|
Am I being hacked???
I'm using my laptop at school with a wireless network card in the library. When I check the connection status it shows that i'm constantly sending packets. Is this someone else tapping into my connection or is it normal?
|
How 'constantly'? A packet every few seconds, or lots of packets a second? I assume it's when you're not doing much.
If it's lots of packets a second, get the command prompt and type "netstat -an". Commonest reason I've seen this is being infected with Welchia/MSBlast - your machine will be sending out a lot of packets on port 135 (shows up in the netstat column). For other possibilities, what progs do you have running, what OS? |
its probably just your computer sending it's keep alive signal, making sure that it's still connected every few seconds. like a constant ping.
|
I'm sending lots of packets, somewhere like 50 packets a second. What should I look for in the netstat screen? I just see many different ip addresses. I'm using windows xp, with only internet explorer running.
|
maybe, what OS are you running?
first update your system with windows update next lets close some holes in your system windows 2k xp by default shares your hard drives (all logical drives acualy) so lets close them off create a batch file (make a text document and save it as a .bat) with the folowing code in it: Quote:
you need to run this file each time you load windows because windows reshares these each time. you can also set it to run each time windows loads. this will stp any one who is just playing around. and trying to get in. the best thing you can do is to run a fire wall (Zone Alarm) |
networked computers normally send information back and forward, communication with PnP, RIP, routers, domain controllers etc.
run etherpeek/aeropeek and see what its really doing, having a firewall as the others said is a good thing. 50 a second does sound high for when the system is idling though |
You might have some spyware on your system, or it could be a IM program sending it's signal. It could be windows updating the system clock or downloading something from windows update. I would run a system scan with adaware and/or run a virus scan to know for certain.
Good luck |
There are alot of reasons why a constant signal would be sent. If you run the command "netstat 2" to see what the connection is to. Most likely it is a keepalive, or a connection to a DHCP server
|
Quote:
|
Right after I posted this I checked my email and the school had sent me a notice that I was running an infected computer. I installed the avg program and trying to clean this mess right now.
The strangest part is that I was using the laptop yesterday at school and it was fine, and no messages about viruses. I tried to go to the Trend micro anti-virus site today just before the computer started freaking out. I was hoping to test my computer since I haven't run a virus scanner in a while. This is the SECOND time i've had freaky problems (first time with my home pc) right after going to the trend website. Any chance there's a correlation here? |
unlikely trend scanner is used by millions of people, if you wan tto a bogus site and did it , its possible it could infect it, but if you went to their site highly unlikely.
are you running any sort of kaaza or bearshare etc, sharing apps of any kind ? most virus infections come from either that or emails. since you aren't running either a firewall or a virus scanner, you are toast. next you be telling us you dont use windows update :) note some clever virus programmers made it so that they will detect you installing a virus scanner and disable it, so if it doesnt find anything,try one from a boot disk. |
Rococo - not likely to be the trend site, most worms come in from local machines (as any sensible school will have firewalled off vulnerable ports).
Did the virus scanner find anything? (if not, make sure it's had the latest definition files installed). Otherwise, get the command prompt and type "netstat -an" and copy the results back here. |
ok #1: if you even THINK you're virus-infected or being hacked...
PHYSICALLY DISCONNECT FROM THE NETWORK. if your being hacked, you break their access to your box till you can clear however they're getting in. if it's a virus, you stop infecting other machines. #2: you NEED updated anti-virus software. there's freee stuff. school'll probably provide you with some, for free, also. UPDATE IT REGULARLY. virus software + adaware or other spy-ware removal + firewall + FULLY UPDATED windows == happy, (relatively) safe, computer. :D |
I'm running avg right now, what about a firewall program that uses minimal cpu/memory while working in the background?
|
sygate's free version has always been my first choice:
http://soho.sygate.com/products/spf_standard.htm |
|
Quote:
I have admin access on this machine, in fact there's only one user set up, me. Is "access denied" indicative of a problem? |
the "one user" account doesnt mean you are admin even though you have "admin rights"
its a safeguard in a way, you actually have to log in as "Administrator" (yes, thats the spelling as well) doesnt show up on most normal boots, I know there is another way to show that login but I have it hidden so you can only see it in safe mode. try safe mode then running that bat. should be ok. I think. I've never done this so im speaking in theory. |
| All times are GMT -8. The time now is 05:26 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project