Hacked Today

Greetings...newbie here. I opened my laptop today and saw someone had initiated a ftp session on my machine. The hacker was getting a file called 1.exe in my System32 folder. I found the script that was being used which contains an ip address and a user name (perhaps the password as well). I am wondering what is a good, legal way to get back at this hacker. I know I am steaming now, but I feel violated. Luckily, I was able to kill the ftp session before the file transfer was complete.

Any advice? Thanks in advance.

 

Let your ISP and the police direct you on where to go and who to talk to with your info.

 

kookyterp, do you use a hardware firewall in your system?

 

unfortunately I had left things to my router and to my mcafee firewall.

 

There are very few legal ways to get back at a hacker, unfortunately. Notify your ISP about it and try to see if they can track the intruder through their logs and if it matches the information that you found in the script. There are probably tools that you can use to "get back" at the other person, but that could throw you into the same category as the intruder with similar consequences.

 

Hi,

Preferably you would need to make a duplicate of your hard disk and provide this to law enforcement for analysis. They leave traces usually. If this is not possible you will need to document the hacker event in detail and if possible install a scope and let him do something while you record the transaction for evidence purposes. Look immediately for all available logs that could document past and present activities and provide this to your local FBI office or whatever enforcement authorities you prefer. They will open an investigation...

Just don't lean to hard on them to get results... and be patient!

If you want more information on what to do you can read an article I posted in our forum, it actually provides a pretty good set of tools and points to many great resources. The post is available here:
http://www.hermes-computers.ca/phpbb2/viewtopic.php?t=79