A Special Message for Common Ground Members

It has come to my attention that email address may be being harvested here for the purpose of distributing unsolicited pornography.  Please remove all references to your email address when visiting.  If you are currently receiving illegal pornographic unsolicited email, please send a PM (Personal Message) to the Administrator.  My apologies for this inconvenience.

Author Message Common Ground / Security Blanket - Computer Questions / hacker file found on my system Mousefan Cast Member Posts: 111 Registered: Aug 2002  Posted 09-07-02 01:20 PM                 Thanks to MidNite for suggesting I download Neotrace. I did that and traced some of my intruders back to their original IP addresses. This traces WAY beyond what I was able to get from the online reverse IP tracers. When I downloaded it from download.com, they also suggested downloading a program called PestPatrol. This program is supposed to detect spyware and other hack-ware things that antivirus and firewall programs may not catch on your system. Well, it detected a high-threat file and provided me with the following information about it: Pest: IIS4Hack Category: RAT Description: Fix to allow .htr files. The filter patch will limit all .htr requests to 255 characters. A Remote Administration Tool, or RAT, is a Trojan that when run, provides an attacker with the capability of remotely controlling a machine via a "client" in the attacker's machine, and a "server" in the victim's machine. Examples include Back Orifice, NetBus, SubSeven, and Hack'a'tack. What happens when a server is installed in a victim's machine depends on the capabilities of the trojan, the interests of the attacker, and whether or not control of the server is ever gained by another attacker -- who might have entirely different interests. Infections by remote administration Trojans on Windows machines are becoming as frequent as viruses. One common vector is through File and Print Sharing, when home users inadvertently open up their system to the rest of the world. If an attacker has access to the hard-drive, he/she can place the trojan in the startup folder. This will run the trojan the next time the user logs in. Another common vector is when the attacker simply e-mails the trojan to the user along with a social engineering hack that convinces the user to run it against their better judgment. Link to more info about this file: http://research.pestpatrol.com/file...4Hack&Source=PP -- Apparently I got this file on my system because at one point I downloaded some trace utility that I never figured out how to use. I didn't realize it also contained a file that would allow other people to get data off my system in turn. So, I've deleted the file and the utility stuff that came with it. Amy [Edited by Mousefan] Lunarlady Cast Member Posts: 1629 Registered: Aug 2002  Posted 09-07-02 03:32 PM                 Thanks for the tip, Amy. I also downloaded the free version and found 15 of these types of files on my system that I missed. A whole week of peaceful bliss, beginning with a giggle and ending with a kiss. Robin Cast Member Posts: 940 Registered: Aug 2002  Posted 09-07-02 06:47 PM                 I downloaded Pestpatrol and found all the 'missing' cookies I couldn't locate before. 2 years of cookies went 'poof' this afternoon. I toss my cookies for Disney. I wonder what inspired this new Disney T-shirt? "I'm right. You're wrong. Any Questions?" Common Ground / Security Blanket - Computer Questions / hacker file found on my system