how to tell if someone has hacked into your system

i have a computer with several pings to daily from all over the world.
how can i tell if they have got into the system?

thanks
webdottAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

webdottAuthor Commented:
this is one of the pings:
Event Type: Information
Event Source: WinVNC4
Event Category: None
Event ID: 1
Date:  1/4/2010
Time:  5:10:52 PM
User:  N/A
Computer: MAIN
Description:
The description for Event ID ( 1 ) in Source ( WinVNC4 ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Connections, accepted: 200.175.180.64::xxxx.
it says the connection was accepted?
does this mean they got it?

 
0
chukuCommented:
This error mean nothing
there are many scans out there but it doesn't mean they got in
do you have a firewall or any other security deices and logs?
0
snusgubbenCommented:
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Hey MSSPs! What's your total cost of ownership?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

hmtwinsCommented:
Check  Snusgubben suggestion.

A couple of things to find out is you are hacked.

1. check you outgoing connections (netstat -ab) this will show you your connections and what application is running on that connection. If you see any application you don't know investigate it.

2. You can run process explorer to see if any strange application is starting up that you don't know.

3. Update you computer and you application. every application can be used to infect you computer with a keylogger, backdoor etc.

4. Make sure you have a up to dat virus scanner installed

5. If you dont trust is a all. Do the safes thing, make a backup of you files and reinstall you computer (last option)
0
snusgubbenCommented:
Just another thought.

Is you computer behind a firewall in a LAN?

Are we talking about a Windows domain?

Leaving VNC open towards the Internet is risky business. There is a VNC v.4.1.1 cracker tool that allowed users to bypass the VNC authentication. So be sure to check your VNC version.
0
webdottAuthor Commented:
yes it is VNC v4.1.1 free edition.
It is behind a sonicwall firewall. no anti-virus or other on this server
operating system: windows server 2003 r2
i have uninstalled the VNC. the errors have haved stopped in eventvwr
 
0
webdottAuthor Commented:
thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.