as it became in its active mode.. ive found the port it used to send the info via.. which is quite annoying seeing as the Firewall was set to block this port and was configured correctly.. i can only assume the logger was made to exploit this port and disabled the firewall accordingly.. and no i reported it immediately.. then logged in to see if my account had been touched and it turns out it had been.. as had my friends account which i had used a few day before but he was caught mid-xfer using my account as a staging base to clear my friends account... luckyily he had gotten only asfar as taking 5 of 13p from my mate and that is still on my account ready to be given back once goa have checked any logs to see if he ripped anyone else off...

Ironic?.......... hardly, bad luck?............ no. Do i blame anyone? yes.... i blame the Software companies which i paid my money to who claimed that they knew of most software and any vulnerabilities in their antivirus and Firewall applications....

 

[Danya]

Ironic?.......... hardly, bad luck?............ no. Do i blame anyone? yes.... i blame the Software companies which i paid my money to who claimed that they knew of most software and any vulnerabilities in their antivirus and Firewall applications....

They aren't responsible for user error, if you want to blame someone blame yourself. You can have the best piece of software in the world but it won't help if the user isn't careful. Maybe you should try growing up and taking some responsibility instead of just throwing a tantrum, and lashing out and blaming people at random. you see, that's what differentiates adults from children - the ability to take responsibility for their own actions.

All calm it a bit please......

<nusser Jupitus>

 

[Elewyth(TLSOA)]

ZZZzzzZzzZzZzZzZz blah blah blah

......

 

[Marc]

Well said Danya

Truth hurts doesnt it Elewyth. This is your cue to actually grow a pair.

 

[Elewyth(TLSOA)]

ZZzzZzZzZzZ blah blah blah

......

 

[Brunore]

you guys make me laugh...

How about email.

I know I could *hack* anyones account simpley by having thier email address.

Its not something I would want to do tbh, but its damn easy getting access to someones email account.

Its pretty easy to work out the account/subs login name as well from the persons name.

Anyone with half a brain can find stuff out if they looked hard enough.

 

[Alan]

you guys make me laugh...

How about email.

I know I could *hack* anyones account simpley by having thier email address.

Its not something I would want to do tbh, but its damn easy getting access to someones email account.

Its pretty easy to work out the account/subs login name as well from the persons name.

Anyone with half a brain can find stuff out if they looked hard enough.

My main email addy is just an alias to another box, my email address and domain really dont have anything to do with my real name, ohh and i didnt use my realm name when signing up for DAOC, just abreviated it a bit glad i did now.

 

[UndyingAngel]

thanks for the constructive replies...no my password isnt stored on my pc, so i guess the key logger picked it up when i logged in and stored it.. cant really believe that someone went to all this hassle just to hack my account ans strip it bare... really sad tbh.. just means ill be moving realm cos tbh i dont want to level to 50 in the same realm as a wanker like that... and risk losing it all again.

The probelm is, keylogger might not be your only probelm. there are programs out there where ppl can watch what you are doing.. with out ever being noticed. I know of at least 8 of these.. as we useing them in the education for helping out on site engineers etc. we watch the screen what they are doing the work if somthing goes wrong with a server we can help 24/7 think of it like remote desktop connection but with out loggin you of and you DONT know they are there.

Another possibility is they are intecpting packets from your PC to the HOST(GOA logon server) now Im not sure if GOA use an encrypted logon service or not, mabey a GM can tell us.. but im guessing they wont(ie if its not everyone will be tyring it) if the packets are encryped then depending on the encryption there are plenty of tools out there for breaking 16,32,48,64,118,128,256,512 bit encription etc. etc there are plenty of board collage and university kids just sitting at home doing this for Fun. Makes you think doesnt it.. I'v had to track dont ppl like this is my Job and I can tell u its not easy, I dont know if GOA ever found out who hacked there servers the first time.. but NO one is safe on the Internet you just have to live with the fact there is always someone out there smarter and more board than you are.

One of the best ways to stop ppl hacking your data not easy for the adverage person, is Have a Fallwall. --> Internet gateway PC --> Your network.

This is how a small / large buisness works but on a larger scale. ie.. there will be more than 1 firewall etc... Internet gateway is used incase they get thought the fallway the first PC is that.. unless they can take full control over that they would never see the rest of the Network.. but then you have intrusion software etc.. and a NAT services running. anyway this is going into way to much informion that you need to know.. but im sure you know what I'm getting at here, no matter how much you think you are safe, you are not.

 

[Danya]

Good luck breaking anything over 32 bit encryption on a desktop pc.
If you check 1 million keys per second (which would be pretty damn quick on a desktop) it would take 10 million billion billion years to crack 128 bit encryption (and 128 is the current norm for internet transactions).

 

[UndyingAngel]

Good luck breaking anything over 32 bit encryption on a desktop pc.
If you check 1 million keys per second (which would be pretty damn quick on a desktop) it would take 10 million billion billion years to crack 128 bit encryption (and 128 is the current norm for internet transactions).

32bit and 48bit is quite easy on a desktop PC tho it will take a day or so...
128bit on a Decent Alpha system or Sun station takes anything from 1day to 1 year.. it has been done and proven, as was the case when some school kids in I think it was norway or sweeden hacked into the NASA and Microsoft.

you will also find things like WEP used on wireless access points is very easy to crack 128bit can be done in Just over 24h and 256Bit takes I bleave it was over a week, ill see if I can find the information and post a link if you are intrested.

The more you use technology is the easyer it is to break!

Just over 4 or 5 years ago it was illegal to use 128bit encryption anywhere except the US, because they believe they had control this was again proven wrong when they where hacked into, which is why it is now used access the internet.. because it can be cracked given a little time, and the right tools.

Just because you think you like all the facts etc.. doesnt mean you are right. but then again they say ignorance is bliss

 

[Heath]

Quote:
Originally Posted by Danya
ZZZzzzZzzZzZzZzZz blah blah blah

Quote:
Originally Posted by Marc
ZZzzZzZzZzZ blah blah blah

Just goes to show what a fool you are. Somebody posts something you don't like ar agree with, and your reply is as basic as you knowledge. And, as for quoting a small portion of my post...why not post all of it. Where YOU yourself posetd about a time difference between finding the keylogger and getting hacked. Then suddenly finding out it WAS on the same day !!!. Do you not have a calender in your house??..no date on your watch (although with a Mickey Mouse watch, i doubt it). Or, was it that you would have been made to look a (bigger) twat??. So, you needed to bullshit to save face?. Either way, i really don't give a rats ass. The sooner people like you who give crap info to anyone who you think is inferior to you, leave this forum and never return..the better.

 

[Heath]

no what i said was on the day (as it turns out) i got jacked.. id done a scan and it had picked up the key logger.

So, why post this ??

yesterday my account was hacked

i already know that it was because there was a key logger on my system as it showed up on my virus scan the other morning

So, you didn't say it was on the day..but,,,as it turns out. Read your own posts before you flame.

Ironic?.......... hardly, bad luck?............ no. Do i blame anyone? yes.... i blame the Software companies which i paid my money to who claimed that they knew of most software and any vulnerabilities in their antivirus and Firewall applications....

That one word...MOST..means they don't know of all of them. It could have been one they never heard of. Ever think of that??

And, as somebody said..grow a pair of balls and take some responsibility. Or, do something about it and sue the company and come back to FH to let us know how you got on. I would really love to know (o:
Ironic?...oh yes...very much so
bad luck?...of course...something like that always is
do you blame anyone??...anybody but yourself. That is basically the way i (and most people) see it.

On a side note..if you are gonna stop playing DAoC and move to WoW..can we hope that you will stop posting utter bollocks on FH ?.