A friend called me one day and asked if I would stop by to look at his computer. He said it was running abnormally slow and he had found something on his hard-drive he could not explain. I could almost guess what it was he found. Have I been hacked?
You see, his computer had been hacked. Actually, in his case, his computer had been tagged. Similar to the image you see here.
Tag, You're It!
---------------
The file transfer protocol, commonly referred to as "FTP", has been around for many years. In the early days of the Internet, it was one of the few ways to easily upload and download files from one computer to another. Many commercial operating systems come with an FTP server installed. In other cases, the option for FTP services is selected by a user when they are installing or updating their operating system. If this service is not setup properly, or you don't have an adequately configured software or hardware firewall, it is an open invitation for a hacker or intruder.
FTP Tagging - The most common purpose for someone to compromise your FTP server is for the storage and distribution of illegally obtained software and files. This could include cracked software, stolen movies, audio files, and pornography. Removing this type of contraband from your computer can be difficult, particularly if you are using a Microsoft Windows platform. Hackers use sophisticated scripts to create a maze of directory structures to house their wares on your computer. They may use a combination of names with spaces in them, and in some cases use extended characters (characters outside the normal alpha-numeric range). Deleting these directories through normal means may be difficult, if not impossible, for the average user. Many people wind up wiping their system and re-installing it, and that is if they're lucky enough to find out their system has been compromised.
The above is a perfect example of why the statement, "I'm not worried about being hacked. What do I have that a hacker would want?" is not a good position to take. The fact is, you do have something they want, your computers resources. Why should a hacker store tons of illegally obtained files on their systems when they can use yours.
The Good, The Bad, And The Ugly
-------------------------------
The Good
--------
When I was young I use to spend hours upon hours on the Internet Relay Chat, also know as the IRC. The IRC is another method of Internet communication, which has been around for quite a long time. When I was a frequent user of the IRC, it was just plain fun. You would meet all kinds of people from all over the world. It was the instant messenger of the time.
The Bad
-------
Today, the IRC is a huge communications network. It is made up of thousands of channels, and can be accessed by pretty much any operating system platform. It is also a favorite means of communication for hackers. They can discuss new exploits, methods of compromise, and even send and receive files. Many hacker groups use a cryptic language to communicate with each other on the IRC channels. Unless you know the language constructs they use, their conversations can look like a bunch of nonsense.
There are many exploits, backdoors, and Trojans that effect, or are contained in, the myriad of IRC clients on the Internet. Making sure you choose one that's relatively safe to use is not an easy task. As an example, take a look at this list of IRC safety and security info at irc.org.
The Ugly
--------
It's not just the exploits and security risks associated with using the IRC, which need to concern you. If a hacker is able to install an IRC relay agent on your computer, it can become a conduit through which they communicate and distribute information. In my line of work, I've identified many systems with IRC backdoors or relay agents installed. The only thing the end user typically experiences is a decrease in system performance and Internet access.
Just Open The Door And Let Them In Peer-to-Peer File Sharing
----------------------------------
If a total stranger were to knock on your door, and ask to come in to just hang out for awhile, would you let them in?; Most likely not. If you're using peer-to-peer file sharing software to locate and download files on the Internet, you're opening the door to destruction. Many of the file sharing services and software available on the Internet now tout themselves as being "safe" and "clean". This is as far from the truth as you can get. If you're a regular user of these services, the chance of your computer being back-doored or hacked is significant.
If you have anti-virus software installed (and up-to-date), you've undoubtedly received messages regarding viruses when downloading files from peer-to-peer services. These are not the only things you could be downloading. Many hackers imbed root-kits in files and distribute them using peer-to-peer file sharing. Root kits contain many types of tools used by hackers to gain control over computers. If the installation of the kit on your computer goes undetected and is successful, it's only a matter of time before your computer is completely compromised.
I can't tell you how many times I've found company employees (and technical personnel) using peer-to-peer file sharing services. Any organization that permits this is putting itself at risk. And, the risk is much greater as compared to a single home computer because of the number of potential internal targets.
Conclusion
----------
Of course, the above is just a few examples of different methods and types of computer compromise. There are many ways your computer can be hacked. Your best defense is a good offense along with education and awareness. When you configure your computer make sure you enable only the software and services that you need. Many programs have known exploits and / or require additional steps be taken to adequately secure them.
Don't make the assumption that you are not a target just because you don't think you have anything of interest on your computer.
If our computer becomes unstable or dramatically decreases in performance, don't assume it's just a quirk or that it's time to upgrade.
Make sure you have a software or hardware firewall in place to protect you from the Internet. Your firewall should be configured not to allow anonymous inbound access from the Internet. This is the default configuration for most firewalls, but you should make sure the one you are using is properly configured.
Make sure you have adequate virus and spyware protection, and your pattern signatures are up-to-date. Many anti-virus applications work on a subscription basis. It's not uncommon to find out your subscription expired. If it is expired, your software may not protect you from new and emerging threats.
And, do what ever you can to stay away from any type of Internet peer-to-peer file sharing service. No matter how safe the developer claims it is.
About The Author
----------------
Darren Miller is an Information Security Consultant with over sixteen years experience. He has written many technology & security articles, some of which have been published in nationally circulated magazines & periodicals. Darren is a staff writer for http://www.defendingthenet.com and several other e-zines. If you would like to contact Darren you can e-mail him at Darren.Miller@ParaLogic.Net or DefendTheNet@ParaLogic.Net.
If you would like to know more about computer security please visit us at our website. If someone you know has sent you this article, please take a moment to visit our site and register for the free newsletter at Newsletter Subscribe.
Original URL
------------
http://www.defendingthenet.c
om/NewsLetters/HaveYouBeenHacked.htm
When it comes to reporting Internet scams most of us... Read More
Is your data secure? Think again. Securing data is unlike... Read More
A couple of days ago, I was searching for a... Read More
For many, the daily walk to the mailbox evokes mixed... Read More
The top five online scams on the Internet hit nearly... Read More
Ok, ok, I know you've seen them. All those pop... Read More
If you use emails actively in your communication, you must... Read More
As more people are logging onto the Internet everyday, Network... Read More
Everyone should eliminate spyware and adware from your hard drive... Read More
Phishing is the act of some individual sending an email... Read More
"Dear Bank of the West customer", the message begins. I've... Read More
According to the Anti-Phishing Working Group (APWG) email scams also... Read More
A firewall is a system or gateway that prevents unauthorized... Read More
Geek SuperheroGeek Superhero watches your computer for changes, immediately notifying... Read More
Industrial Espionage. These methodologies are being used on a daily... Read More
Over £5 billion pounds was spent on online shopping in... Read More
The Message Must Get Through The year is 300A.D.,... Read More
If you are a parent, as am I, I think... Read More
A couple of years back, I paid my dues the... Read More
You can detect spyware online using free spyware cleaners and... Read More
1)Spyware is on your system. Like it or not, statistically... Read More
Did you know...? 1 in 5 children who use computer... Read More
Since its birth, the Internet has grown and expanded to... Read More
My first experience with a spyware BHO based infection was... Read More
The Loss Prevention Manager should be receptive to the needs... Read More
Credit card fraud is a growing problem for online businesses... Read More
Your computer is as slow as molasses. Your mouse freezes... Read More
NETWORK SECURITIES: IMPORTANCE OF SECURITIESComputers and securities must form a... Read More
The menacing campaigns that drive the corporate spyware and adware... Read More
When surfing the Internet you probably take your anonymity for... Read More
Have you ever had to call Symantec or McAfee to... Read More
These six ways to prevent identity theft offer you valuable... Read More
History and BackgroundThe virus was one of the first ever... Read More
Before we start, I want to make it clear that... Read More
Spyware protection software is the easiest way of removing spyware... Read More
Computer infections can be broken up into 4 main categories... Read More
Spies, spyware, internet parasites are among what they are usually... Read More
Only the top spyware removers are successful at detecting and... Read More
The menacing campaigns that drive the corporate spyware and adware... Read More
In 1997, I decided after 15 years as a practicing... Read More
It's late. You've been scouring the web for that perfect... Read More
Viruses are, however, not the only malicious software programs out... Read More
Internet is the ocean of knowledge. In this ocean you... Read More
Saturday, MasterCard blamed a vendor of ALL credit card providers... Read More
Monday morning, 6am; the electric rooster is telling you it's... Read More
Geek SuperheroGeek Superhero watches your computer for changes, immediately notifying... Read More
Beware of a New Scam Aimed at Bargain-HuntersTrying to buy... Read More
Today,on most internet user's computers, we have the ability to... Read More
No auntie Sookie, not earth worms, computer virus worms that... Read More
Huge number of spyware software applications are available in the... Read More
Scams involving email continue to plague consumers across America, indeed... Read More
Spelt phishing, but pronounced as above, this despicable act is... Read More
Many of us have run into an annoying and time-consuming... Read More
Today's Internet or World Wide Web is being over regulated.But,... Read More
Some months ago, before there was much publicity regarding phishing... Read More
The Internet is a vast International Network of people and... Read More
It's been with us since 1993, it's gotten more intrusive,... Read More
Spyware, viruses and worms... oh my!If you are connected to... Read More
The first thing people think about when defending their computers... Read More
If you are a parent, you have probably wondered at... Read More
A new variation of the Nigerian Scam theme ... Read More
If you know what is the 'Fishing' then it's very... Read More
First the basic definition of Spyware: It is a type... Read More
Today the internet is a mine field of malicious code... Read More
Ebay is a great site and is used by many... Read More
Have been an Internet user for more than 9 years,... Read More
Internet Security |