need help with a hacker

Discussion in 'Computer Games and General Discussion' started by Findecanno, Jun 3, 2009.

  1. Findecanno
    OP

    Findecanno GBAtemp Regular

    Member
    283
    0
    Apr 14, 2009
    United States
    My friend is able to hack my computer and pretty much do everything he wants to it remotely. He uses some sort of vnc that allows him to get on without permission. Im sure some of it is done through terminal. He is also able to change my password without knowing the original. Im wondering if theres any way that I can possibly block him from having access? or does anyone have any idea of what programs he using?

    I'm running Linux mint 7 (a variant of ubuntu 9.04) and so is he. He says the software he uses is cross-platform so switching operating systems wont help.
    Any help would be appreciated.
     


  2. coolbho3000

    coolbho3000 GBATemp Kikkoman Naturally Brewed SoySauce Fanatic

    Member
    2,095
    32
    Apr 29, 2007
    Kikkoman Factory
    Unless you know exactly what he's doing, it's hard to help. Is this "some kind of VNC" SSH or something?

    If you can't figure it out, Ubuntu should be fundamentally secure (as far as we know) so just do a reinstall of it and choose a strong root password. And don't give this "friend" physical access to your computer ever again.
     
  3. Law

    Law rip ninjacat that zarcon made me

    Member
    4,132
    217
    Aug 14, 2007
    ‭jerkland
    Punch him in the face repeatedly, then destroy his computer.

    Not much of a friend, really.
     
  4. Wabsta

    Wabsta you fight like a dairy farmer

    Member
    2,500
    71
    Apr 25, 2008
    Netherlands
    SCUMM Bar
    Have you really "seen" ur friend in action?
    Maybe he is just scaring you..

    Cause, as far as I know, linux was the uberleetsecurenonhackableOSevah.
     
  5. SpAM_CAN

    SpAM_CAN GBAtemp Regular

    Member
    279
    0
    Apr 5, 2009
    UK
    Disconnect from the internet, find the VNC client, and diddleete it. Or reformat your hdd, and DO NOT allow him on your network or computer.
     
  6. playallday

    playallday Group: GBAtemp Ghost

    Member
    3,773
    9
    May 23, 2008
    Canada
    [@N@[)@
    Try this is a terminal.

    Code:
    sudo ufw enable
    sudo ufw deny 22
    sudo ufw deny 5900
    sudo ufw deny 5901
    sudo ufw deny 5902
    sudo ufw deny 5903
    sudo ufw deny from 192.168.0.2
    Take out 192.168.0.2 and put his IP in. If you don't know his IP you could remove that line.

    He's most likely gone on your computer and set up remote access for himself. You should tried to find out which program he's using and turn it off.
     
  7. Governa

    Governa Member

    Newcomer
    43
    4
    May 15, 2009
    Alternatively play with IPtables. If you're not comfortable with that, set up a software firewall with outbound and inbound filtering or configure your router and be sure to get all your ports stealth, particularly 5900, 5901, 5902 and 5903.

    Probe your ports to see what is open in your current configuration. Go to http://www.grc.com/default.htm, click on the "ShieldsUP!" link, click on the "Proceed" button, click "OK" on the warning window and finally click "All Service Ports" button. If you're connected directly to the web, this will probe your PC's firts 1056 TCP ports. If you connect through a router, it will probe the router. Act accordingly. Use the "User Specified Custom Port Probe" to scan 5900 to 5903 (default VNC ports).

    Better yet, if your system was already compromised (who knows what is running under the hood... rootkits are common nowadays and hardly detectable), wipe the HD and do a clean install. Do NOT allow anyone to use your machine as root. If your distro allows you to login as root by default, create a limited account with a password only known to you, change the root's default password and log in using your newly created limited account.

    By the way, your friend is not a "hacker", just a smart ass.
     
  8. Frederica Bernkastel

    Frederica Bernkastel WebPerf and PWA advocate; @antoligy on Twitter

    Member
    GBAtemp Patron
    Frederica Bernkastel is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    3,154
    765
    Jan 31, 2008
    United Kingdom
    Hinamizawa
    Sounds a LOT like GoToMyPC.com or LogMeIn.com
    They both can do that. Dunno how windows only programs are running on a linux though. Wine wouldn't help either.

    They way I'd deal with this is very illegal and requires direct access to their PC (or if you're smart enough, a door opened can be crossed in both directions *hint, hint*)

    Get one of the free firewalls, and block incoming connections.

    Sounds a lot like some kind of script kiddie.

    (Finally, the cross platform is a LIE!)

    Of course, since what their doing is illegal, you could just report it to a higher authority (if they are a script kiddie like I guessed, their parents are a good starting point)
     
  9. UltraMagnus

    UltraMagnus hic sunt dracones

    Member
    1,967
    0
    Aug 2, 2007
    Portsmouth
    check your account settings, delete any accounts you don't recognise, also change your password and root password
    also, search synaptic for anything with VNC in it and uninstall it.

    don't comment on what you don't know, plus x forwarding can be done from windows, and VNC is cross platform, it even has a java client (i used to run it on my PC at home to get past the school internet filters)
     
  10. Athlon-pv

    Athlon-pv GBAtemp Advanced Fan

    Member
    621
    0
    Feb 25, 2005
    United States
    You would expect that he would need acces , that means most likely he got root priveledges.
    If he is an evil bastard he would have set something up that he gets a message(email) after that password has changed.

    So i would expect that unless you would like to readup for say 4 to 5 hours on the subject on how to protect your linux install your friend will be able to keep pestering you.

    But on the other hand if you do read about it , you gained a very good experience [​IMG].

    There prolly some good websites on this topic but i havent needed it , so maybe google some keywords.
     
  11. Findecanno
    OP

    Findecanno GBAtemp Regular

    Member
    283
    0
    Apr 14, 2009
    United States
    Thank you all for your help. I have followed some of your advice such as blocking his ip address. hopefully that will stop him. Does anyone have some advice on how to get him back?


    My friend also uses this vnc program to get past school filters. What program is it?
     
  12. SpAM_CAN

    SpAM_CAN GBAtemp Regular

    Member
    279
    0
    Apr 5, 2009
    UK
    VNC gives you access to your computer over a network/ internet. If he has it at school then be careful...
     
  13. GeekyGuy

    GeekyGuy Professional loafer

    Global Moderator
    4,746
    230
    Jun 21, 2007
    United States
    Personally, this would be the solution I'd opt for. I don't know diddly squat about hacking, so it would be much easier just to beat the kid into oblivion and leave him lying on his mom's front door step. A clear warning about future harm to his family might also ensue. This is, of course, all hypothetical.
     
  14. coolbho3000

    coolbho3000 GBATemp Kikkoman Naturally Brewed SoySauce Fanatic

    Member
    2,095
    32
    Apr 29, 2007
    Kikkoman Factory
    Maybe it is SSH...
     
  15. Arm the Homeless

    Arm the Homeless Custom Title

    Member
    1,762
    5
    May 26, 2008
    United States
    /home/andy/
    I think it's ssh, as well.

    You could do:
    Code:
    sudo aptitude remove openssh
    If that command is wrong, I haven't used a Debian-based system for a long time.
     
  16. UltraMagnus

    UltraMagnus hic sunt dracones

    Member
    1,967
    0
    Aug 2, 2007
    Portsmouth
    i used to use http://www.realvnc.com/ but this was over 4 years ago, I'm sure the is better now
     
  17. MicShadow

    MicShadow GBAtemp Fan

    Member
    457
    1
    Jan 28, 2008
    it would be:
    sudo apt-get remove openssh
     
  18. Frederica Bernkastel

    Frederica Bernkastel WebPerf and PWA advocate; @antoligy on Twitter

    Member
    GBAtemp Patron
    Frederica Bernkastel is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    3,154
    765
    Jan 31, 2008
    United Kingdom
    Hinamizawa
    what don't I know? I mean, that those ones aren't. I tried them.
    If I wanted to access my linux install from elsewhere, I'd try something else.
    Also, to get past the filters, try using a proxy tunnel. I gave up with VNC's after the school ISP blocked them.
     
  19. Governa

    Governa Member

    Newcomer
    43
    4
    May 15, 2009
    http tunneling

    ...and guys please, please, please, don't refer to everyday tools and protocols as some sort of hacking or black magic. VNC, remote desktoping, SSH, AFP, SMB... these are all industry standards. I personally couldn't live without them, I have my home network built on top of these. They're extremely useful, if you know what you're doing. Invite your friend over to play with your admin account and you're asking for trouble, whatever the OS you're using.

    [​IMG]
     
  20. Frederica Bernkastel

    Frederica Bernkastel WebPerf and PWA advocate; @antoligy on Twitter

    Member
    GBAtemp Patron
    Frederica Bernkastel is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    3,154
    765
    Jan 31, 2008
    United Kingdom
    Hinamizawa
    hey... can.. can... I play with your admin account..?