Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

i may have an intruder 2

Status
Not open for further replies.
redroach

redroach

IS-IT--Management
May 27, 2001
29
GB
the little monitors in the corner of my screen have been flashing for no apparent reason, even if i shut the browser window so that im still connected, but with nothing open they still seem to be flashing, its stoped now but was happening for at least an hour that i know of. the pages i was trying to open were taken forever to load and sometimes i was getting the "this page cannot be displayed message" even though the computer was still connected and the monitors were flashing. the top monitor which i assume represents the the network(or internet) was on constantly.
if it was the case that someone was having a snoop round how can i tell if anything has been messed with. i opened the dos program "netstat -a 2" by typing this in to RUN (as advised in another thread and it address was coming up as a "foriegn address"

any help much appriciated

thanx
jared
 
Sort by date Sort by votes
would i firewall protect me and where can i get 1 for free?
also in "netstat 2" the "state" column says "listening" on almost every line??

shit happening again
im goin offline

pleaase halp

jared
 
Upvote 0 Downvote
Personal firewall software would help you to confirm or deny any unauthorized traffic. You might have some luck with ZoneAlarm, which is free.

You should also scan you system with up to date antivirus software, to detect the presence of any backdoors.
 
Upvote 0 Downvote
thanx for the help,
but do the 'symptoms' ive talked about sound like i had an intruder?

cheers

jared
 
Upvote 0 Downvote
Yes, it sounds like you might have an IRC "Bot". These are viruses which wait until your computer is on the web, and then they connect to an IRC chat room and wait for an anonymous hacker to give them commands. Often these programs are used not to crack your computer, but to use your computer to crack other computers, so the source is never traced back to the hacker.

has a very interesting description of one type of bot, and what the webmaster had to do to deal with hacker's attempts to use these bots to disable his webserver.

Have you installed any new software recently, like a shareware utility? Ofted viruses come masked inside a legitimate piece of software. Another possibility is a legitimite piece of software that has a "spyware" utility built into it. Some software companies have actually placed code in there programs to send information about you back to the company server, or to connect to the server and download banner ads to your system.

Look for a file named "rundIl.exe" (with an I, then an L, not rundll.exe, which is a normal Windows executable).

Yes, you should get an updated virus scanner, then you should install ZoneAlarm ( which will alert you if any piece of software on your system is trying to connect to the Web.
 
Upvote 0 Downvote
thax for the help, the article on was an eye opener (as well as being possitivly scary)i have followed the advice on there and at the mo it looks like my system is fine. before i install zone alarm, are there any updated virus scanners you would recommend?

again i would genuinly like to say thanx,

jared
 
Upvote 0 Downvote
I personally prefer McAfee to Norton Antivirus, since I've been hit a couple of times by viruses that Norton didn't pick up. I know there are many others, but at least McAfee is the old standby.
 
Upvote 0 Downvote
If you go to choose downloads and type in the search box firewalls and hit enter. from there scroll to the bottom of the page and modify it so it only shows free ware. Then about half way down you will fin sygate personal firewall. I been using a this program for awile it's nothing fancy but it will let you know if you have an intruder and stop him and best of all it's free.
 
Upvote 0 Downvote
also when i try to access my dialing locations, dial up phone books or internet connection folders i get a message come up telling me i have an unexpected error, could this also be linked to the origional problem?
 
Upvote 0 Downvote
reinstall, and don't use WIN98...NT or 2000 would be better.. (using NTFS)
 
Upvote 0 Downvote
I've lost my password for ZoneAlarm....is there anyway I can start a new account without knowing my old password? I've uninstalled ZoneAlarm, but it still knows my previous installation.

Any help appreciated

Thank you
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
273
Sameer258
Sameer258
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
237
nnaarrnn
nnaarrnn
Sparrow4
  • Locked
  • Question
AnyConnect + Azure + SAML
Replies
0
Views
235
Sparrow4
Sparrow4
XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
242
XLNTech1
XLNTech1
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
294
Johnkite
Johnkite

Part and Inventory Search

Sponsor

Back
Top