x404.co.uk :: View topic - Er WTF...hax0rz issues

x404.co.uk http://www.x404.co.uk/forum/

Er WTF...hax0rz issues http://www.x404.co.uk/forum/viewtopic.php?f=4&t=2223	Page 1 of 1

Author:	Linux_User [ Tue Aug 11, 2009 11:42 am ]
Post subject:	Er WTF...hax0rz issues
OK, here's the scenario. A friend of mine has fallen out with his girlfriend. She has a friend who's fairly techy, but not really more so than most. Anyway, his girlfriend has been able to re-produce his MSN conversations and what websites he has visited. She says her friend (who lives in Oz) is getting the info. My friend runs Kaspersky Internet Security (although he has previously run Avira free edition in addition to Zonealarm) on Windows XP SP3. Now, a virus scan turns up nada. Spybot et al turn up nada. How is he/she doing this?

Author:	saspro [ Tue Aug 11, 2009 11:52 am ]
Post subject:	Re: Er WTF...hax0rz issues
Manual searching over logmein or msn remote assist?

Author:	Linux_User [ Tue Aug 11, 2009 11:55 am ]
Post subject:	Re: Er WTF...hax0rz issues
He definitely doesn't have logmein installed. Remote assistance is a possibility, but I don't think he's stupid enough to just accept a request. I'm thinking possibly malware/rootkit distributed via MSN?

Author:	forquare1 [ Tue Aug 11, 2009 12:08 pm ]
Post subject:	Re: Er WTF...hax0rz issues
Does MSN log conversations to the server? If so has he changed his MSN password recently? Does he have a Google account? If so does that log his search history? Has he changed that password recently?

Author:

Linux_User [ Tue Aug 11, 2009 12:13 pm ]

Post subject:

Re: Er WTF...hax0rz issues


	forquare1 wrote: Does MSN log conversations to the server? If so has he changed his MSN password recently? Does he have a Google account? If so does that log his search history? Has he changed that password recently?

His password for both is fairly complex, although you've just raised a good point - I'm not sure how easy his secret questions are to guess, especially for someone as close as his girlfriend.

Author:	saspro [ Tue Aug 11, 2009 1:16 pm ]
Post subject:	Re: Er WTF...hax0rz issues
If she's got access to his machine she can get the logs easily

Author:

Linux_User [ Tue Aug 11, 2009 1:20 pm ]

Post subject:

Re: Er WTF...hax0rz issues


	saspro wrote: If she's got access to his machine she can get the logs easily

What's the best course of action then?

So far we've wiped the machine (boot and nuke ftw!) and re-installed Windows (despite my insistence of using Linux). We've got Kaspersky et al up and running. He's now going to change passwords and secret answers to his account.

Is there anything else we should be doing?

EDIT: I should also make clear that any access to his machine would only be possible remotely. I don't think she'll be remaining his girlfriend anymore either.

Author:	Nick [ Wed Aug 12, 2009 10:39 pm ]
Post subject:	Re: Er WTF...hax0rz issues
Have you nailed down the firewall on the router? Have you also left the modem off for a few hours so he gets a new IP? That should help to shake off the guy in Oz, if it is actually him who is somehow getting the info. He hasn't done something monumentally stupid like leave default access codes for the router and set it to accept connections from the internet? The guy could have got in that way if he has.

Author:

Linux_User [ Wed Aug 12, 2009 10:44 pm ]

Post subject:

Re: Er WTF...hax0rz issues


	Nick wrote: Have you nailed down the firewall on the router? Have you also left the modem off for a few hours so he gets a new IP? That should help to shake off the guy in Oz, if it is actually him who is somehow getting the info. He hasn't done something monumentally stupid like leave default access codes for the router and set it to accept connections from the internet? The guy could have got in that way if he has.

Er, it's a BT Home Hub so I have no idea, it doesn't let you keep the defaults though.

Thanks for the firewall/turning router off tip, I'll pass it on.

As it happens, she's now ex-gf, so hopefully that's problem solved. :lol:

Author:	Alexgadgetman [ Wed Aug 19, 2009 12:09 am ]
Post subject:	Re: Er WTF...hax0rz issues
Well the msn conversations.. do you mean ALL of them with everyone? Or just ones with her (in which case they would be saved on her hard drive, as MSN gives the option to save all conversations you have). Also... you sure it wasnt just a cookie that is tracking her website visiting.. could be transmitted easily enough...

Page 1 of 1	All times are UTC
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/