Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

hackers are busy tonight

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » The DU Lounge Donate to DU
 
VioletLake Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 08:56 PM
Original message
hackers are busy tonight
I was the target of 4 simultaneous attacks tonight while reading on DU, one coming from a government agency.
Printer Friendly | Permalink |  | Top
Avalux Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 08:57 PM
Response to Original message
1. Really?
Please, don't forego the details. Simultaneous no less?
Printer Friendly | Permalink |  | Top
 
VioletLake Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:02 PM
Response to Reply #1
8. Yes
I can tell you that 2 came from California, 1 from Texas, and the other from D.C.
Printer Friendly | Permalink |  | Top
 
HuskerDem Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 08:59 PM
Response to Original message
2. COOL! I got hit twice yesterday but no feds.........
You must be very very naughty!
Printer Friendly | Permalink |  | Top
 
lildreamer316 Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 08:59 PM
Response to Original message
3. Can I ask a stupid question?
My hubby is the internet genius; he's at work. How can I tell if I'm being hacked? Sorry for the ignorance ;)
Printer Friendly | Permalink |  | Top
 
ogradda Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:02 PM
Response to Reply #3
9. ill sit with you and wait for the answer
i want to know too :)
Printer Friendly | Permalink |  | Top
 
VioletLake Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:07 PM
Response to Reply #3
11. when I had dialup
I didn't have to worry about it, but I switched to DSL which requires a firewall for protection.
Printer Friendly | Permalink |  | Top
 
mcscajun Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Nov-15-04 07:29 AM
Response to Reply #11
38. ALL PCs should have Firewalls...
...not just those with broadband connections.

True, the bastards out there prefer the broadband connections (DSL, Cable) but they also hit the dialups while they're on.

ZoneAlarm is FREE to individuals while companies pay for it, it's top rated, powerful and has an easy user interface. You can pay for premium, too.

Norton Internet Security is not free, but includes Anti-Virus protection and other protection.

BlackICE is not free, less powerful than the two above, but has a very neat Paranoid function. :)

Your choice...but we'll all be safer out here on 'the Internets' (see BushCo)if everybody has a firewall, anti-virus protection, stuff like Spybot S&D, Ad-Aware, and maybe even PestPatrol...and y'all keep it UPDated! :)
Printer Friendly | Permalink |  | Top
 
skylarmae Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:00 PM
Response to Original message
4. how do you know - ? - I'm new at this..
Any helpful hints would be appreciated.
Printer Friendly | Permalink |  | Top
 
Liberal Veteran Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:01 PM
Response to Reply #4
7. Black Ice may tell you....
....but not if you are behind NAT.
Printer Friendly | Permalink |  | Top
 
skylarmae Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:00 PM
Response to Original message
5.  dupe, sorry!
Edited on Sun Nov-14-04 09:00 PM by skylarmae
Printer Friendly | Permalink |  | Top
 
Berserker Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:12 PM
Response to Reply #5
13. Let me guess
You are using Norton right? And if you are it is doing it's job trying to scare you. If a Hacker wanted in your computer do you really think a off the shelf recource hog program like Norton would stop him? Norton is a joke all it does is scare the unknowing computer user into thinking he or she is getting attacked by sub 7 Trojan attacks. Now if you are stopping all those "Hacker" attacks then buying another years worth of fantastic protection from Norton is worth it right? NOT. There are several programs that are free and will do a better job and not drive you nuts with fake alerts.
Printer Friendly | Permalink |  | Top
 
VioletLake Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:16 PM
Response to Reply #13
15. Nice try
but no cigar. ;)

It's not Norton.
Printer Friendly | Permalink |  | Top
 
Tandalayo_Scheisskopf Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:00 PM
Response to Original message
6. Which gubmint agency?
Do you have IP addresses and a description of what you consider attacks?
Printer Friendly | Permalink |  | Top
 
VioletLake Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:05 PM
Response to Reply #6
10. I have IP addresses
and I traced the events. They were recorded by my firewall as blocked attempts to access the computer.
Printer Friendly | Permalink |  | Top
 
VioletLake Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:14 PM
Response to Reply #6
14. I'm not sure it's a good idea
for me to name the agency.

:scared:
Printer Friendly | Permalink |  | Top
 
DBoon Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:25 PM
Response to Reply #14
16. But can you name the firewall?
Is it ZoneAlarm? Sygate?

Or do you have a firewall applicance (instead of a software firewall)?

How were they trying to hack you? A port scan? Trying to login with telnet/ssh/etc.? Were they using some sort of exploit attempt? Trying passwords?

Are you sure it wasn't just a government computer infected with a worm?
Printer Friendly | Permalink |  | Top
 
n2mark Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:28 PM
Response to Reply #16
19. Could this be why my Mac is freezing frequently today?
Printer Friendly | Permalink |  | Top
 
VioletLake Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:29 PM
Response to Reply #16
20. McAfee
I don't know enough to answer your other questions. Here's a basic description for one of the events:

A computer at odci.odci.gov has attempted an unsolicited connection to TCP port 4734 on your computer.
Printer Friendly | Permalink |  | Top
 
RPM Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:33 PM
Response to Reply #20
24. what is ODCI???
anyone?
Printer Friendly | Permalink |  | Top
 
VioletLake Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:36 PM
Response to Reply #24
26. I think...
Office of the Director of Central Intelligence
Printer Friendly | Permalink |  | Top
 
DBoon Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 10:11 PM
Response to Reply #26
31. Hackers will spoof IP addresses
If I were a hacker, I would think it really cool to pretend I was from the CIA.
Printer Friendly | Permalink |  | Top
 
VioletLake Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 10:14 PM
Response to Reply #31
33. I know...
not making assumptions.
Printer Friendly | Permalink |  | Top
 
FuzzySlippers Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 10:52 PM
Response to Reply #26
36. Wow. You must be a really dangerous person.
CIA no less. I'm impressed!
Printer Friendly | Permalink |  | Top
 
VioletLake Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Nov-15-04 06:33 AM
Response to Reply #36
37. Dangerous? lol
Perhaps Porter Goss has the hots for me.
Printer Friendly | Permalink |  | Top
 
DBoon Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 10:09 PM
Response to Reply #20
30. Hmm.
http://www.sys-security.com/html/papers/trojan_list.htm... has a list of trojan horse programs, as does http://www.commodon.com/threat/threat-allports.htm (which also includes lots of legit services). My first thought was some malicious program was trying to contact your computer. Port 4734 isn't listed in either place. And port 4734 isn't a common service someone would try to hack (say if it were 5631 I would say they are trying to find PCAnywhere).

I assume port 4734 is the port on YOUR computer they are trying to get to, not the port they are coming FROM.
Printer Friendly | Permalink |  | Top
 
VioletLake Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 10:12 PM
Response to Reply #30
32. Thanks for checking,
and thanks for the info. As I said, I'm new to the wonderful world of firewalls.
Printer Friendly | Permalink |  | Top
 
snot Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:27 PM
Response to Reply #14
18. I'm not sure I see why not name.
The hackers already know who they are. You're not libeling anyone; you're just reporting what your computer told you, without warranting that your computer is correct.

If anything bad actually happened, it would have been best from an evidentiary point of view and otherwise if you had immediately told your friends who your computer indicated the hackers were.

By the way, I hope my paranoia is completely unwarranted . . . but I suspect there are some Dems. in this forum (and elseshere) pulling together evidence and analysis who should be backing the info up, making copies, AND securing it with trustworthy third parties on a regular basis. Not only as a failsafe; but as a deterrent--if the Reps. know that's what we're doing, there's less temptation for them to try to eliminate stuff that's backed up elsewhere anyway.
Printer Friendly | Permalink |  | Top
 
mvd Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:11 PM
Response to Original message
12. I'm behind a router, so I miss the action
Still, I bought McAfee Internet Security (which includes a software firewall) to block unwanted outbound connections - and for extra insurance.

A couple days ago, McAfee's firewall blocked what looked like a Real Audio probe. But what probably happened is it just closed the connection before the router did.
Printer Friendly | Permalink |  | Top
 
Deja Q Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:26 PM
Response to Original message
17. Wow. Other DUers have reported this sort of thing... I'm
behind a router, but its log shows nothing of consequence. Just DU, a lot of DU advert links, and UT2004 servers as gaming is something of a hobby for me these days; some gamers are cool... not to mention better than me. :D
Printer Friendly | Permalink |  | Top
 
Berserker Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:30 PM
Response to Reply #17
22. So what is this program?
is it a secret?
Printer Friendly | Permalink |  | Top
 
Deja Q Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:33 PM
Response to Reply #22
23. The router, you mean?
It's the gateway to the internet but also allows me to hook up multiple computers. So it's really a gateway router. It's got built-in firewall capabilities too. Generally NAT that hides me from the internet...

Now I could buy an external router and pipe things through, but the consumer ones I'd seen are pointless. That's where software firewalls come in handy. SuSE Linux comes with its own...

Printer Friendly | Permalink |  | Top
 
RPM Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:29 PM
Response to Original message
21. could someone write a technical letter on how to protect from this
I was just smart enough to set up my linksys wireless access point router / am i protected?

Not that they want to read 3 years of lawschool outlines anyway....
Printer Friendly | Permalink |  | Top
 
Berserker Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:39 PM
Response to Reply #21
27. The IP addy's you find
when you look them up are useless. Do you think a hacker would use his real IP addy? Proxy's are used. Alot of people use proxy's to surf the web.
Printer Friendly | Permalink |  | Top
 
lildreamer316 Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:34 PM
Response to Original message
25. Using AVG..
not a blip. How do I tell with this program? Hubby swears by it.
Printer Friendly | Permalink |  | Top
 
Berserker Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 09:42 PM
Response to Reply #25
28. AVG is
a very good Anti-Virus program and not a fire wall like Sygate.
Printer Friendly | Permalink |  | Top
 
VioletLake Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 10:07 PM
Response to Original message
29. Now that they know where I am
they have to decide whether to kill me or just bribe me.

;)
Printer Friendly | Permalink |  | Top
 
Buddyblazon Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 10:19 PM
Response to Original message
34. I use Ricochet...
city-wide wireless. I've never had any messages like that. Am I more...less...or protected the same? BTW, I use Norton.
Printer Friendly | Permalink |  | Top
 
VioletLake Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 10:26 PM
Response to Reply #34
35. I don't know...
Does your firewall keep a log of inbound events? I found out because I check the log a few times a day.
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view 
this author's profile Click to add 
this author to your buddy list Click to add 
this author to your Ignore list Mon Oct 20th 2014, 08:31 PM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » The DU Lounge Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC