Solved

detect hackers.... at any means

Posted on 2004-04-08
10
3,914 Views
Last Modified: 2013-11-16
Dear EE..

I am damn piss off with my fren(Hacker)..
he is good in hacking.... and he even tell us that he knows how to crack email passwords but of cos we dunno how he do it..

well.... now he go and crack my another frens yahoo and hotmail password and account... now my fren cannot access to his email account... the Hacker also hack and get our ISP account with password...
Actually I just want to ask.. how that Hacker do that? Does he plan a virus/monitoring tool in my frens computer? As what I heard... both of them are dynamic IP and the IP always change.. but yet the stupid hacker can always detect and monitor my fren when he is online and even change some of my frens computer settings... well this situation getting serious as my fren's dad is a head of police department and the cyberlaw do apply here,...

Now what we need is sufficient prove to DETECT the hacker... but he use dynamic IP as normal dialup..how to detect them? even if detect? we can proof that the location is in his house?
is time to sue him.. for his pissoff action... HELP...
0
Comment
Question by:joely2k
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 50 total points
Comment Utility
>>Actually I just want to ask.. how that Hacker do that? Does he plan a virus/monitoring tool in my frens computer

For obvious reasons we cannot tell you how to do this!

however a key loginng program on your PC will be able to capture your keystrokes this is no big secret, and getting a Yahoo/Hotmail Password can be done  by a twelve year old - I would suspect your friend is not very technically adept?

First Start Protecting yourself

1. Get Some Firewall Software
ZoneAlarm
The basic version is still free!
http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp;jsessionid=10lfaHFKttIAMkUvvZm1xhWKVLKHVeYPMJpXB1I1UxUpAC2ZioSE!1284415661!-1062696903!7551!7552!1822958594!-1062696904!7551!7552?lid=home_zainfo
Zone Labs offers a complete range of firewall products, from the free ZoneAlarm, to the comprehensive protection of ZoneAlarm Plus, to the ultimate privacy and security tools in ZoneAlarm Pro.

Black Ice Defender
http://blackice.iss.net/
BlackICE teams a personal firewall with an advanced intrusion detection system to constantly watch your Internet connections for suspicious behavior.

Symantec's Norton™ Personal Firewall
http://www.symantec.com/sabu/nis/npf/
Keeps hackers out and personal data in. It makes robust firewall protection easy by automatically hiding your PC on the Internet and blocking suspicious connections. Norton Personal Firewall also protects your privacy by preventing confidential information from being sent out without your knowledge.

McAfee Personal Firewall
http://us.mcafee.com/root/package.asp?pkgid=101&WWW_URL=www.mcafee.com/myapps/firewall/ov_firewall.asp
Personal Firewall places a barrier between the Internet and your PC, helping to block hackers from accessing your computer and allowing you to digitally 'fingerprint' trusted applications. Every time your computer is probed or attacked, you get detailed reports and clear follow-up options.

2. Get some Decent Spyware Protection

Spyware & Adware

What is Spyware?

Spyware is ANY SOFTWARE which uses a user's Internet connection in the without the user knowledge. Although Software Firms and Web pages that launch this "code" on your PC are required to ask your permission many don’t! ANY SOFTWARE communicating across the Internet from Your PC without your knowledge is guilty of information theft and is rightfully termed: Spyware.

What is Adware?

Adware is basically any application in which advertising banners are displayed while the program is running. This is built in to the coding of the Software that delivers the Adds to your desktop, these adds are either displayed as pop up windows or through a Banner on the software front end. Many people believe that the revenue earned from this is justification for recouping development costs, which then doesn’t need to be passed to the user.

Adware, Spyware and other unwanted "malware" - and how to remove them
http://www.cexx.org/adware.htm

*****Removal Tools (Freeware) *****

Ad Aware http://www.lavasoftusa.com/software/adaware/
Spy Bot http://security.kolla.de/news.php?lang=en
Trojan Remover :http://www.simplysup.com/
HijackThis http://www.spychecker.com/program/hijackthis.html
Spyware Blaster http://www.javacoolsoftware.com/spywareblaster.html
X Cleaner Free http://www.xblock.com/download-freeware.shtml
 
*****Removal Tools (Shareware & Trialware)*****

Goodbye Spy http://www.topshareware.com/GoodBye-Spy-download-2012.htm
Spy Cop http://spycop.com/products.htm

**********Prevent Browser Hijacking**********
BHODemon (Freeware)
Think of BHODemon as a guardian for your Internet browser: it protects you from unknown Browser Helper Objects (BHOs), by letting you enable/disable them individually. This program is my choice for BHO detection and is highly recommended.
http://www.spywareinfo.com/downloads/bhod/
or
Browser Hijack Blaster http://www.wilderssecurity.net/bhblaster.html

3. Then Get Some AV software AND KEEP IT UPDATED

Virus Checking

If you cant get the PC to boot you will need to scan from Dos
http://www.europe.f-secure.com/download-purchase/tools.shtml



Online (Free) Virus Checking can be done at

SYMANTEC (You must have ActiveX enabled on your browser for it to work!)
http://security.symantec.com/ssc/vc_scan.asp?j=1&langid=ie&venid=sym&plfid=23&pkj=ROSUPWFYJOKMFIDPMSV

Trend Micro (Housecall)
http://housecall.trendmicro.com/

But You really Need some good quality Anti Virus Installed!

FreeWare

AntiDote Lite http://www.vintage-solutions.com/English/Antivirus/Super/index.html
Avast http://www.avast.com/
F-Prot http://www.f-prot.com/products/
V-Catch http://www.vcatch.com/download.html

The BIG Boys in AV

McAfee
http://www.mcafee.com/default.asp

Symantec (or the firm formally known as Norton)
http://www.symantec.com

Sophos (This Protects My Corporate Network)
http://www.sophos.com/

Command
http://www.commandsoftware.com/


4. If you dont use personal passwords on your PC - Get in the habit of doing so, get yourself an EMail account with a webmail provider, other than Yahoo,Hotmail Altavista etc,

5. Punch your Friend  (hard) in the face

Pete
0
 

Author Comment

by:joely2k
Comment Utility
Thanks  you sooo much for the long response..... I appreciated it.... but the main thing is we want to detect his location/IP of the hacker.? possible? marks and credits is surely for you... if I have more points I dun mind allocated :(
0
 
LVL 14

Expert Comment

by:JohnK813
Comment Utility
If you use the ZoneAlarm program PeteLong mentioned, you can monitor all incoming and outgoing connections - IP address, port, etc.  You could also run "netstat -a" or "netstat -an" from a DOS prompt (Start Menu -> Run -> cmd).

If this is as serious as you say it is, and if your friend's dad is with the police, he might be able to go to the ISP (assuming your hacker "friend" is using the same ISP) and see if they can tell you that your hacker friend's account was using that IP address at that time.
0
 
LVL 57

Expert Comment

by:Pete Long
Comment Utility
john is correct

YOur Primary Aim is to get the attackers IP address - which will get you the offenders ISP (as John Pointed out)

Heres a cool tool to impress your friends with when you have the IP
VisualRoute® Personal Edition
http://www.visualware.com/personal/products/visualroute/index.html

Or do it manually :)

Tracing IP addresses and Domain Names


*****Europe*****


Europe - Ripe (Whois) Database - IP Search
http://www.ripe.net/perl/whois

The RIPE Network Management Database (the RIPE Database) contains information about

Allocations and assignments of IP address space
Internet routing
Reverse DNS
Related objects.

The data is put into the database by those who operate IP networks
within the RIPE region. The RIPE NCC supports the operation of the
RIPE Database, but it is not responsible for its contents.

The data is accessible by a whois service (whois.ripe.net).  Thus, the RIPE
Database is sometimes called the RIPE Whois Database.


*****Americas, Caribique and Africa*****


ARIN Whois
http://www.arin.net/tools/whois_help.html


ARIN's WHOIS service provides a mechanism for finding contact and registration information for resources registered with ARIN. ARIN's database contains IP addresses, autonomous system (AS) numbers, organizations or customers that are associated with these resources, and related Points of Contact (POC).


*****Aisia & Pacific Regeon*****


APNIC Whois  
http://www.apnic.net/apnic-bin/whois.pl

APNIC is one of four Regional Internet Registries currently operating in the world. It provides allocation and registration services which support the operation of the Internet globally. It is a not-for-profit, membership-based organisation whose members include Internet Service Providers, National Internet Registries, and similar organisations. APNIC represents the Asia Pacific region, comprising 62 economies


*****Domain Name Tracing*****


NSI Whois Domain-names
http://www.networksolutions.com/cgi-bin/whois/whois

SamSpade
http://www.samspade.org/ssw/

DNSstuff.
http://www.dnsstuff.com


Pete
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 57

Expert Comment

by:Pete Long
Comment Utility
ThanQ
0
 
LVL 1

Expert Comment

by:W2k-User
Comment Utility
I know that it is quite a while since the question was posted, but if you get the free trial version of ZoneAlarm Pro, you can use the Hacker Info tab of the alert help thing.  They try to pinpoint where in the world a "hacker" is.  You have to set it to display all high priority alerts ("that are probably hacker activity").  (http://www.zonealarm.com) [redirects to ZoneLabs]
Also, AVG antivirus is free (http://www.grisoft.com).  

Paul
0
 
LVL 1

Expert Comment

by:W2k-User
Comment Utility
Oh. And one more thing, if you go to GRC.COM, there are some reviews of different firewalls etc., and they say that BlackICE is not very good.  

Paul

* I cannot be held responsible for the opinions of GRC.COM or their affiliates, and do not hold any judgement regarding the performance of BlackICE defender or any related products.  
* I have never used BlackICE defender.  
* All I know is that ZoneAlarm does the job and is free.  Also, AVG has detected viruses on my PC and is also free.  
* There might be other products available that do the jobs better and suit your needs.  
0
 
LVL 1

Expert Comment

by:W2k-User
Comment Utility
Sorry, yet another post from me.  
I know it does not sound very professional from its name, but GeekSuperhero (http://www.geeksuperhero.com) is a good program that stops downloaded programs, viruses etc, from modifying your programs settings.  
0
 
LVL 14

Expert Comment

by:JohnK813
Comment Utility
Kitty,

You'll need to ask your own question.  See here: http:help.jsp#hs3

In addition, a Mod will be by soon to remove your email address(es) and phone number for your privacy.

I'm not too familiar with Hotmail, but have you tried sending a message to abuse@hotmail.com ?
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now