Hackers Keep getting in, I know how, but

Discussion in 'Trojan Defence Suite' started by Greg51, Mar 7, 2004.

Thread Status:
Not open for further replies.
  1. Greg51

    Greg51 Guest

    Hacks keep geting in. Here is the current ports that TDS-3 shows open. How do I remove these, when I cannot find all of them in my computer?
    Port 80= WWW-HTTP - WorldWide Web (Hyper Text Transfer Protocol) (RFC 1945) RAT : AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero, RTB666, NerTe, 23,Keylog.ev0,m invisible webserver lite, IIEx, Haan, ItAdEm, Task-X, HTTP

    Now, I hasve found and removed some of these, but I am thinking I need to reformat. This is kinda childish of them to keep hacking my computer, as they will be getting caught, I know, if they continue, but how can I stop them , while the "official" process is in motion?
     
  2. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Hello Greg51
    What kind of firewall do you have and how do you have your settings for it?
     
  3. Greg1951

    Greg1951 Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    13
    I have two firewalls. Norton Sytem works, and they hacked into that in 20 minutes. and blakcIce, and neither seem to be working. I am in an online game community, and they keep getting the hacks in, via either thier web site, or the ventrillo chat program , I do not see the firewalls, as being very usefull. Ideas? I am in need of help, thanks for answering.
    ps., the settings in BlackIce are set to Paraniod btw.
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Greg1951, Unfortunately you are letting them in :( When you open the ports to these gaming areas and chats you have to allow open ports. Which the hackers can tunnel back to you with, setting the rules up this is difficult.

    Any way can you get Autostart Viewer from the DCS site: http://www.diamondcs.com.au/index.php?page=products

    When you run it enable the first three menu items, save it and post the results here so that we can see what is what, they may have dropped other malware on you.

    I have not already, make sure you have Execution Protection running and TDS minimised to your system tray whenever you are on line.

    HTH Pilli
     
  5. Dan Perez

    Dan Perez Retired Moderator

    Joined:
    May 18, 2003
    Posts:
    1,495
    Location:
    Sunny San Diego
    Hi Greg51,

    Welcome to Wilders!

    From your brief notes it seems you are basing your supposition that you are hacked only on the ports listing in TDS. Keep in mind that that facility will try to list every trojan or backdoor that has been known to use the port in question but is not necessarily confirming that one of these trojans is using that port. Especially regards to TCP port 80, this is in all likelihood just legitimate Web traffic.

    If the TDS memory and file scans show no signs of trojans you can usually disregard the port listing indications from TDS. If you want a much more accurate analysis of current network activity you should try loading the trial version of PortExplorer which will give you a far better ability to make judgements on current activity. You can download it from here

    http://www.diamondcs.com.au/portexplorer/downloads/pedemosetup.exe

    Hope this helps,

    Dan
     
  6. Greg1951

    Greg1951 Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    13
    Now that makes me feel better. Whew. I did the scans and nothing is in the machine. Thank you all. I am using the evailuatiuons of the programs, and will be buying as soon as my norton runs out.

    Oh, is there any way to close all ports not in use by the games, or chat rooms?
     
  7. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Greg,
    Port Explorer can close ports individually but so can many firewalls but you may have to dig into their manuals as to how to do it, with PE it is easy point and click.
     
  8. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    >...as soon as my Norton runs out....
    If you are using Norton Anti Virus and if you like it, keep it or replace it with some you like more.
    NAV can not be completely replaced by TDS, as TDS is for trojans, worms, and lots of other nasties, but not for the virus part and JS nasties Norton and other specific AV products cover. So no reason to wait with TDS, keep it beside the other as an extra layer in security, protection, detection and for the many tools in it.
    The DCS programs and tools together make security so much better and complete.
     
  9. DolfTraanberg

    DolfTraanberg Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    676
    Location:
    Amsterdam
    You don't use those two firewalls together at a time, I hope?
    Dolf
     
  10. Marine06

    Marine06 Registered Member

    Joined:
    Jan 5, 2004
    Posts:
    17
    There isnt a need to use two software firewalls at the same time. The potential for problems and conficts increases. Secondly, BlackIce is not a true firewall but more of an intrusion detection system. Do not rely on BlackIce for protection.
     
Thread Status:
Not open for further replies.