computer security question

Shadow250 · Post by **Shadow250** » Wed Mar 02, 2005 8:58 pm

hello, ive recently had a talk with a person from the uk that has left some questions in my mind about hacking. this person claims that she has been hacked by somene in the uk while living here, (this i know is possible) but the kicker is that this hacker destroyed the hardware like cpu and mobo and had a black screen of death. to my knowledge this isnt possible? they have winxp. ive tried searching google and msn and found nothing on this subject. also they said linux is so easy to hack that a complete newb could hack it. i think linux isnt that easy or why would people from pca use it.

wvjohn · Post by **wvjohn** » Wed Mar 02, 2005 9:13 pm

not hard for a hacker to get control of an unsecured machine and install a program that saysyour cpu is dead or maybe even erase the bios - while technically possible to do something to the hardware very very unlikely IMO

Shadow250 · Post by **Shadow250** » Wed Mar 02, 2005 9:26 pm

i thought as much but anyone else who wishes to offer their opinion please do so. also to help with her hacking problem i told her to update her xp and virus defs and get a spyware remover (ms anti spyware) and to get a hardware firewall. i havent had much trouble with hacking so this is new territory for me kinda so i wonder if i gave sound advice and if there is any other advice i could give her.

TruckStuff · Post by **TruckStuff** » Wed Mar 02, 2005 10:35 pm

Your "friend" needs to format and reinstall. Once a box has been compromised, you can't trust it, period. If the box has truly been compromised, they can install backdoors, trojans, etc, etc, etc, that makes sure they can get back in anytime they want to.

Regarding your linux security question earlier, all I will say is this: *ANY* computer is only as secure as the admin that takes care of the box makes it. You can take the most secure OS in the world abd if you put a dumb-ass admin behind it, it will be compromised. Likewise, if you take a really crappy OS and have the right person lock it down, it will be very difficult (maybe not impossible) for anyone to break in.

Shadow250 · Post by **Shadow250** » Thu Mar 03, 2005 11:29 am

i did ask her if she had it reformatted and she said that "i ran a military grade format on it" i assume that is writing all 0's and 1's alternatly several times. probly this hacker is getting into her machine through a unprotected exploit, maybe the messenger service or the guest account maybe, or whatever i dont know all the unprotected ways they can enter.

TruckStuff · Post by **TruckStuff** » Fri Mar 04, 2005 10:12 am

Originally posted by Shadow250
i did ask her if she had it reformatted and she said that "i ran a military grade format on it"

WTF does that mean? If she thinks someone is breaking into her box, she needs to reformat and reinstall, period. It doens't matter what she has done in the past b/c it obviously didn't work.

RexHavoc · Post by **RexHavoc** » Thu Mar 10, 2005 8:14 pm

Do the smart thing and spend a little extra on a good firewall and good antivirus.
Next, do a little reading and shut down the un-needed services that windows likes to run on its own.
Alot of XP is stuff that relates to networks and tieing computers together for businesses and workgroups.
If you run a standalone computer, these services can be shut off...not only making you more secure, but
saving resources as well.

Shadow250 · Post by **Shadow250** » Thu Mar 10, 2005 10:54 pm

Originally posted by RexHavoc
Do the smart thing and spend a little extra on a good firewall and good antivirus.
Next, do a little reading and shut down the un-needed services that windows likes to run on its own.
Alot of XP is stuff that relates to networks and tieing computers together for businesses and workgroups.
If you run a standalone computer, these services can be shut off...not only making you more secure, but
saving resources as well.

i know this, but am not sure what xp services to kill. im too cheap to spend actual $$ on xp to play with it. so what i know about it is purely based on its similarities with 2k pro. next you will probly suggest to research how to secure winxp but since sites are going to more graphics even research on my slow dialup is agonizingly slow. anyway she sent it to the uk to have the screen fixed seems like hp woulda fixed it here but who knows with companys.

RexHavoc · Post by **RexHavoc** » Sat Mar 12, 2005 10:53 am

I understand completely...and if you highlight a service...it gives a basic description in the panel on what the heck it is. Some are easy. "Computer browser"...a service to browse through computers on your network.
I'm willing to bet you don't have a network of computers to browse...it can be safely disabled.
"Wireless Zero Support"....if your not connecting any wireless devices to your computer, disable it.
If you really wanna be cautious...write down anything you disable or set to manual. That way, if something doesn't work right, you have a list to go back to and enable again. And do 1 or 2 things at a time..don't make 12 wholesale changes and become lost if your internet stops working.
computer magazines are a wealth of information on stuff like this....Maximum PC.....Computer World...constantly have articles on "How to speed up XP"..."Cutting the fat from XP"...stuff like that.

Post by **FlyingPenguin** » Sat Mar 12, 2005 12:59 pm

A "military grade" format is when you writes zeros to the entire hard drive - a minumum of five times - to completely obliterate the original data. Modern recovery apps can easily recover data from a drive that's only been repartitioned and formatted, or even one that's had zeros written to it with only one pass.

This is very time consuming. A 5 pass write can take several hours - even a day or more on a large drive.

This is HIGHLY recommended before you sell or give away a hard drive that you had personal information on that you feel would be a security risk (think identity theft - lots of people scan used drives for personal data). You need to "shred" your data as well as shred your paper documents nowadays.

It's also good habit to use a "shredder" app to delete important files instead of just putting them in the recycle bin. Lot's of free apps around that do this. I use the Handy Bits file shredder.

HOWEVER a 5 pass zero overwrite is NOT necessary against viruses or spyware. If a full virus scan (preferably booting from another uncompromised drive) doesn't do it then erasing the the partition and reformatting is more than adequate. Any virus/spyware application that existed on the drive before the format is not in any condition to do any harm. The data that makes up the file might still be in there in unused sectors, but it's not organized in a manor that can do any harm to your new OS install.

The ONE exception is Master Boot Record viruses (known incorrectly as boot sector viruses). A regular repartition and format will NOT erase the master boot record, although a zero overwrite will (and one pass is enough). You can also do an FDISK /MBR but this is not recommended.

As noted here: http://www.microsoft.com/resources/docu ... o_oxhc.asp

It's better to just scan the infected drive with a good virus scanner (best to install it in another machine and then do a full scan). All good virus scanners will clean the master boot sector of any viruses.

MBR viruses are pretty rare, however.

but the kicker is that this hacker destroyed the hardware like cpu and mobo

Impossible. A virus can't damage hardware. It can erase your drive, change your CMOS settings (the most extreme case of hardware tampering) and MAYBE if it screws up your CMOS settings it MIGHT (highly speculative) as a secondary effect damage something (let's say the CMOS settings change winds up overclocking or over voltaging your CPU and you cook it after some time). That's a real stretch though.

Most viruses are stopped by good common sense and a good anti-virus program that's kept up to date.

Most spyware can be stopped by just good common sense and a firewall (the default firewall that comes with XP is more than adequate for your average non-techie home user).

Nowadays I would also recommend running SpySweeper or MS Anti-Spyware in the background to block browser hijaack attempts and registry startup tampering.

BEWARE OF FAKE ant-spyware apps! This is very common now. At best they don't do anything at all, at worst they infect you with spyware. I only recommend SpySweeper and MS Anti-Virus now. Adaware and Spybot are also "acceptable"" but in my opinion they are not as good as the others. Adaware in particular seems to miss a lot of things, and they have questionable ethics lately (they seem to be in bed with WhenU spyware). Adaware and Spybot have been off my radar for 8 months now, although I used to rely on both heavily.

HOWEVER NO APPLICATION CAN PROTECT YOU FROM YOUR OWN STUPIDITY.

If you click on a suspicious link in a pop-up ad and your spyware blocker says you're doing something risky, but you click the "allow" button anyway, you're infected and it's your own damn fault.

It is NOT hard to avoid being infected. I print a copy of the following page and give it to my clients who chronically get infoected by spyware: http://soldcentralfl.com/flyingpenguin/ ... _help.html