Logs/Security Questions

By Emonroe
Jul 1, 2008
Topic Status:
Not open for further replies.
  1. My most recent paranoia is being hacked and having things dumped onto my hard drive that I do not know is there. I was misdirected to an illegal site and after reporting it to the authorities I did the standard virus checks and found my computer littered with trojans and keyloggers. I freaked, pulled the HDD (It had been making grinding sounds for months and I meant to replace it, figured this was as good a time as any) and stuck a new one in there.

    Now, a month and a half later, I've calmed down a bit but am still deeply paranoid about hackers. I have a D-Link DGL-4100 wired router with the SPI/NAT firewalls up and running and UPnP disabled and all of that for my hardware firewall and Comodo v.3 for my software firewall. According to ShieldsUp! I am completely stealthed with Comodo turned on and turned off.

    1.) Can a person hack a wired connection with both hardware and software firewalls up and running? I'm assuming the person who ran the site I was misdirected to has my MAC address, can they hack me based on that alone? I've changed IP Addresses many times since then due to DHCP.

    Also, I am including a few logs. I followed Julio's 15 steps to spyware and virus removal and just want to have a HJT log read by an expert and see if anything shows up.

    Thanks for the help!
  2. jobeard

    jobeard TS Ambassador Posts: 13,288   +281

    Good question.

    First, security is a Layered proposition; no silver bullet here :(

    Second, it is possible to breach a firewall and gain access to your LAN systems,
    and MAC addresses are a partial key to doing this. It is uncommon and takes
    a very knowledgeable programmer to make the attack. Your firewall will defend
    against these as this is unsolicited inputs from the outside world.
    An example of this would be in your firewall log as a port scan or new inbound traffic

    Thrid, after all that is operational, the biggest backdoor into your system is - - - the USER!
    Every email you open or URL you click invites data into your system.
    Every click presents a risk :( *IF* you have enough security, most of the bad
    stuff will get discarded -- but not 100% of it.

    btw: get this host file:http://www.mvps.org/winhelp2002/hosts.htm

    Read/research on email scams and phishing attacks.

    Learn WHY P2P programs are dangerous (eg Limewire and *Torents).
  3. Emonroe

    Emonroe Newcomer, in training Topic Starter

    I am a bit curious as to how a hacker might gain access to my computer when all of my ports are closed and stealthed. I mean even if they have my computer/modem's MAC address how would they know I even have that computer connected to the internet?

    I will read up on this hostfile thing, it seems very helpful...
  4. jobeard

    jobeard TS Ambassador Posts: 13,288   +281

    These are separate issues. Hostfile (as built by the cited reference) is a blacklist
    of IP addresses to NEVER allow access.

    re Mac and stealth: true enough for a first time access. However, if I have
    your MAC, it is possible to get packets thru the router to at least the firewall.

    I'll not take this any further -- you seem to have a good grasp of the issues and tools
    sufficient to protect you :)
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.