More on my laptop getting hacked
Jun. 4th, 2006 01:30 am![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
thewayneI ran A LOT of software on it, looking for bad things installed. This includes software specifically designed to detect and deal with root kits and their ilk. Came up totally blank.
I think what happened was someone noticed that I was running a remote control program called Real VNC, it allows me to lie on my chair and control my desktop in the other room. A few weeks ago it was announced on Slashdot and other sources that there was a flaw that allowed people to bypass set passwords for the program and control computers remotely that they shouldn't have access to.
This seems to be the most reasonable explanation as to what happened to me. I was running the flawed version on my laptop full-time. I didn't need it loaded all the time, I was just lazy about installing it. So that's been removed. I've downloaded the new version, but I don't see me needing it anytime soon, so it's not loaded to be resident.
I also had let my firewall subscription expire January of '05. I should have renewed it right away, but I was a lazy bum. I've since upgraded it. And I downloaded the new version of Spybot S&D.
But my biggest mistake was a classic rookie error: running your computer all the time as administrator. If I had been running as a user, they wouldn't have been able to uninstall my anti-virus and go after my firewall as you can only do those functions as an admin. So I've renamed my admin account with a stronger password (it was strong before, I toughened it up a bit) and created a user account with a strong password.
This is another Joy of Microsoft. They make it difficult to use a home computer and not be in admin mode. I quite like Apple's take on this with OS-X: they ask you for the admin password then let you continue installing or doing whatever, much more civilized.
Anyway, I think I'm probably safe from a re-appearance of whoever it was that wanted to control my laptop. The problem that I had in Virginia was probably two-fold and definitely had nothing to do with Debora's network since I never tied directly into it, it was just a wireless configuration to get to the internet. First, I really need more memory in my laptop, more memory can take care of a world of problems. Second, I don't think my wireless card's software was cooperating very well with the HP printer driver that I had to install to work with her printer. I have a really sucky wireless card (it was cheap and on sale, that's my only excuse) that will be replaced in the near future as it is literally falling apart.
So I think that's about all there is to say on my little "PWN3D" incident. Hopefully nothing more will happen, but I'll definitely be keeping a closer eye on things.
I think what happened was someone noticed that I was running a remote control program called Real VNC, it allows me to lie on my chair and control my desktop in the other room. A few weeks ago it was announced on Slashdot and other sources that there was a flaw that allowed people to bypass set passwords for the program and control computers remotely that they shouldn't have access to.
This seems to be the most reasonable explanation as to what happened to me. I was running the flawed version on my laptop full-time. I didn't need it loaded all the time, I was just lazy about installing it. So that's been removed. I've downloaded the new version, but I don't see me needing it anytime soon, so it's not loaded to be resident.
I also had let my firewall subscription expire January of '05. I should have renewed it right away, but I was a lazy bum. I've since upgraded it. And I downloaded the new version of Spybot S&D.
But my biggest mistake was a classic rookie error: running your computer all the time as administrator. If I had been running as a user, they wouldn't have been able to uninstall my anti-virus and go after my firewall as you can only do those functions as an admin. So I've renamed my admin account with a stronger password (it was strong before, I toughened it up a bit) and created a user account with a strong password.
This is another Joy of Microsoft. They make it difficult to use a home computer and not be in admin mode. I quite like Apple's take on this with OS-X: they ask you for the admin password then let you continue installing or doing whatever, much more civilized.
Anyway, I think I'm probably safe from a re-appearance of whoever it was that wanted to control my laptop. The problem that I had in Virginia was probably two-fold and definitely had nothing to do with Debora's network since I never tied directly into it, it was just a wireless configuration to get to the internet. First, I really need more memory in my laptop, more memory can take care of a world of problems. Second, I don't think my wireless card's software was cooperating very well with the HP printer driver that I had to install to work with her printer. I have a really sucky wireless card (it was cheap and on sale, that's my only excuse) that will be replaced in the near future as it is literally falling apart.
So I think that's about all there is to say on my little "PWN3D" incident. Hopefully nothing more will happen, but I'll definitely be keeping a closer eye on things.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2006-06-04 08:06 am (UTC)(no subject)
From:(no subject)
From:no subject
Date: 2006-06-04 01:15 pm (UTC)I know what you mean about memory solving a host of problems. When I look at a lot of the prefab systems for sale, one of the things I always check is the RAM, and very often shake my head and walk away. The high-speed and high-power processor is great, but if it doesn't have the memory to work with it can die of boredom waiting for memory space to free up so it can do the work it's designed for....
no subject
Date: 2006-06-04 01:17 pm (UTC)I'd suggest dropping Windows entirely and moving over to a Linux distribution, since they have the same sort of admin v. user thing going on and have been for a while, but I understand that there are times when you have to hold on to Windows.
(no subject)
From:(no subject)
From:(no subject)
From:(no subject)
From:(no subject)
From:(no subject)
From:(no subject)
From:no subject
Date: 2006-06-04 02:07 pm (UTC)