Hacking questions

loufah · Feb 2, 2008

Quote from Bickz:

if you are truly paranoid about this, then i suggest a full re-install after doing a complete wipe of the hard drive. yes, it's a pain in the butt, but the best assurance you can get. had you pulled your hard drive (without booting up) and had it forensically examined, you would have known whether or not it would have been accessed during your absence.

They could also have altered the BIOS. Not sure the typical burglar carries around a collection of altered BIOSes, but the only assurance you have of your computer being safe is to completely replace the computer.

While nothing will stop someone who has physical access to the computer, you can prevent a lot of things by setting a BIOS or boot password so that they can't boot from CD or USB drive. Opening a computer and plugging the hard drive into another device to write malware to it is fairly time-consuming. I think most intruders want to get in and out in a couple minutes.

You may also want to consider installing a surveillance system with cameras, either one that records locally to tape or hard drive (although they could possibly just steal it) or a webcam. When I was burglarized a few months ago I considered putting up a web cam, but the apartment gets up to 90 degrees during the day during the winter and any computer that was powered on 24x7 wouldn't last too long. (I can't leave any windows open - that's how they got in in the first place.)

luckybastard · Feb 2, 2008

Like noted before, if you REALLY are concerned about the possibility of professional hacking, there's only 1 solution: burn your HDD and dump/sell the rest of the computer.

Seriously, there's no way you'll be able to find software that's been installed by a professional hacker. If a true professional has done this, he'll probably has installed a software windows API hook, that manipulates the outcome from several important windows API's. For example, the windows file system can be manipulated to not show certain directory's. The registry functions can be manipulated to not show his entries. The task manager can be manipulated to not show his process ID. Anyway, you get the point .. His 'work' can be completely hidden to the 'user level' of the system.

Only a person with deep understanding of the lower windows operating architecture ("Windows ring 0") could be able to find this for you.

Same goes for the hardware. He could have installed something into your keyboard for example, to transmit the keylogs. Or even installed a custom made network card, that transmits data to his PC.

So again, if you're really afraid of this: burn the HDD and sell the rest of the computer.

loufah · Feb 5, 2008

Quote from luckybastard:

If a true professional has done this, he'll probably has installed a software windows API hook, that manipulates the outcome from several important windows API's. For example, the windows file system can be manipulated to not show certain directory's. The registry functions can be manipulated to not show his entries.

Awhile back, there was an antivirus brand named Dr. Solomon's. It was eventually bought by a larger company. One nice feature was that our subscription included a monthly set of floppies (later, a CD) that were bootable, so you could check your system for viruses without running anything that might hide them.

Is anything like that available today?

Also, to the OP: a number of vendors offer easily removable hard disks. One option is to put the hard disk in a safe when you're not at home.

toc · Feb 5, 2008

'Did the burglar leave a paw print? lol'

HaHahahahahahahahaha!

If the Dude lives in a very expensive area, then he is better of spending a couple of hundred to make sure no fraudulent online activities take place from his PC. Also, better instal some camera based security to make sure if someone played around inside the house.

maxpi · Feb 5, 2008

Security is a bitch.... just getting a trading machine secured from internet threats is easy really. You install a hardware firewall that can whitelist urls and set it up so it only can hit the things you need. My whitelist has a total of 3 url's, that's it... securing against the event when somebody has physical access is another story, putting the hard drive in a safe seems like a good suggestion for that, if not the whole cpu, what the heck, use a laptop and put the whole thing in a safe when you are gone... use separate machines for financial stuff, trading stuff, and web surfing [apple] with separate hardware firewalls.. whitelist the trading and financial machines and blacklist the surfing one...

On the fun and adventure side, do some human engineering and have a "stealable" trading machine with some losing strategies on it while you're at it, maybe have one that will email you it's GPS location even when not powered up.... tell you it's location every minute as long as the battery lasts, I always thought it would be fun to knock on somebody's door with the boys and give them the option of a 911 call and big attorney fees or my property and $2500 back, and some free drinks and small talk while we're at it....

eastside · Feb 14, 2008

Quote from luckybastard:

Like noted before, if you REALLY are concerned about the possibility of professional hacking, there's only 1 solution: burn your HDD and dump/sell the rest of the computer.

Seriously, there's no way you'll be able to find software that's been installed by a professional hacker. If a true professional has done this, he'll probably has installed a software windows API hook, that manipulates the outcome from several important windows API's. For example, the windows file system can be manipulated to not show certain directory's. The registry functions can be manipulated to not show his entries. The task manager can be manipulated to not show his process ID. Anyway, you get the point .. His 'work' can be completely hidden to the 'user level' of the system.

Only a person with deep understanding of the lower windows operating architecture ("Windows ring 0") could be able to find this for you.

Same goes for the hardware. He could have installed something into your keyboard for example, to transmit the keylogs. Or even installed a custom made network card, that transmits data to his PC.

So again, if you're really afraid of this: burn the HDD and sell the rest of the computer.

lucky -

Do you know where I can read more about the hidden keystroke logger & how to check for it ??? I already did the things I found in the search results & did not find anything.

Please post if you have any links. Thank you.

Banjo · Feb 14, 2008

http://www.snoopfree.com/PrivacyShield.htm

eastside · Feb 14, 2008

Thanks Banjo. What is your experience with this product ??

eastside · Feb 14, 2008

Holy sh#t...I installed & ran it & when I opened yahoo messenger it said "this program is trying to hook your keyboard"

Would this log ALL keystokes or only those in yahoo messenger ???

Any way to prevent someone from getting id's & passwords for email ??? Or do you just need to use a more secure service other than yahoo, gmail, etc. ??

Thanks for any help.

blackchip · Feb 14, 2008

Snoopfree seems like the perfect vector for spyware.

One day you'll read about some big free anti-spyware/virus program that turns out to be spyware/trojan.