[RobDar]

someone from this forum...or at least someone hijacking the routing server used by this forum...tried to hack my computer.

[Macky]

Yikes! That doesn't sound good. How did you know this? I sure would like to know how I could recognize if someone was trying to hack my computer. I always update the security system so I hope that is enough protection. Since you said "tried" I'm assuming you were protected. That's good!

[FranMan]

Quote:

Originally Posted by RobDar

someone from this forum...or at least someone hijacking the routing server used by this forum...tried to hack my computer.

A routing server you say? How did they try to "hack" your computer?

[luv4gsds]

How do you know it was from this forum?

[RobDar]

I do not know how my friend does it...
How it works is this...
Have you heard of Hacker Safe??? We know a guy who works for a similar company in Chicago. They do corporate intranet security. He is kind of a anti-hacker hacker. When I go to bed at night or walk away from my computer I set my microsoft IIS ( Internet Information Service) routing information and my hardware firewall to a dummy IP that goes to his "watchdog computer"...
if anyone tries to hack in he knows it and traces the routing information...
he then sends me an email...
and frankly I am not sure what he does is completely legal so that is about all I want to know.
but he emailed with a list of places and routing information the person had been and the last place they visited was here...

[RobDar]

I must also add that this does not mean there is ANY risk here...just that this was one place the person had been...
I should have worded my post beter...
it could as well have been a bot that cruises forums looking for vunerabilities...which I would appear to have because I have an unsecured IIS connection running.

[SFury]

Without seeing the actual report, I can't comment to the accuracy of what you were told. If you were given a hop route, a list of sites that were traveled through, then the names are irrelevant.

Once again, not having seen the list generated by your friend I don't know what he was tracking or saw.

However, I do work in the IT field and I know that most hackers will hop from server to server. What they do is probe potential servers for holes and create a list of which ones that they can hop through. Through various weaknesses within each OS used for server hosting a knowledgable hacker can literally locate and hop through many servers to try and hack into other sites. The fact that the IP address, or url name, for this site showed up is oftentimes meaningless in a hop route. It does mean that the host company that runs the server should be notified that there may be a potential security hole that is being utilized for illicit puposes.

[FranMan]

Quote:

Originally Posted by RobDar

I do not know how my friend does it...
How it works is this...
Have you heard of Hacker Safe??? We know a guy who works for a similar company in Chicago. They do corporate intranet security. He is kind of a anti-hacker hacker. When I go to bed at night or walk away from my computer I set my microsoft IIS ( Internet Information Service) routing information and my hardware firewall to a dummy IP that goes to his "watchdog computer"...
if anyone tries to hack in he knows it and traces the routing information...
he then sends me an email...
and frankly I am not sure what he does is completely legal so that is about all I want to know.
but he emailed with a list of places and routing information the person had been and the last place they visited was here...

First of all what the hell kind of set up are you running at your house? What service of IIS are you using. If I recall right IIS is for FTP and Web serving not routing. The only time windows does routing, as if it was router, is if you have "Internet Connection Sharing" turned on. Which if you have a hardware firewall (prolly linksys) there would be no reason to ICS turned on. I also don't understand why your security guy is having you forward in ports (opening up your firewall to allow traffic in) to send them to your windows boxes and then some how making it to his "watchdog computer". What ports were the attacks on? Where is his watchdog computer? At your place or somewhere else? Your buddy has no way of telling where someone is going to. He would have to be in the middle. Which is call "man in the middle". Unless your buddy has access to routers that run the internet (the user's ISP) he can't tell where someone is going. Now if they hacked in your computer and started going places and your hacked machine was going thru his "watchdog" before hitting the internet then he can see where they are going....

Your story isn't really true, lacking lots of info and you are prolly worrying lots of people that don't know any better.

[Dave|Xoxide]

He was pretty clear that it wasn't our site or even our machine that was hacking his. Though I do agree that there is no reason to be running IIS unless you were hosting a site or files from your own machine, but even then I could think of a few other programs that are more light weight and 100 times more secure.

We do have alot of trolls that hit our site, but the trolls I'm thinking of don't have the capability to hack someone's machine. My guess is the same that was suggested before. Someone scanned a large range of IP address our and his were just a couple of them.

I don't think it's important that he'd point out any reference to our site, this happens hundreds of times each day to every machine hooked up to the web and depending on the level of confidence you have for your local network it should not be this big of an issue.

This site is on dedicated hosting on one of the largest most secure networks, the IT guy I work with keeps our kernel, mysql, php and everything else running the most current stable versions of the software that is out there. I have nothing but confidence with our service.

[peace36]

Hijacking your computer??? Why?? I dont get it. I guess some people pay bills and stuff online maybe they are trying to get credit card and account ## boy, if anyone ever hijacked my computer they would be mad for going through all the trouble just to read my goofy emails and see what I am up to on the dogforums.

[squirt1968]

I had an interesting e-mail, this morning. Couple days ago I private messaged a person concerning the health of a dog and I had an answer in my e-mail. To my knowledge I had checked that admin. could e-mail me but did not check other members. So I went back and erased even for administration to e-mail me. I have no idea how they got my private e-mail. I don't want that as then you don't know what type person can send to your computer. I am not accusing administration I don'/t want anyone to think that. I was just confused by the whole thing

[cshellenberger]

People try to hijack IP's to plant viruses and act in illegal manners. They use others IP's to hide thir own and to make it harder to find out who they are. That's why you have to keep your firewalls and other security programs up to date.

[Curbside Prophet]

Quote:

Originally Posted by squirt1968

I had an interesting e-mail, this morning. Couple days ago I private messaged a person concerning the health of a dog and I had an answer in my e-mail. To my knowledge I had checked that admin. could e-mail me but did not check other members. So I went back and erased even for administration to e-mail me. I have no idea how they got my private e-mail. I don't want that as then you don't know what type person can send to your computer. I am not accusing administration I don'/t want anyone to think that. I was just confused by the whole thing

Sounds to me that they sent you a PM and you received an e-mail notice. You can unclick the default in your Control Panel - edit options - PM section.

[FranMan]

Quote:

Originally Posted by cshellenberger

People try to hijack IP's to plant viruses and act in illegal manners. They use others IP's to hide thir own and to make it harder to find out who they are. That's why you have to keep your firewalls and other security programs up to date.

that's close to being true....

Quote:

Originally Posted by Dave|Xoxide

He was pretty clear that it wasn't our site or even our machine that was hacking his. Though I do agree that there is no reason to be running IIS unless you were hosting a site or files from your own machine, but even then I could think of a few other programs that are more light weight and 100 times more secure.

We do have alot of trolls that hit our site, but the trolls I'm thinking of don't have the capability to hack someone's machine. My guess is the same that was suggested before. Someone scanned a large range of IP address our and his were just a couple of them.

I don't think it's important that he'd point out any reference to our site, this happens hundreds of times each day to every machine hooked up to the web and depending on the level of confidence you have for your local network it should not be this big of an issue.

This site is on dedicated hosting on one of the largest most secure networks, the IT guy I work with keeps our kernel, mysql, php and everything else running the most current stable versions of the software that is out there. I have nothing but confidence with our service.

What I understood from what he said is... Someone that hacked him or tried to hack him also surfs the dog forum. Not that your server was attacking him.

You are right that there are tons and tons of people random scanning the internet to find machines that they can get in to and take control of. I can post up my firewall logs . Once they get in an unscure machine then they do their dirty work from that machine. Cshellenberger, since they are on your machine their attacks come from your IP. They don't steal your IP they take over your machine when they go somewhere it comes from your IP. IP routing and subnetting doesn't allow people to just use IP's from anywhere. You have to be on the right network for the IP range or your packets are going to make it far.

[DOBERMAN_07]

It was me.

I used hacked your bank account and ordered 15 Russian Mail Order brides.

[squirt1968]

Curbside thanks for your response. The message was in my nornal e-mail box. I checked and I had not marked the to receive e-mail except for administration. In case I did'nt understand it I just unchecked that box also. Thanks again. Karen

[cshellenberger]

I didn't know they could actually take over you COMPUTER!!! I'm VERY glad I keep my security UTD. Actually I update at least every other day.

[RonE]

RobDar, may I respectfully ask what your purpose was in starting this thread?

If you suspected that someone from Dogforums might be involved in a malicious attempt to access your computer, it would have made sense to contact the administrator and/or the moderators directly.