Hacking: Diagnosis and Prevention

Introduction to diagnosis

The Reality
In this day and age virus's are the least of your worries: hackers and spyware are by far the most virulent and cunning of all online security threats. Let me show you how to declare war on the enemy, by first diagnosing you and your PC's threat, taking the correct course of action and then implementing preventative measures to minimise the risk of it happening again. Online threats are no longer restricted to just bringing down your PC; cybercriminals are now capable of tracking your every move and targeting web sites, such as those of banks, where you log personal data. Understanding the basics of how hackers work , is the first step in arming yourself against your system being compromised.

No PC - and no PC user - is safe from assault. Faster, always on internet connections, make it quick and easy to send or receive information, but the downside of broadband is that it increases the potential for net crime. Larger companies with a healthy bank balance are an obvious target for high-tech criminals, but such denials of service involves banks of computers sending out bogus requests simultaneously. To do this, the hackers need control of multiple PC's and are therefore constantly on the lookout for suitable hosts.
As well as exploiting your PC'sweb connection for destructive acts, hackers may also find the data stored on your PC invaluable. Malware in the form of keystroke-logging software hides itself within your PC and reports everything you type to the person that planted it there. If a hacker takes over your computer, they can have a rummage around for themselves, investigating any unencrypted files or folders, uncovering financial details and any personal data.

Most recently, there have been numerous scams to get you to reveal bank or credit card details (commonly known as 'phishing'). Data searches to find unencrypted passwords are very common too. In the wrong hands, such personal details can be used to 'impersonate' you, take out loans using your good credit rating and so on. There is, however, a number of ways you can protect your computer from virus's, scams and hackers. Lets look at the tools to help you clean up and protect your PC from trojans and other attacks designed to compromise your system.


How to diagnose if you've been hacked
If the icon for modem or network connections shows constant activity even when you are not actively using the internet, you are not necessarily being hacked: automatic updates for Windows and other programs often occur whenever you go online. However, updates that occur constantly are unlikely and, in such cases, your PC may be part of a DDoS. There are several ways to tell if you have been hacked.
1. Keep abreast of when you're online: to display modem/network connection details go to My Network Places and right click on the icons for Dial-up or LAN settings under View Network Connections. Select Properties and tick the box beside "Show icon in the notification area when connected".

Network connections and LAN settings

2. High CPU activity or services: A sluggish computer could be a sign that background applications or services are running, some of which may be malware. To check performance, press Ctrl-Alt-Del and click the Performance tab in Task Manager. When applications are running, the graph for CPU usage will peak quite regularly (mine is at 100%, due to my F@H programs running in the background). Leave the performance monitor on when nothings running. If CPU usage remains high, check under the Processes tab to see which services are running in the background. There is a really informative guide to the legitimate processes that should be running on your PC here - http://www.theeldergeek.com/services_guide.htm

3. Performance logging and alerts: Use Windows XP's more advanced tools to monitor your system. Go to Start-Settings-Control Panel, double click Administrative Tools and select Performance to load the appropriate Management Console. Click Performance Logs and Alert-Alerts, then right click in the empty pane and select New Alert Settings. Give your alert a name and, under the General tab, click Add to include a counter. In the dialogue box that is displayed, select RAS (Remote Access Services) Total and Bytes Transmitted and then, under General, set an alert when the value exceeds the amount you specify. Alerts will now be logged and you can see them by going to the Performance Management Console to view suspicious activity.

Performance logging and alerts
«Prev 1 2 3 4 5 6 Next»

Most Recent Comments

07-07-2005, 06:48:55

FragTek
The second "prometeia" is spelled incorrectly... Just noticed that today :)

07-07-2005, 07:27:31

Jim

The second "prometeia" is spelled incorrectly... Just noticed that today :)



Bugger. Hope i've still got the original of that!

07-07-2005, 08:02:11

FragTek
Looks as if it has been fixed already :)

07-07-2005, 08:24:29

Jim

Looks as if it has been fixed already :)



I don't waste any time mate ;)

07-07-2005, 12:37:33

FragTek

I don't waste any time mate ;)


Apparently thats true! hehe

07-07-2005, 22:27:04

FragTek
Jim I think u have 2 banners in rotation because I'm looking at one with it spelled wrong again yet I saw one with it spelled correctly earlier in the day, lol

08-07-2005, 02:57:10

Jim
You probably just need to clear ur cache mate. There is only one copy of that banner in rotation.

08-07-2005, 05:14:48

Dav0s
woah like instant messaging
Reply
x

Register for the OC3D Newsletter

Subscribing to the OC3D newsletter will keep you up-to-date on the latest technology reviews, competitions and goings-on at Overclock3D. We won't share your email address with ANYONE, and we will only email you with updates on site news, reviews, and competitions and you can unsubscribe easily at any time.

Simply enter your name and email address into the box below and be sure to click on the links in the confirmation emails that will arrive in your e-mail shortly after to complete the registration.

If you run into any problems, just drop us a message on the forums.