?
Solved

how to tell if someone has hacked into your system

Posted on 2010-01-11
7
Medium Priority
?
726 Views
Last Modified: 2013-12-06
i have a computer with several pings to daily from all over the world.
how can i tell if they have got into the system?

thanks
0
Comment
Question by:webdott
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 

Author Comment

by:webdott
ID: 26285244
this is one of the pings:
Event Type: Information
Event Source: WinVNC4
Event Category: None
Event ID: 1
Date:  1/4/2010
Time:  5:10:52 PM
User:  N/A
Computer: MAIN
Description:
The description for Event ID ( 1 ) in Source ( WinVNC4 ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Connections, accepted: 200.175.180.64::xxxx.
it says the connection was accepted?
does this mean they got it?

 
0
 
LVL 17

Expert Comment

by:chuku
ID: 26290571
This error mean nothing
there are many scans out there but it doesn't mean they got in
do you have a firewall or any other security deices and logs?
0
 
LVL 21

Accepted Solution

by:
snusgubben earned 1000 total points
ID: 26290914
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 6

Assisted Solution

by:hmtwins
hmtwins earned 1000 total points
ID: 26297003
Check  Snusgubben suggestion.

A couple of things to find out is you are hacked.

1. check you outgoing connections (netstat -ab) this will show you your connections and what application is running on that connection. If you see any application you don't know investigate it.

2. You can run process explorer to see if any strange application is starting up that you don't know.

3. Update you computer and you application. every application can be used to infect you computer with a keylogger, backdoor etc.

4. Make sure you have a up to dat virus scanner installed

5. If you dont trust is a all. Do the safes thing, make a backup of you files and reinstall you computer (last option)
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 26297847
Just another thought.

Is you computer behind a firewall in a LAN?

Are we talking about a Windows domain?

Leaving VNC open towards the Internet is risky business. There is a VNC v.4.1.1 cracker tool that allowed users to bypass the VNC authentication. So be sure to check your VNC version.
0
 

Author Comment

by:webdott
ID: 26310465
yes it is VNC v4.1.1 free edition.
It is behind a sonicwall firewall. no anti-virus or other on this server
operating system: windows server 2003 r2
i have uninstalled the VNC. the errors have haved stopped in eventvwr
 
0
 

Author Closing Comment

by:webdott
ID: 31675591
thanks
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The purpose of this Article is to provide information for a newly released variant of malware – with the assumption that many EE Members will have need of the information. According to “Computerworld”, well over one million web sites have been co…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question