Hacking your PC Remotely - Or Securing It!!

AN EXPLANATION OF THE FACTIONS

[ DONATE TO RMN ] [ View Thread ] [ Archive Search Page ] [ RMN Reading Room ] [ CGI Media News Room ] [ SUBSCRIBE TO RMN ]

RMN is Reader Supported

Our Goal for
DEC 8 - JAN 5:
$1,450

Click Widget
or Click Here to contribute.

Checks & Money Orders:

Raye Allan Smith
P.O. Box 95
Ashtabula, OH 44005

Users Online:
39

Who Founded RMNews?

Dewitt Jones' Video
"Celebrate What's Right
With The World"

"When the
Starships Fly!"
Listen at YouTube
The Theme for The Obergon Chronicles
Listen at YouTube
The Obergon Chronicles ebook

RUMOR MILL
NEWS RADIO

CGI ROOM
Common Ground
Independent Media

WHAT ARE
THE FACTIONS?

THE AMAZING
RAYELAN ALLAN

BIORHYTHMS

LOTTO PICKS

OTHER WAYS TO DONATE

moon info

RUMOR MILL NEWS AGENTS WHO'VE BEEN INTERVIEWED ON RUMOR MILL NEWS RADIO
______________

NOVEMBER 2008

Kevin Courtois - Kcbjedi ______________

Dr Robin Falkov
______________

Melinda Pillsbury Hr1
Melinda Pillsbury Hr2
______________

Daneen Peterson
______________

Daneen Peterson
______________

Disclosure Hr1
Disclosure Hr2
______________

Scribe
______________

in_PHI_nitti
______________

Jasmine Hr1
Jasmine Hr2
______________

Tom Chittum Hr1
Tom Chittum Hr2
______________

Kevin Courtois
______________

Dr Syberlux
______________

Gary Larrabee Hr1
Gary Larrabee Hr2
______________

Kevin Courtois
______________

Pravdaseeker Hr1
Pravdaseeker Hr2
______________

DECEMBER 2008

Tom Chittum
______________

Crystal River
______________

Stewart Swerdlow Hr1
Stewart Swerdlow Hr2
______________

Janet Swerdlow Hr1
Janet Swerdlow Hr2
______________

Dr. Robin Falkov Hr1
Dr. Robin Falkov Hr2
Dr. Robin Falkov Hr3

JANUARY 2009 ______________

Patriotlad
______________

Patriotlad
______________

Crystal River
______________

Patriotlad
______________

Dr. Robin Falcov
______________

Patriotlad

FEBRUARY 2009

Find UFOs, The Apocalypse, New World Order, Political Analysis,
Alternative Health, Armageddon, Conspiracies, Prophecies, Spirituality,
Home Schooling, Home Mortgages and more, in:

Rumor Mill News Reading Room Archive

Hacking your PC Remotely - Or Securing It!!

Posted By: loki
Date: Wednesday, 23-Aug-2000 00:54:10
www.rumormill.news/4191

Quite a few people are having serious difficulty with their home PC's. Unfortunately we can't help the server and web sites going up and down, but we can secure our home PC's a little better. Below is some security info that should keep hackers in the dark.
Disclaimer: The information below is for educational purposes only. Use this text to add to your line of security in your home PC. Remember, there is no such thing as security, if they want It��they'll get It.
BO = Super Black Ops Hacker Guy
The only assumption here is that you are running Win95 or better.
Direct Terminal Access -
This means BO wants to actually be AT your PC. This is the easiest way to access a Windows PC. Most attacks will be remote or through trojan horses, explained later.
First, that lock on your door has a 50% or better chance of being "scrubbed" open. Scrubbing is simply using a piece of thin metal or lock pick to rub inside the lock, pushing the tumblers down as twisting pressure is applied to the lock. Give it a try, you might be surprised.
Security Tip: Get a dead bolt and verify its integrity with a professional locksmith.
After gaining access to the PC terminal BO will assume the "High Security" password option is active on your PC. Allowing BO access to Windows only after entering a Password. Microsoft helps Him out here!:)
BO starts up the machine and presses F5 entering into "Safe Mode". At this point no drivers or peripherals are loaded but BO can still copy/paste/delete any file on the PC.
Even simpler, BO brings a Win Startup Disk.
Security Tip: Change the CMOS settings at bootup to only boot from the C: drive. (c: is boot drive) At initial startup there should be a message "to get into setup press F1 or DEL".
You can also set a CMOS password but...To beat this, BO will need to dissassemble the PC and remove the CMOS battery. YOU will know someones been in there.
Security Tip#2: To disable the F5 boot key�First open Windows Explorer and look for the file Msdos.sys under the C:\ Folder. Right click it and click properties. Uncheck Read Only.
Now Open Wordpad then open the file c:\Msdos.sys look for the line [Options]. Underneath this line enter a new line: bootkeys=0 this disables the bootkeys.
So lets say, being a nasty Black Ops Hacker dude, HE wants to make some long distance modem calls.
While in Safe Mode he will Search the PC for "*.pwl" (* being your login name) BO will find the Windows password file. In safe mode BO can rename this file *.bak and reboot without the password. Now all peripherals and drivers are loaded. He can now do anything you could do.
Renaming the file back to *.pwl and the password is enabled and You are none the wiser.
Security Tip: File access, copying, renaming and so one will change the "modified" date and time of that file. You can view this under Start - Find - Files or Folders�Date Tab. If a file was modified when you were at work 1/2 hour ago, you may have been hacked.
Make a habit of checking this info when you return.
There, that wasn't so hard?�
One option BO has while in the PC is to install a Trojan Horse program. Optimally BO would like 3 things to happen:
1. BO wants to know when you sign on the net and where you go.
2. BO wants to know what files you transfer up or download. Including E-mail.
3. BO wants to be able to access/copy/delete files at will.
All Remotely.
Trojan Horse:
A trojan horse is a program that runs in the background and gives the hacker access as above. Some trojans simply e-mail info to the hacker. Such as your password file, keyboard logging when you enter your web based e-mail and the like.
Remember, a Trojan Horse can be e-mailed or copied remotely to your computer as well. "I will get there in a moment"
Some popular Trojans are:
RATs (Remote Admin Trojans)
Back Oriface
ProMail v1.21
Happy 99
DeepThroat
Doly Trojan
Hackers Paradise
Voodoo doll
More Info At: http://www.cert.org/advisories/CA-99-02-Trojan-Horses.html
Security Tip: Downloading a virus scan utility like Mcaffee or Norton Virus is a good way to find and remove these types of programs. Another problem is the Outlook express and Outlook products from, Our Buddy, Microsoft. Through Vbscript programming, a virus can be installed or run simply from opening it.
Remote Access: Through Windows File Sharing -
BO has a program called nbtstat found in DOS�so he goes online then open a DOS window and then type "NBTSTAT -A (ip address)"
You can do this to yourself by first finding your IP address. Goto: Start - Run - Click Browse and find a file under the Windows Folder called "winipcfg.exe" run this program and a dialog box appears�"IP Address" is what we are looking for. Now type: NBTSTAT -A (IP Address above)"
The possible responses are:
"Host not found" - if this comes up then the system can't be hacked
using this method.
Or you may recieve a table:
Name Type Status
------------------------------------------------------------------------
john UNIQUE Registered
Jimmy GROUP Registered
polo UNIQUE Registered
Okay see the little hex numbers? ie.
If the number is 20 then it means file sharing is on. This allows BO to add you PC's Identity to his LMHOSTS file and access your PC over the net. He can also scan forport 139 to see if it is open�this port is for file sharing.
Security Tip: If appears check your own PC, goto: Start - Settings - Control Panel �Click Network. Press the button "File and Print Sharing"�Uncheck both boxes.
Microsoft Networking: GET RID OF IT!!!
BO loves Microsoft and its lack of security. So lets remove this one. Goto: Start - Settings - Control Panel �Click Network
Now click on "Dial Up Adapter" - Properties and Bindings tab. Leave TCP/IP checked, if there is a Microsoft Network box�Uncheck it. Click OK.
Click TCP/IP - Properties and Bindings tab again. Uncheck Microsoft Networking. If this box is empty, your good. Click OK.
You will get a dialog that says "Your Network is not complete�" just click yes. You will get this next time you open "Network" as well, just click yes�Reboot.
You will need to type in your Dial Up password from now on. Microsoft is not saving it anymore.
Ports and Firewalls:
Security Tip: First of all, open another browser and goto: http://grc.com/default.htm
Download the program called OptOut. Its small and won't take long. While that's downloading click on the Shields Up link. Mr. Gibsons web site will check access to your ports and common intrusion techniques. You can click on Test my Shield or Ports and come back here while it works on your PC.
If you download a FireWall later on, install it and don't forget to return to this site and try it out.
Now, Run OptOut to see how many advertisers are peeking in on your browsing and e-mail. Then remove them.
Ports:
Network applications use ports to communicate over the internet while accessing another PC's IP address. Some popular ports are:
File Transfer Protocol (FTP) - 21
Telnet - 23
Finger - 79
SMTP (Mail) - 25
NNTP (Newsgroups) - 119
HTTP (Browser) - 80 (8080)
AIM (AOL Instant Anoyance) - 5190
PC Anywhere - 5632
YAHOO Instant Messanger - 5010
RealServer - 7070
BackOriface - 31337
If your IP was 23.34.45.2 BO would access it like so:
23.34.45.2:21 (FTP)
23.34.45.2:23 (Telnet)
Security Tip: A Firewall blocks these ports and refuses responses to ports that are not in use on your PC, Such as telnet. Win98 does not have a telnet client. You CAN goto the windows folder and type "telnet" and access another machine, but there is no Daemon to reply to a telnet to your machine. (IP)
Here are some Good Firewalls:
Black Ice (Network Ice)
Norton Personal Firewall 2000 (Symantec)
Mcaffee personal Firewall
BO would use a tool such as IP Ultra Scan to scan many IP's Ports and computers to find yours on the net.
Identification:
BO may not have enough info on you yet, so he may look around your PC for info on your name address and e-mail. The system registry may be the first place he looks.
Try this on for size. Goto Start - Run�Browse to the windows folder and click on a file named regedit.exe. Click OK. This will open the registry editor.
Playing with this file can get a little tricky, so stick with the info you DO NOT want on your computer.
Now Click Edit and Find. Try searching for your first/last name, or address, or street, city, maybe a password you use on the net. You may be surprised how much info on you is saved in this file.
When you find something you don't like, In the right window right click it and goto modify to change it. Warning: this may impact some programs, usually the directory tree will tell you what program the info is for. The registry is static so youdo not have to save it, although if youwish to export it before making changes�that might be a good idea.
Encryption:
PGP is the best when it comes to e-mail encryption, but rumors are afoot that any version newer than PGP 2.6 has been comprimised. I don't know if that's true, but the DOS 2.6 version is available on the net. Not to mention, an encrypted file is a red flag to begin with.
I hope this helps to secure more PC's browsing round the net.
You can find more info at: http://www.cert.org/tech_tips/win-95-info.html
-loki