need help with a hacker

Discussion in 'Computer Games and General Discussion' started by Findecanno, Jun 3, 2009.

Jun 3, 2009

need help with a hacker by Findecanno at 9:45 PM (1,823 Views / 0 Likes) 23 replies

  1. Findecanno
    OP

    Member Findecanno GBAtemp Regular

    Joined:
    Apr 14, 2009
    Messages:
    283
    Country:
    United States
    My friend is able to hack my computer and pretty much do everything he wants to it remotely. He uses some sort of vnc that allows him to get on without permission. Im sure some of it is done through terminal. He is also able to change my password without knowing the original. Im wondering if theres any way that I can possibly block him from having access? or does anyone have any idea of what programs he using?

    I'm running Linux mint 7 (a variant of ubuntu 9.04) and so is he. He says the software he uses is cross-platform so switching operating systems wont help.
    Any help would be appreciated.
     


  2. coolbho3000

    Member coolbho3000 GBATemp Kikkoman Naturally Brewed SoySauce Fanatic

    Joined:
    Apr 29, 2007
    Messages:
    2,095
    Location:
    Kikkoman Factory
    Country:
    Unless you know exactly what he's doing, it's hard to help. Is this "some kind of VNC" SSH or something?

    If you can't figure it out, Ubuntu should be fundamentally secure (as far as we know) so just do a reinstall of it and choose a strong root password. And don't give this "friend" physical access to your computer ever again.
     
  3. Law

    Member Law rip ninjacat that zarcon made me

    Joined:
    Aug 14, 2007
    Messages:
    4,132
    Location:
    ‭jerkland
    Country:
    United Kingdom
    Punch him in the face repeatedly, then destroy his computer.

    Not much of a friend, really.
     
  4. Wabsta

    Member Wabsta you fight like a dairy farmer

    Joined:
    Apr 25, 2008
    Messages:
    2,485
    Location:
    SCUMM Bar
    Country:
    Netherlands
    Have you really "seen" ur friend in action?
    Maybe he is just scaring you..

    Cause, as far as I know, linux was the uberleetsecurenonhackableOSevah.
     
  5. SpAM_CAN

    Member SpAM_CAN GBAtemp Regular

    Joined:
    Apr 5, 2009
    Messages:
    279
    Location:
    UK
    Country:
    United Kingdom
    Disconnect from the internet, find the VNC client, and diddleete it. Or reformat your hdd, and DO NOT allow him on your network or computer.
     
  6. playallday

    Member playallday Group: GBAtemp Ghost

    Joined:
    May 23, 2008
    Messages:
    3,773
    Location:
    [@N@[)@
    Country:
    Canada
    Try this is a terminal.

    Code:
    sudo ufw enable
    sudo ufw deny 22
    sudo ufw deny 5900
    sudo ufw deny 5901
    sudo ufw deny 5902
    sudo ufw deny 5903
    sudo ufw deny from 192.168.0.2
    Take out 192.168.0.2 and put his IP in. If you don't know his IP you could remove that line.

    He's most likely gone on your computer and set up remote access for himself. You should tried to find out which program he's using and turn it off.
     
  7. Governa

    Newcomer Governa Member

    Joined:
    May 15, 2009
    Messages:
    43
    Country:
    Portugal
    Alternatively play with IPtables. If you're not comfortable with that, set up a software firewall with outbound and inbound filtering or configure your router and be sure to get all your ports stealth, particularly 5900, 5901, 5902 and 5903.

    Probe your ports to see what is open in your current configuration. Go to http://www.grc.com/default.htm, click on the "ShieldsUP!" link, click on the "Proceed" button, click "OK" on the warning window and finally click "All Service Ports" button. If you're connected directly to the web, this will probe your PC's firts 1056 TCP ports. If you connect through a router, it will probe the router. Act accordingly. Use the "User Specified Custom Port Probe" to scan 5900 to 5903 (default VNC ports).

    Better yet, if your system was already compromised (who knows what is running under the hood... rootkits are common nowadays and hardly detectable), wipe the HD and do a clean install. Do NOT allow anyone to use your machine as root. If your distro allows you to login as root by default, create a limited account with a password only known to you, change the root's default password and log in using your newly created limited account.

    By the way, your friend is not a "hacker", just a smart ass.
     
  8. Frederica Bernkastel

    Member Frederica Bernkastel WebPerf and PWA advocate; @antoligy on Twitter

    Joined:
    Jan 31, 2008
    Messages:
    3,145
    Location:
    Hinamizawa
    Country:
    United Kingdom
    Sounds a LOT like GoToMyPC.com or LogMeIn.com
    They both can do that. Dunno how windows only programs are running on a linux though. Wine wouldn't help either.

    They way I'd deal with this is very illegal and requires direct access to their PC (or if you're smart enough, a door opened can be crossed in both directions *hint, hint*)

    Get one of the free firewalls, and block incoming connections.

    Sounds a lot like some kind of script kiddie.

    (Finally, the cross platform is a LIE!)

    Of course, since what their doing is illegal, you could just report it to a higher authority (if they are a script kiddie like I guessed, their parents are a good starting point)
     
  9. UltraMagnus

    Member UltraMagnus hic sunt dracones

    Joined:
    Aug 2, 2007
    Messages:
    1,967
    Location:
    Portsmouth
    Country:
    United Kingdom
    check your account settings, delete any accounts you don't recognise, also change your password and root password
    also, search synaptic for anything with VNC in it and uninstall it.

    don't comment on what you don't know, plus x forwarding can be done from windows, and VNC is cross platform, it even has a java client (i used to run it on my PC at home to get past the school internet filters)
     
  10. Athlon-pv

    Member Athlon-pv GBAtemp Advanced Fan

    Joined:
    Feb 25, 2005
    Messages:
    621
    Country:
    United States
    You would expect that he would need acces , that means most likely he got root priveledges.
    If he is an evil bastard he would have set something up that he gets a message(email) after that password has changed.

    So i would expect that unless you would like to readup for say 4 to 5 hours on the subject on how to protect your linux install your friend will be able to keep pestering you.

    But on the other hand if you do read about it , you gained a very good experience [​IMG].

    There prolly some good websites on this topic but i havent needed it , so maybe google some keywords.
     
  11. Findecanno
    OP

    Member Findecanno GBAtemp Regular

    Joined:
    Apr 14, 2009
    Messages:
    283
    Country:
    United States
    Thank you all for your help. I have followed some of your advice such as blocking his ip address. hopefully that will stop him. Does anyone have some advice on how to get him back?


    My friend also uses this vnc program to get past school filters. What program is it?
     
  12. SpAM_CAN

    Member SpAM_CAN GBAtemp Regular

    Joined:
    Apr 5, 2009
    Messages:
    279
    Location:
    UK
    Country:
    United Kingdom
    VNC gives you access to your computer over a network/ internet. If he has it at school then be careful...
     
  13. GeekyGuy

    Global Moderator GeekyGuy Professional loafer

    Joined:
    Jun 21, 2007
    Messages:
    4,739
    Country:
    United States
    Personally, this would be the solution I'd opt for. I don't know diddly squat about hacking, so it would be much easier just to beat the kid into oblivion and leave him lying on his mom's front door step. A clear warning about future harm to his family might also ensue. This is, of course, all hypothetical.
     
  14. coolbho3000

    Member coolbho3000 GBATemp Kikkoman Naturally Brewed SoySauce Fanatic

    Joined:
    Apr 29, 2007
    Messages:
    2,095
    Location:
    Kikkoman Factory
    Country:
    Maybe it is SSH...
     
  15. Arm the Homeless

    Member Arm the Homeless Custom Title

    Joined:
    May 26, 2008
    Messages:
    1,762
    Location:
    /home/andy/
    Country:
    United States
    I think it's ssh, as well.

    You could do:
    Code:
    sudo aptitude remove openssh
    If that command is wrong, I haven't used a Debian-based system for a long time.
     
  16. UltraMagnus

    Member UltraMagnus hic sunt dracones

    Joined:
    Aug 2, 2007
    Messages:
    1,967
    Location:
    Portsmouth
    Country:
    United Kingdom
    i used to use http://www.realvnc.com/ but this was over 4 years ago, I'm sure the is better now
     
  17. MicShadow

    Member MicShadow GBAtemp Fan

    Joined:
    Jan 28, 2008
    Messages:
    457
    Country:
    Australia
    it would be:
    sudo apt-get remove openssh
     
  18. Frederica Bernkastel

    Member Frederica Bernkastel WebPerf and PWA advocate; @antoligy on Twitter

    Joined:
    Jan 31, 2008
    Messages:
    3,145
    Location:
    Hinamizawa
    Country:
    United Kingdom
    what don't I know? I mean, that those ones aren't. I tried them.
    If I wanted to access my linux install from elsewhere, I'd try something else.
    Also, to get past the filters, try using a proxy tunnel. I gave up with VNC's after the school ISP blocked them.
     
  19. Governa

    Newcomer Governa Member

    Joined:
    May 15, 2009
    Messages:
    43
    Country:
    Portugal
    http tunneling

    ...and guys please, please, please, don't refer to everyday tools and protocols as some sort of hacking or black magic. VNC, remote desktoping, SSH, AFP, SMB... these are all industry standards. I personally couldn't live without them, I have my home network built on top of these. They're extremely useful, if you know what you're doing. Invite your friend over to play with your admin account and you're asking for trouble, whatever the OS you're using.

    [​IMG]
     
  20. Frederica Bernkastel

    Member Frederica Bernkastel WebPerf and PWA advocate; @antoligy on Twitter

    Joined:
    Jan 31, 2008
    Messages:
    3,145
    Location:
    Hinamizawa
    Country:
    United Kingdom
    hey... can.. can... I play with your admin account..?
     

Share This Page