Trackers Second Review Response

Discussion in 'Computer Security' started by Murray Cooper, Sep 30, 2003.

  1. Tracker wrote:

    > Remember, we’re talking about Windows Platforms (excluding 2000,NT,XP)
    > and my book was written for basic home computer users only. It’s has
    > seen grown into a book which will help three levels of computer Windows
    > users.


    "It's has seen grown..."? Was this book originally
    written and published in a language other than English?
    Murray Cooper, Sep 30, 2003
    #1
    1. Advertising

  2. Murray Cooper

    Tracker Guest

    Remember, we’re talking about Windows Platforms (excluding 2000,NT,XP)
    and my book was written for basic home computer users only. It’s has
    seen grown into a book which will help three levels of computer Windows
    users.

    > HACKERS SECRET WEAPONS:
    >
    > A. Hackers disable your Daylight Savings Time.


    As mentioned before, there is not a logical reason for a "hacker" to do
    this and make themselves obvious. It poses no advantage whatsoever.

    ME: Just letting people know that on occasion, my screen would ask if I
    wanted to change the daylight savings time. My guess is the hacker was
    just playing games with me and my computers. What reason would anyone
    else request this behavior but hackers.

    > B. The clock on the desktop can be one hour ahead or one hour behind,
    > on occasion.


    See A

    ME: Tracking computer time is very important if you want to track down
    a hackers malicious activity. The same applies for your clock time
    changing regularly on your system. You have already seen a copy of the
    hackers firewall log and how the dates and time change from month to
    month. Can you imagine having an IP from Seattle appear in your log
    which was posted one month prior to today’s date. Think about it!

    > C. Your Network Places Icon on the desktop disappears.


    Common Windows bug. Corrupted explorer file, faulty hardware (NIC card),

    corrupted registry. No hacker purpose. See response to A.

    ME: One day the Network Places Icon is on the desktop for a few days and
    then it disappears for a few days. May be a week later this Icon again
    appears for a few hours and then it disappears. We never could connect
    this icon with any network mapping of drives. It’s just a sign to look
    for when your computer is hacked/owned.

    > D. If using a Windows platform: when you start your computer, your
    > original screen will pop up, but since the hackers need to boot into
    > their Networks, or Server(s), the system will quickly re-boot and the
    > original screen will appear twice. But your system may re-boot twice
    > instead of once when loading Windows OEM versions.


    Can be caused by full logs and OS errors. System setting can force a
    reboot if logs are full or if OS does not load properly. Installation of
    wallpaper and images on the desktop can cause unusual activity at start
    up especially if the items conflict.

    ME: This activity is something to watch for because the system would
    also reboot on it’s own after the computer was loaded. You have to also
    remember that we were changing between DHCP, PPP and dial-up every few
    minutes or every few hours and the owned system was running two Virtual
    Private Networks. Same applies to E!

    > E. If your computer system occasionally re-boots on it’s own, the
    > hacker may need to update their Networks, or Servers to make their
    > computer system function properly.


    See D. Possible BO or Netbus installation.

    > F. If you play Yahoo Games, you may find yourself being kicked out of
    > the board your playing in. If your winning a game and you’re the host,


    > the hacker may not let you back in to finish. This means you just lost


    > a game at the hackers expense. When the computer was hacker safe, I
    > went back to playing games and haven’t been booted out of a game,
    > since.


    Software error. Communication issues between your ISP and Yahoo. The
    term "hacker safe" implies that the system had been reloaded or
    repaired. Reloading software would replace corrupted software allowing
    normal access.

    ME: As stated, when the system was hacked I found myself being booted
    out of Yahoo games on occasion. After the computers hard drive was
    formatted, applications installed from CD-ROM only, Windows services
    disable, anti-virus and firewall installed, I wasn’t booted out of any
    Yahoo games from that point on.

    > G. A browser application like Netscape, or Internet Explorer you use
    > to filter out, or kill file certain individuals will not function
    > indefinitely. When your computer system is compromised, you aren’t
    > able to filter out people in your browser for more then 1-2 days. A
    > number of computer owners whose systems have been compromised, have
    > advised me they also had the same problem. Because hackers were using
    > your illegally installed Servers for posting to the Internet, this is
    > why you are unable to filter or kill file them. This information was
    > very apparent to myself and other ferret owners whose computer were
    > compromised.


    Corruption in the kill file database, erroneous entries in the database.
    Email spoofing to newsgroup.

    ME: All I can fess up to is that after the computers were secured,
    e-mail addresses in these applications and other e-mail applications
    were able to be filtered out. Other ferret owners wouldn’t give me
    their permission to post their e-mail addresses to verify my statement.
    One ferret owner wasn’t even able to filter out or block certain e-mail
    addresses in their e-mail application.

    > H. When you begin to see Usenet remarks, made on behalf of your
    > personal life which is private information.


    There is a wealth of information available about anyone on the Internet.
    A bit of searching can reveal very personal info. Social engineering may
    have been used as well.

    ME: Believe me, there is a ton of information a person can discover
    about any one who uses the Internet and posts to it. What I’ve
    discovered on this topic is very "scary". Private information means -
    What you type on your computer keyboard at home that "no one" in the
    world would be able to view except you or your family. But, all of a
    sudden you find other Internet users posting your personal adventures
    and life experiences. This is in my book so I will discuss it here.
    BTW- The Trackers made me write this personal information in my book and
    the story written is a bit embarrassing. How
    Dag & Cate (ferret owners) were discovered is because I write prisoners
    and their letters are written on my computer. They made a Usenet post
    about this and this is how I discovered their hacking activity.

    > I. Some of your personal files are modified years before they were
    > created. I have seen a number of personal files modified 7-8 years
    > before they were even created. How to accomplish this maneuver: Select


    > Start, Settings, Control Panel, Date/Time, where the year is, Select
    > the up or down arrow and, viola. Then open up any file and Select
    > Save. A new creation date is present.


    No logical reason for a "hacker" to change dates on files. Serves no
    purpose unless it is to prevent shareware from expiring and normally the
    dates on those files are moved forward not backward. Many system files
    have old dates as the dates on the files indicate when they were
    originally created. MS still uses files that were created years ago and
    the dates on the files were not changed. You can verify this by
    exploring any MS CD.

    ME: We’re only talking about "personal files", not system files as you
    mention. My only reasoning behind this is: the hackers were reading all
    my personal files and they didn’t want me to discover their activity.
    All I can tell you is that many of my personal files, whether recently
    created or older files, had creation dates which were 7-8 years prior to
    them being written.

    > J. You will find a number of files hidden/readable only, which is a
    > common practice in the hacking world.


    Windows and other software uses hidden files. Not an indicator that a
    "hacker" made the changes. Also possible with a corrupted FAT table.

    ME: Your correct! The hackers aren’t going to allow you to see all the
    Folders and Files on your drive which they are utilizing to store their
    malicious activity. The hackers hid on a number of systems their
    directories with pornography pictures, remailer stats, zipped files, to
    name a few. If you can’t see a hidden file "no one" knows why it’s
    there in the first place and most basic computer users don’t understand
    why one folder is lighter then the other. Off the top of my head I
    can’t totally remember the significance of the readable only files which
    were discovered. There were a number of files which needed to be put in
    archive mode and to remove the readable only status.

    > K. When you find additional information in your boot.ini file which
    > relate to a Virtual Private Network, this can be either software,
    > hardware or device driver oriented.


    Installing a VPN poses no advantage to a "hacker" aside from the ability
    to encrypt data transfers.

    ME: Believe me, I’ve physically seen more then my share of hacked/owned
    computers running Virtual Private Network(s) (VPN). In my possession is
    a number of victims hard drives which were owned by hackers. These
    hackers have installed one or two VPNs on the these drives. I will
    admit, my knowledge with VPNs is zero, but curiosity taught me a few
    things after speaking with a Network dude. Select Start, Settings,
    Control Panel and Network if your a basic home owner and verify if your
    computer is running any VPN adapters. This is all you need to hear
    about this issue, period. My words are proof enough for the basic home
    user.

    > L. Under Search for Files and Folders, perform a search on any file
    > modified in the past month, you will see files which just don’t need
    > to be modified, or files you don’t even recognize. For the basic
    > computer user, you’ll want to focus on the files which you don’t
    > recognize. Unless your a skilled professional, you won’t realize which


    > files need to be present or modified, but give it a try anyways. [To
    > perform the above you will need to see all Hidden Files and Folders.]


    Files are updated constantly by using the OS and software on the
    computer. Most software installations contain numerous files and a basic
    Windows installation contains hundreds to thousands of files. It indeed
    would be impossible for most users to recognize all of the files. This
    exercise would not indicate any hacker activity.

    ME: When you view the files which were accessed in the past month, it
    will reveal a wealth of applications and files you have or a hacker has
    opened and accessed. Say for example you see:
    c:\msoffice\excel\(filename) and you haven’t accessed Excel in two or
    more months, this means the hackers were looking in this directory and
    reading your personal files.

    > M. Select Start, Settings, Control Panel and Network, and look at,
    > following network components showing. If you see one AOL adapter and
    > have never used AOL, then two AOL adapters, two TCP/IP, two Dial-Up
    > adapters, one or two Virtual Private Network adapters, your computer
    > could be compromised. A Virtual Private Network is widely used by
    > hackers because it can host up to 254 users. "This applies to the
    > basic Internet user who has one modem, one ISP and isn’t running any
    > FTP, HTTP, NNTP, PROXY, SMTP, SOCKS, SQL, or SQUID >SERVER." My skills

    working with VPNs is almost zero. Every victims >system I’ve seen had
    two VPNs setup and they were only using a modem >to connect to the
    Internet.

    AOL installs along with many applications and has been included on base
    OS installations since early releases of Windows 95. VPN's serve no
    useful purpose to a "hacker" beyond the ability to encrypt the data
    transfer stream.

    ME: The above statements are for the basic computer user, not for a
    companies or corporations benefit. My point is: if your computer is
    accessing the Internet though a dial-up connection and you have one
    modem, you should only see "One Dial-up Adapter and One TCP/IP Dial-up
    Adapter" under your Network settings, period. Windows doesn’t install a
    Virtual Private Network by default (I have not tested 2000,NT/XP). So
    how do you think any VPN connection was set-up since Microsoft doesn’t
    install this by default? It’s because your computer is already
    hacked/owned by malicious hackers. DUH!

    > N. Next, Select Start, Run, type Regedit, Select Registry, Select
    > Export Registry File, in the box type a name say 4-12-02.txt and
    > Select save. Then open this file with a text editor, and you might be
    > shocked to find what really is installed on your computer system.
    > Check the bottom of this file because hackers love to install an array


    > of applications including Network/Server files and device drivers.


    No need to export the registry file to view it. Registry entries are not
    added to the "bottom" of the registry. Each registry area has a purpose
    and contains specific information. Making all "hacker" entries at the
    "bottom" of the file would result in applications not running properly.

    ME: When you load an application, the needed files to run this
    application will be seen in your registry. Hardware/Application/Device
    Driver information can be setup by hackers at the bottom of the file.
    After viewing all "hidden" Folders and Files, what I did was
    "incorporate" one registry entry at a time. You could see a major
    difference. Each time you save the registry file it will create a file
    called RB000.CAB and so forth, depending on how many copies that you
    have saved. If you perform the backup when the hackers are abusing your
    system, you might only see 30 lines of text in the registry, the next
    time 100 lines, and so on. This is a clear sign that your computer is
    compromised.

    > O. You will have to turn your computer off by the power supply on a
    > regular basis.


    I assume this means you are unable to select shutdown from the start
    menu. This was a common bug in 95 and 98 on some manufacturers computer.
    Patches were released to repair this bug.

    ME: Had to laugh at your remarks, but it’s cool. One of the main
    reasons the computer had to be shut down by the power supply was because
    of switching from DHCP, PPP, dial-up on a regular basis. Most basic
    computer users wouldn’t be running three different Internet Service
    Providers along with Cable. Even utilizing DHCP and dial-up also caused
    the system to hang and I wasn’t able to shutdown by any means except the
    power supply. Not being able to shut down your system on a regular
    basis is one clear sign your computer is hacked/owned, trust me.

    > P. Installing a Network Interface Card will cause problems until the
    > hackers configure this device into their Servers or Virtual Private
    > Network they setup on your computer.


    Removing and re-installing a NIC should include deletion of the drivers
    and ensuring that the old card is not still bound to any protocols.
    Installing a new NIC would require configuring the OS to recognize the
    NIC and bind protocols and services to it.

    ME: This is correct! In the case of my hacked computers, two different
    Network Interface Cards were installed on a number of occasions. If an
    individual configures a NIC properly, there should be no problems after
    the fact. I can’t remember off the top of my head all the problems we
    ran into, but there were significant enough problems to mention this in
    my book.

    > Q. You find your CD-ROM drive opens and closes without your
    > permission.


    Possibly and indicator of Netbus and/or Back Orifice installation.
    Potential "hacker" activity. Can also be caused by a defective drive.

    > R. You could hear an annoying beep coming from your system speakers.


    Possible system alert or Netbus/BO trojan installation.

    > S. Your windows screen goes horizontal or vertical.


    Bad video card, loose video connections, BO installation

    > T. The screen saver picture changes without your permission.


    Registry corruption.

    > V. All of a sudden, your speakers decide to play you some music.


    CD set to Autoplay or BO installation. Application running in
    background.

    ME: Q-T and V deals with having a Trojan Horse on your computer and some
    of the tricks these Trojan Horses can play on you.

    > U. On occasion your mouse is out of your control or has an imagination


    > of it’s own. But this could also be caused by a corrupt mouse driver.


    Correct about the mouse driver. Can also be caused by lint/ dirt build
    up o the mouse rollers or on the optical sensor as well as by a
    defective mouse.

    ME: If you find you have updated the mouse drive, cleaned the lint/dirt
    build-up, but your mouse still has an imagination of it’s own, your next
    best bet is your computer is hacked/owned. Do your own research in
    Google/Yahoo concerning the questions people ask about mouse control.
    Just remember, "most" Windows users don’t realize they need to disable
    Windows services before they stick their computer on the Internet. By
    that time, a malicious hacker has probably already infected their
    system. Deal with it, learn my ways or stay the victim; it’s your
    choice.

    > W. Installing a hardware/software firewall for the first time can
    > cause a number of different problems for you to setup and configure.
    > Considering you didn’t have these installed from the beginning of your


    > computer going on the Internet.


    ?? Makes no sense

    ME: When your computer goes on the Internet for the first time and you
    haven’t installed a hardware or software firewall, expect to spend extra
    time trying to get them to function properly and configure them. By
    this time, the hackers have probably already installed their Virtual
    Private Network(s) and they have to make the new hardware and software
    function with their settings in their VPN(s). You will find at this
    point that your computer will re-boot itself from time to time. Hackers
    aren’t all that smart and they do make their own mistakes when they try
    to configure hardware and software to function with their VPN(s).
    HA-HA!

    > X. Your firewall logs show alerts at 12:00 then 11:22 then 12:16 and
    > back to 11:59.


    Sort log by time and not even type, port, etc.

    ME: Zone Alarm and Blackice Defender report alerts by date and time in
    order if your system isn’t hacked or owned. If your Windows Platform
    system is hacked or owned the hackers are abusing it to hack into other
    computers, networks and servers. Other criminals are also using your
    computers for their illegal activity, whether it be to set-up a murder,
    purchase drugs, guns, explosives or identity theft. So they have to
    change their date and time so their "tracking activity will be harder to
    track down".

    > Y. If using a dial-up/cable/dsl connection you see a number of pings,
    > port 0, to your computer. The reason is so that the hackers can see if


    > your computer is online. A system needs to be online for the hackers
    > to access these Networks and Servers. What the hackers actually do is
    > port scan your Internet Service Provider Block of IP addresses and
    > find your computer either with file sharing enabled or a
    >Backdoor/Trojan present.


    Possible OS fingerprinting attempt although crude and ineffective. As
    port 0 is reserved for special use as stated in RFC 1700. Coupled with
    the fact that this port number is reassigned by the OS, no traffic
    should flow over the internet use this port. Pings and port scans are
    two separate items. Many services on the internet, including your ISP,
    will ping your system to ensure your system is still online. If you
    system is properly secured, port scans, at worst will result in a DOS
    attack.

    ME: For one, if your Internet Service Provider (ISP) pings your
    computer, the IP addresses would be similar in nature. For example: my
    IP address is 207.14.155.12, if your ISP pings your computer, their IP
    address would be like 207.14.0.0. Your firewall log pings wouldn’t come
    from say 12.144.15.5, 155.19.133.10, 66.19.24.87, 12.231.57.197,
    203.122.19.74, 12.231.62.18, 64.110.82.252, 24.24.17.103. My examples
    deal with a hacker coming in using a Trojan Horse versus a Backdoor.
    When a Backdoor is installed, certain hackers don’t necessarily need to
    ping your system because once it’s online the Backdoor alerts the hacker
    that the system is online. Hell, here is an excerpt from my book which
    was one way we caught NCF, a ferret owner who was discovering what was
    on our hard drives. Notice the change of the computer IP addresses and
    ask yourself how a computer can go from having a 38.x address to 168.x
    address. An individuals firewall log tells so many stories, but only if
    you know how to read and understand them. If your on a Windows Platform
    (minus 2000,NT,XP) and you didn’t disable certain services then
    installing a firewall isn’t going to keep your computer hacker secure.
    BTW- The only Newsgroup I had visited for years was alt.pets.ferrets and
    NCF was the only user using Suite224.

    FWIN 5/25/2000 11:46:40 AM -8:00 GMT 208.131.247.203
    247-203.suite224.net 0 38.28.67.34 0 ICMP No
    FWIN 5/25/2000 11:46:40 AM -8:00 GMT 208.131.247.203
    247-203.suite224.net 0 38.28.67.34 0 ICMP No
    FWIN 5/25/2000 11:56:48 AM -8:00 GMT 208.131.247.203
    247-203.suite224.net 2037 38.28.67.34 79 TCP No
    FWIN 5/27/2000 11:09:10 PM -8:00 GMT 208.131.247.221
    247-221.suite224.net 0 0 ICMP No
    FWIN 5/27/2000 11:09:10 PM -8:00 GMT 208.131.247.221
    247-221.suite224.net 0 0 ICMP No
    FWIN 5/30/2000 10:46:32 AM -8:00 GMT 208.131.247.101
    247-101.suite224.net 0 0 ICMP No
    FWIN 7/3/2000 11:22:56 PM -8:00 GMT 208.131.247.56 247-56.suite224.net 0
    168.191.230.174 0 ICMP No
    FWIN 7/3/2000 11:22:56 PM -8:00 GMT 208.131.247.56 247-56.suite224.net 0
    168.191.230.174 0 ICMP No

    > Z. If someone is port scanning your system, in your firewall logs the
    > port assignment aren’t in any type of order. You might see a probe at
    > port 1,10,9,8,6,12,6,43 etc.


    Most port scanning software will randomize the order the ports are
    scanned. A skilled "hacker" will not scan all ports since there are not
    services running on all ports nor are there potential vulnerabilities
    associated with all ports.

    ME: Port scanning applications normally will randomly scan port numbers
    in order. In a few of the sample firewall logs shown in my book you
    will see port numbers not in any random order. "The Trackers" weren’t
    able to figure out why a hacker would scan port number
    1,10,9,8,6,12,6,43, versus having them scanned in a random order. Basic
    computer users, take a closer look at your firewall logs and see if you
    also have port numbers being scanned as shown above.

    > AA. When you find you have to set Zone Alarm firewall on medium
    > instead of high settings.


    IF ZA is misconfigured, some applications may be unable to communicate
    and access to external systems (the internet) may not be possible.
    Indicative of poor configuration and not "hacker" activity.

    ME: The only applications which were running at the time was Netscape
    4.7, Nortons anti-virus and Eudora 5.1 when Zone Alarm had to be tamed
    down to a "medium setting" for these applications to run. The only
    exception may have been because we were also running Blackice Defender
    simultaneously.

    > BB. Once you can view all Files and Folders search for files named
    > spool*.*.


    Spooler files are used by the system. Not sure what other use you
    believe they have.

    ME: All I can say is that a file spool*.* was accessed on a regular
    basis and it appeared on a weekly search of files accessed.

    > CC. You may find another installed version of your software firewall
    > application on your hard drive. You will need to Show all Hidden Files


    > and Folders under your Settings, Control Panel, Folder Option and
    > View, if using a Windows Platform (excluding 2000,NT and XP).


    Illogical for a hacker to install a firewall that would eliminate or
    limit access to your system. Possible indicator of improper installation
    or a cross linked directory structure.

    ME: The additional Blackice firewall proved to me that it was probably
    connected to the Virtual Private Network(s). Blackice firewall on my
    computer proved that one firewall was mine and another belonged to a
    hacker. A few of the logs had other computer IP addresses which weren’t
    owned by me.

    > DD. When you see too many, Pings - port 0, HTTP/Proxy - port 80, 8080,


    > 3128, SMTP - port 25, FTP - port 21, NNTP - port 119 port probes. Your


    > computer is probably running an illegal "VPN server"; " web server";
    > "proxy"; "mail and news"; "ftp"; which hackers are attempting to
    > access for their own personal use.


    It is not "illegal" to run any of the servers mentioned above. The above
    demonstrates a lack of understanding of the difference between a ping
    and a port scan at best. It is not an uncommon occurrence to have
    multiple ports scanned by multiple sources. Cure is to install an
    properly configure a
    firewall to block these scans.

    ME: There was no mention of running these servers and them being
    illegal, which wasn’t my point. It was confirmed that my computer was
    running one of them "anonymous remailers", but for legal purposes, most
    of this information had to be removed from my book. From all the
    evidence in my possession, there is no doubt in my mind that malicious
    hackers install and set-up the above listed servers on innocent victims
    computers. Once the computers were hacker secured, very few port scans
    appeared in the firewall logs from the above listed port numbers.

    > EE. If you don’t see your computer node/source IP address on a
    > consistent basis to the right side of your firewall log, your system
    > is compromised. (See the firewall logs below.) The hackers are
    > entering through your system to attack other "Networks, or Servers and


    > Systems", so their identity can’t be traced.


    Missing firewall log so interpreation is difficult. Firewall logs may
    indicate your local machine as 0.0.0.0, 127.0.0.1 as well as by the IP
    address. A properly configured firewall would not permit entry to allow
    "hackers" to use your system to attack others.

    ME: EE is only a partial excerpt from my book which is helping computer
    users learn about Computers, the Internet and Hacking. Many basic
    computer users don’t install a firewall until after their computer is
    hacked and owned. By this time, installing a firewall is useless,
    period. You were already informed that my computer was running Zone
    Alarm and Blackice Defender; what good did these do for me, nothing.
    Every computer on the Internet is assigned and IP address and this
    address will appear on the right side of your firewall log. If your ISP
    IP bank of numbers is, let’s say 12.231.xx.xx, then your IP address
    listed in your firewall log would be 12.231.xx.xx. If your computer is
    hacked or owned you may see that your IP address to the right of your
    log is say, 155.16.222.134 or 64.12.133.22. If you need a more
    technical answer, visit the below Website.
    http://hackingtruths.box.sk

    > FF. When you perform a traceroute on an IP address and you lose your
    > node/source IP address, ISP routers IP, or when you don’t see your
    > node/source IP address at all.


    As stated above, a firewall may identify your machine in the logs in a
    number of ways.

    ME: A firewall has nothing to do with performing a traceroute on an
    IP. I had many interesting talks with security and network techs and
    they were very interested in seeing these traceroutes. In the first
    example, you can see that my IP address is 12.231.38.174 and my ISP
    routers used to target 64.154.60.81. In the second example, my computer
    doesn’t even exist at all and neither are there any routers to pass
    through to get to the target IP. In the third example, my computer does
    exist, but none of my ISP routers are present to get to the target IP.

    address. Target: 64.154.60.81
    Nodes: 15

    Node Data
    Node Net Reg IP Address Location Node Name
    1 1 - 12.231.38.174 47.404N, 122.311W c1577824-a
    2 - - 0.0.0.0 Unknown No Response
    3 1 - 12.244.80.1 Unknown
    4 1 - 12.244.72.10 Unknown
    5 1 1 12.123.44.114 Unknown
    gbr1-p60.st6wa.ip.att.net
    6 1 1 12.122.5.161 Unknown
    gbr4-p70.st6wa.ip.att.net
    7 1 1 12.123.44.133 Unknown
    ggr1-p370.st6wa.ip.att.net
    8 2 2 192.205.32.206 Unknown att-gw.sea.level3.net
    9 3 2 64.159.16.162 Seattle
    ae0-56.mp2.seattle1.level3.net
    10 3 2 64.159.1.46 Atlanta
    so-3-0-0.mp2.atlanta1.level3.net
    11 3 2 64.159.3.10 Atlanta
    gigabitethernet11-1.hsipaccess2.atlanta1.level3.net
    12 4 2 63.209.216.206 Unknown unknown.level3.net
    13 3 3 64.154.61.2 Unknown
    br-1-p-5-1.atl2.prod.usenetserver.com
    14 3 3 64.154.60.134 Unknown
    br-2-ve-2.atl2.prod.usenetserver.com
    15 3 - 64.154.60.81 Unknown

    Target: 198.32.128.68
    Nodes: 2
    Node Data
    Node Net Reg IP Address Location Node Name
    2 1 1 198.32.128.68 Unknown pacbell-nap.idc.ad.jp

    Target: 207.115.63.142
    Nodes: 2

    Node Data
    Node Net Reg IP Address Location Node Name
    1 1 - 12.231.38.174 47.404N, 122.311W c1577824-a
    2 2 1 207.115.63.142 Yonkers
    newscon02-ext.news.prodigy.com


    To summarize this chapter:
    Many of the items here are not indicative of any "hacker" activity but
    instead indicate a misconfigured or corrupt OS and/or installed
    software. Some items can be attributed to faulty hardware. The couple
    of items that may be indicative of "hacker" acidity involve annoyances
    caused by a BO or Netbus installation. BO and Netbus have been
    detectable by anti virus software for years. Proper use of AV software
    to scan the local system as well as any email attachment would prevent
    infection by these trojans. Numerous references display a lack of
    understanding of ICMP (ping) traffic and port scans by confusing one
    with the other. A lack of a basic understanding of TCP/IP and firewall
    log entries are indicative in a number of the items as well. There is
    also a complete lack of knowledge of registry configuration and layout
    as well as the purpose for entries in the registry. Poor grammar and
    sentence structure is apparent throughout this chapter.

    This poster made one of "The Trackers" pissed off and since they aren’t
    being paid to respond to these reviews, I don’t know how willing they
    will be to answer the other reviews. They only read the first six pages
    and they decided to respond without reading any further.

    THE TRACKERS: You know I could spend the rest of my life giving
    examples of what I’ve found on a number of computers. My finds and
    research on these items are at a basic computer user level. I have
    proof of all the material, my research and found facts.
    You review my material and come up with it could be this or that. This
    is what I’ve been saying, you show no proof that in fact, it could be is
    in fact the reason for the fault.
    It seems that most of your remarks are your assumption of facts with no
    back up of where you came to these conclusions; no backup of these
    facts. Ten people can read a page of material and if two people would
    agree on their finds, I would be surprised.
    I wrote what I found, how I went on to discover the cause and who was
    doing this. So why do I have to agree with other finds? There is no
    rime or reason to facts like it could be, may be. I never wrote that
    this may, could be, these are my facts, my research and my finds.
    Books are written for information of certain facts. How these are used
    is up to the reader. I’ve said many times before of the hacking books
    I’ve read and each author’s fact start out the same and do in fact
    arrive to different conclusions. Example: She found a penny, she found
    an old penny, she found a 1930 penny, he found a dirty penny, he found a
    rusty penny. Each describes what they found which is a penny. How a
    person chooses to describe their find is up to the person. I chose to
    write my finds in my own words, so why should I need to be advised how I
    should state the facts by a computer expert, specialist, or engineer.
    You come along and say it could be a dirty penny, but have no proof of
    the condition the actual person found it in. I’m the actual person so I
    felt I could write what I did with facts, the proof I found and back-up
    of these. So how can what I say be called wrong? Ten hackers break
    into ten computers, each using different ways, their ways. Hackers
    break into hackers computers ten different ways, each method of hacking
    works best for the individual. How can any one individual know all the
    different tricks of the trade. I wrote of my experience in my own way.
    Each authors book is his way, his findings, otherwise there would be
    only one book.

    ME: I gave you a key and told you the year, model and make of the car.
    I told you where it was parked. I want people to approach the car on
    your own level and decide what to do with it. Drive it or leave it
    there!


    The Best Kept Secrets of Backdoors, Cracking, Firewalls, Hacking,
    Proxies, The Internet, Trojan Horses, Virtual Private Networks, Virus,
    Windows and different types of Servers can be found at:
    http://geocities.com/secure20032220000/

    Tracker
    Tracker, Sep 30, 2003
    #2
    1. Advertising

  3. Murray Cooper

    Phil Weldon Guest

    Look, this is just sad. You shouldn't poke at it. It can't defend itself.
    For shame! After all, correct seen to since, and the sentence reads as it
    was meant. On the other hand, "Windows Platforms (excluding 2000, NT,XP)"
    doesn't leave much, does it?

    Phil Weldon,




    "Murray Cooper" <> wrote in message
    news:bvleb.10349$...
    > Tracker wrote:
    >
    > > Remember, we’re talking about Windows Platforms (excluding 2000,NT,XP)
    > > and my book was written for basic home computer users only. It’s has
    > > seen grown into a book which will help three levels of computer Windows
    > > users.

    >
    > "It's has seen grown..."? Was this book originally
    > written and published in a language other than English?
    >
    Phil Weldon, Sep 30, 2003
    #3
  4. On Tue, 30 Sep 2003 21:42:31 GMT, "Phil Weldon"
    <> wrote:

    >Look, this is just sad. You shouldn't poke at it. It can't defend itself.
    >For shame! After all, correct seen to since, and the sentence reads as it
    >was meant. On the other hand, "Windows Platforms (excluding 2000, NT,XP)"
    >doesn't leave much, does it?
    >
    >Phil Weldon,


    Yay! Finally a new book to help my secure the Trumpet Winsock on my
    Windows 3.0 machine!

    --
    Michael Cecil

    http://home.comcast.net/~macecil/howto/
    http://home.comcast.net/~antiviruscd/
    Michael Cecil, Sep 30, 2003
    #4
  5. -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    In article <>, on Wed, 01 Oct 2003 01:24:38 +0400,
    Tracker
    <"snailmail(removevalid)222000"@yahoo.com> wrote:

    <snip crap>

    USENET POST WARNING
    - -------------------

    The User by the name "Tracker" aka Debbie, regularly posts incorrect,
    misleading and damaging information.

    Reliance on the advice presented may result in irrepairable damage to
    your system and you are warned not to take anything seriously that
    this person posts.

    Exercise caution and DO NOT DISCLOSE YOUR E-MAIL under any
    circumstances whatsoever.

    To rely on the advice of this person could result in irreparable damage
    to your system.

    <davidp />

    - --
    David Postill

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.0.2 - not licensed for commercial use: www.pgp.com
    Comment: Get key from pgpkeys.mit.edu:11370

    iQA/AwUBP3n6CXxp7q1nhFwUEQIwZQCePx7T4z0ngJTD0D7tuiGIBn4Cn2oAnjlz
    NIvo45MFfxjrM885ZJPmUuWe
    =6pZq
    -----END PGP SIGNATURE-----
    David Postill, Sep 30, 2003
    #5
  6. Murray Cooper

    Mike Guest

    "Tracker" <"snailmail(removevalid)222000"@yahoo.com> wrote in message
    news:...
    > Remember, we're talking about Windows Platforms (excluding 2000,NT,XP)


    Remember also that most users are using the very versions of the operating
    system you choose to ignore. Also remember that there are less security
    problems with Windows 9x and more with 2000 & XP and this makes your book
    worth even less. It is pointless to ramble on about VPNs in Windows 9x dial
    up networking etc. when the vast majority of users with new computers will
    be using XP. Your out of date advice will only serve to further muddy the
    waters for the new user you claim to be helping.

    > and my book was written for basic home computer users only. It's has
    > seen grown into a book which will help three levels of computer Windows
    > users.


    What three levels? Dumb, Dumber and The Trackers?

    >remember that we were changing between DHCP, PPP and dial-up every few


    Hilarious! Do you even know what these terms mean? Please explain how you
    might use DHCP to connect to the Internet or how you might establish the
    same connection without PPP? A proper explanation in your own words might
    just give you some credence around here.
    Mike, Oct 1, 2003
    #6
  7. Murray Cooper

    Cap Guest

    Idiot.....
    http://www.sand-n-sea.us/debbiesdrival.htm


    "Tracker" <"snailmail(removevalid)222000"@yahoo.com> wrote in message
    news:...
    > Remember, we're talking about Windows Platforms (excluding 2000,NT,XP)
    > and my book was written for basic home computer users only. It's has
    > seen grown into a book which will help three levels of computer Windows
    > users.
    >
    > > HACKERS SECRET WEAPONS:

    : rest of the stupid bullshit snipped :
    Cap, Oct 1, 2003
    #7
  8. On Wed, 01 Oct 2003 01:24:38 +0400, Tracker spoketh

    >Remember, we’re talking about Windows Platforms (excluding 2000,NT,XP)
    >and my book was written for basic home computer users only. It’s has
    >seen grown into a book which will help three levels of computer Windows
    >users.


    Only 15 people still uses Windows 95/98 ... and I know their names.

    >
    >> HACKERS SECRET WEAPONS:
    >>
    >> A. Hackers disable your Daylight Savings Time.

    >
    >As mentioned before, there is not a logical reason for a "hacker" to do
    >this and make themselves obvious. It poses no advantage whatsoever.
    >
    >ME: Just letting people know that on occasion, my screen would ask if I
    >wanted to change the daylight savings time. My guess is the hacker was
    >just playing games with me and my computers. What reason would anyone
    >else request this behavior but hackers.
    >


    Your computers' cmos battery might be running out of juice. Considering
    you're still running Windows95, it's not uncommon for computers that
    "old" to experience trouble with their cmos battery.

    >
    >> B. The clock on the desktop can be one hour ahead or one hour behind,
    >> on occasion.

    >
    >See A
    >
    >ME: Tracking computer time is very important if you want to track down
    >a hackers malicious activity. The same applies for your clock time
    >changing regularly on your system. You have already seen a copy of the
    >hackers firewall log and how the dates and time change from month to
    >month. Can you imagine having an IP from Seattle appear in your log
    >which was posted one month prior to today’s date. Think about it!
    >


    See above. You're the only person who believes that whacky timekeeping
    on a computer indicates that the computer is hacked.

    >
    >> C. Your Network Places Icon on the desktop disappears.

    >
    >Common Windows bug. Corrupted explorer file, faulty hardware (NIC card),
    >
    >corrupted registry. No hacker purpose. See response to A.
    >
    >ME: One day the Network Places Icon is on the desktop for a few days and
    >then it disappears for a few days. May be a week later this Icon again
    >appears for a few hours and then it disappears. We never could connect
    >this icon with any network mapping of drives. It’s just a sign to look
    >for when your computer is hacked/owned.


    Again, it has been explained to your that a disappearing Network
    Neighborhood icon could indicate that something on your computer has
    been corrupted. Normally when this occurs, a re-install of all the
    network components are warranted. If problem does not go away, a
    re-format and re-install of the OS is needed. There's absolutely no
    indications that "malicious hackers" are causing this. Other than your
    own personal "experience", you have no data to back this ridiculous
    claim up...
    >
    >> D. If using a Windows platform: when you start your computer, your
    >> original screen will pop up, but since the hackers need to boot into
    >> their Networks, or Server(s), the system will quickly re-boot and the
    >> original screen will appear twice. But your system may re-boot twice
    >> instead of once when loading Windows OEM versions.

    >
    >Can be caused by full logs and OS errors. System setting can force a
    >reboot if logs are full or if OS does not load properly. Installation of
    >wallpaper and images on the desktop can cause unusual activity at start
    >up especially if the items conflict.
    >
    >ME: This activity is something to watch for because the system would
    >also reboot on it’s own after the computer was loaded. You have to also
    >remember that we were changing between DHCP, PPP and dial-up every few
    >minutes or every few hours and the owned system was running two Virtual
    >Private Networks. Same applies to E!


    Honey, you have to give up on this VPN trip you are on. VPN adapter are
    NOT a sign that your computer is hacked! Considering how screwed up your
    computer is (see all my previous comments regarding CMOS battery and
    corrupted files), its a wonder your computer boots at all.

    >
    >> E. If your computer system occasionally re-boots on it’s own, the
    >> hacker may need to update their Networks, or Servers to make their
    >> computer system function properly.

    >
    >See D. Possible BO or Netbus installation.
    >
    >> F. If you play Yahoo Games, you may find yourself being kicked out of
    >> the board your playing in. If your winning a game and you’re the host,

    >
    >> the hacker may not let you back in to finish. This means you just lost

    >
    >> a game at the hackers expense. When the computer was hacker safe, I
    >> went back to playing games and haven’t been booted out of a game,
    >> since.

    >
    >Software error. Communication issues between your ISP and Yahoo. The
    >term "hacker safe" implies that the system had been reloaded or
    >repaired. Reloading software would replace corrupted software allowing
    >normal access.
    >
    >ME: As stated, when the system was hacked I found myself being booted
    >out of Yahoo games on occasion. After the computers hard drive was
    >formatted, applications installed from CD-ROM only, Windows services
    >disable, anti-virus and firewall installed, I wasn’t booted out of any
    >Yahoo games from that point on.


    I'm sure there's hundreds of hackers out there that has nothing better
    to do than to monitor your Yahoo gaming, and kick you out when you're
    doing good.

    You have absolutely no data substantiate this claim. There could be a
    million reasons why your game "crashes". The reason you weren't booted
    out from Yahoo after you re-installed everything wasn't because you got
    rid of the (imaginary) hacker, but because you resolve your corruption
    problem!

    >
    >> G. A browser application like Netscape, or Internet Explorer you use
    >> to filter out, or kill file certain individuals will not function
    >> indefinitely. When your computer system is compromised, you aren’t
    >> able to filter out people in your browser for more then 1-2 days. A
    >> number of computer owners whose systems have been compromised, have
    >> advised me they also had the same problem. Because hackers were using
    >> your illegally installed Servers for posting to the Internet, this is
    >> why you are unable to filter or kill file them. This information was
    >> very apparent to myself and other ferret owners whose computer were
    >> compromised.

    >
    >Corruption in the kill file database, erroneous entries in the database.
    >Email spoofing to newsgroup.
    >
    >ME: All I can fess up to is that after the computers were secured,
    >e-mail addresses in these applications and other e-mail applications
    >were able to be filtered out. Other ferret owners wouldn’t give me
    >their permission to post their e-mail addresses to verify my statement.
    >One ferret owner wasn’t even able to filter out or block certain e-mail
    >addresses in their e-mail application.


    Yeah ... the evil ferret owners really messed up my kill-file as well.

    "malicious hackers" couldn't care less who you kill-file or not. They
    rather not do anything to attract any attention to the fact that they've
    gained access to the system...

    >
    >> H. When you begin to see Usenet remarks, made on behalf of your
    >> personal life which is private information.

    >
    >There is a wealth of information available about anyone on the Internet.
    >A bit of searching can reveal very personal info. Social engineering may
    >have been used as well.
    >
    >ME: Believe me, there is a ton of information a person can discover
    >about any one who uses the Internet and posts to it. What I’ve
    >discovered on this topic is very "scary". Private information means -
    >What you type on your computer keyboard at home that "no one" in the
    >world would be able to view except you or your family. But, all of a
    >sudden you find other Internet users posting your personal adventures
    >and life experiences. This is in my book so I will discuss it here.
    >BTW- The Trackers made me write this personal information in my book and
    >the story written is a bit embarrassing. How
    >Dag & Cate (ferret owners) were discovered is because I write prisoners
    >and their letters are written on my computer. They made a Usenet post
    >about this and this is how I discovered their hacking activity.
    >
    >> I. Some of your personal files are modified years before they were
    >> created. I have seen a number of personal files modified 7-8 years
    >> before they were even created. How to accomplish this maneuver: Select

    >
    >> Start, Settings, Control Panel, Date/Time, where the year is, Select
    >> the up or down arrow and, viola. Then open up any file and Select
    >> Save. A new creation date is present.

    >
    >No logical reason for a "hacker" to change dates on files. Serves no
    >purpose unless it is to prevent shareware from expiring and normally the
    >dates on those files are moved forward not backward. Many system files
    >have old dates as the dates on the files indicate when they were
    >originally created. MS still uses files that were created years ago and
    >the dates on the files were not changed. You can verify this by
    >exploring any MS CD.
    >
    >ME: We’re only talking about "personal files", not system files as you
    >mention. My only reasoning behind this is: the hackers were reading all
    >my personal files and they didn’t want me to discover their activity.
    >All I can tell you is that many of my personal files, whether recently
    >created or older files, had creation dates which were 7-8 years prior to
    >them being written.


    See previous comment regarding CMOS battery. If the hardware clock
    fails, your system time may re-set to 1972 ...

    >
    >> J. You will find a number of files hidden/readable only, which is a
    >> common practice in the hacking world.

    >
    >Windows and other software uses hidden files. Not an indicator that a
    >"hacker" made the changes. Also possible with a corrupted FAT table.
    >
    >ME: Your correct! The hackers aren’t going to allow you to see all the
    >Folders and Files on your drive which they are utilizing to store their
    >malicious activity. The hackers hid on a number of systems their
    >directories with pornography pictures, remailer stats, zipped files, to
    >name a few. If you can’t see a hidden file "no one" knows why it’s
    >there in the first place and most basic computer users don’t understand
    >why one folder is lighter then the other. Off the top of my head I
    >can’t totally remember the significance of the readable only files which
    >were discovered. There were a number of files which needed to be put in
    >archive mode and to remove the readable only status.
    >
    >> K. When you find additional information in your boot.ini file which
    >> relate to a Virtual Private Network, this can be either software,
    >> hardware or device driver oriented.

    >
    >Installing a VPN poses no advantage to a "hacker" aside from the ability
    >to encrypt data transfers.
    >
    >ME: Believe me, I’ve physically seen more then my share of hacked/owned
    >computers running Virtual Private Network(s) (VPN). In my possession is
    >a number of victims hard drives which were owned by hackers. These
    >hackers have installed one or two VPNs on the these drives. I will
    >admit, my knowledge with VPNs is zero, but curiosity taught me a few
    >things after speaking with a Network dude. Select Start, Settings,
    >Control Panel and Network if your a basic home owner and verify if your
    >computer is running any VPN adapters. This is all you need to hear
    >about this issue, period. My words are proof enough for the basic home
    >user.


    You have no evidence substantiating your claims! I've asked over and
    over again to see any evidence or any link to any other source that
    backs up your claim that hackers installs VPN adapters! Put up or shut
    up!

    >
    >> L. Under Search for Files and Folders, perform a search on any file
    >> modified in the past month, you will see files which just don’t need
    >> to be modified, or files you don’t even recognize. For the basic
    >> computer user, you’ll want to focus on the files which you don’t
    >> recognize. Unless your a skilled professional, you won’t realize which

    >
    >> files need to be present or modified, but give it a try anyways. [To
    >> perform the above you will need to see all Hidden Files and Folders.]

    >
    >Files are updated constantly by using the OS and software on the
    >computer. Most software installations contain numerous files and a basic
    >Windows installation contains hundreds to thousands of files. It indeed
    >would be impossible for most users to recognize all of the files. This
    >exercise would not indicate any hacker activity.
    >
    >ME: When you view the files which were accessed in the past month, it
    >will reveal a wealth of applications and files you have or a hacker has
    >opened and accessed. Say for example you see:
    >c:\msoffice\excel\(filename) and you haven’t accessed Excel in two or
    >more months, this means the hackers were looking in this directory and
    >reading your personal files.


    Some applications may change the access date on files. This could be
    something as simple as a virus scanner, or even one MSOffice application
    accessing files belonging to another MSOffice application. There's
    plenty of reasonable reasons (sic) why the access time on a file has
    changed... And, there's little reason for a "malicious hacker" to access
    someone elses computer to use Excel...


    >
    >> M. Select Start, Settings, Control Panel and Network, and look at,
    >> following network components showing. If you see one AOL adapter and
    >> have never used AOL, then two AOL adapters, two TCP/IP, two Dial-Up
    >> adapters, one or two Virtual Private Network adapters, your computer
    >> could be compromised. A Virtual Private Network is widely used by
    >> hackers because it can host up to 254 users. "This applies to the
    >> basic Internet user who has one modem, one ISP and isn’t running any
    >> FTP, HTTP, NNTP, PROXY, SMTP, SOCKS, SQL, or SQUID >SERVER." My skills

    >working with VPNs is almost zero. Every victims >system I’ve seen had
    >two VPNs setup and they were only using a modem >to connect to the
    >Internet.
    >
    >AOL installs along with many applications and has been included on base
    >OS installations since early releases of Windows 95. VPN's serve no
    >useful purpose to a "hacker" beyond the ability to encrypt the data
    >transfer stream.
    >
    >ME: The above statements are for the basic computer user, not for a
    >companies or corporations benefit. My point is: if your computer is
    >accessing the Internet though a dial-up connection and you have one
    >modem, you should only see "One Dial-up Adapter and One TCP/IP Dial-up
    >Adapter" under your Network settings, period. Windows doesn’t install a
    >Virtual Private Network by default (I have not tested 2000,NT/XP). So
    >how do you think any VPN connection was set-up since Microsoft doesn’t
    >install this by default? It’s because your computer is already
    >hacked/owned by malicious hackers. DUH!


    See previous comments regarding VPNs.

    >
    >> N. Next, Select Start, Run, type Regedit, Select Registry, Select
    >> Export Registry File, in the box type a name say 4-12-02.txt and
    >> Select save. Then open this file with a text editor, and you might be
    >> shocked to find what really is installed on your computer system.
    >> Check the bottom of this file because hackers love to install an array

    >
    >> of applications including Network/Server files and device drivers.

    >
    >No need to export the registry file to view it. Registry entries are not
    >added to the "bottom" of the registry. Each registry area has a purpose
    >and contains specific information. Making all "hacker" entries at the
    >"bottom" of the file would result in applications not running properly.
    >
    >ME: When you load an application, the needed files to run this
    >application will be seen in your registry. Hardware/Application/Device
    >Driver information can be setup by hackers at the bottom of the file.
    >After viewing all "hidden" Folders and Files, what I did was
    >"incorporate" one registry entry at a time. You could see a major
    >difference. Each time you save the registry file it will create a file
    >called RB000.CAB and so forth, depending on how many copies that you
    >have saved. If you perform the backup when the hackers are abusing your
    >system, you might only see 30 lines of text in the registry, the next
    >time 100 lines, and so on. This is a clear sign that your computer is
    >compromised.
    >


    The registry is a hierarchy, you can't just "add stuff at the bottom".
    If you had ever taken a good look at the registry, you should be able to
    figure this out. I've provided the bottom few lines of my registry to
    you before, and you still haven't told me if I'm hacked or not ...

    >
    >> O. You will have to turn your computer off by the power supply on a
    >> regular basis.

    >
    >I assume this means you are unable to select shutdown from the start
    >menu. This was a common bug in 95 and 98 on some manufacturers computer.
    >Patches were released to repair this bug.
    >
    >ME: Had to laugh at your remarks, but it’s cool. One of the main
    >reasons the computer had to be shut down by the power supply was because
    >of switching from DHCP, PPP, dial-up on a regular basis. Most basic
    >computer users wouldn’t be running three different Internet Service
    >Providers along with Cable. Even utilizing DHCP and dial-up also caused
    >the system to hang and I wasn’t able to shutdown by any means except the
    >power supply. Not being able to shut down your system on a regular
    >basis is one clear sign your computer is hacked/owned, trust me.


    That's because your system is messed up, not because it's hacked. My
    computer won't reboot (it'll shut down windows, but won't actually shut
    off or restart), but that doesn't mean I'm hacked. It means something
    got messed up really bad when I had a really bad crash... Don't blame
    your incompetence and messed up system on hackers...

    >
    >> P. Installing a Network Interface Card will cause problems until the
    >> hackers configure this device into their Servers or Virtual Private
    >> Network they setup on your computer.

    >
    >Removing and re-installing a NIC should include deletion of the drivers
    >and ensuring that the old card is not still bound to any protocols.
    >Installing a new NIC would require configuring the OS to recognize the
    >NIC and bind protocols and services to it.
    >
    >ME: This is correct! In the case of my hacked computers, two different
    >Network Interface Cards were installed on a number of occasions. If an
    >individual configures a NIC properly, there should be no problems after
    >the fact. I can’t remember off the top of my head all the problems we
    >ran into, but there were significant enough problems to mention this in
    >my book.
    >


    There's a number of reasons why installing NICs may screw things up;
    none of them have to do with "hackers needing to configure the device
    into their VPN". It's all about properly removed and installed drivers.

    >
    >> Q. You find your CD-ROM drive opens and closes without your
    >> permission.

    >
    >Possibly and indicator of Netbus and/or Back Orifice installation.
    >Potential "hacker" activity. Can also be caused by a defective drive.
    >
    >> R. You could hear an annoying beep coming from your system speakers.

    >
    >Possible system alert or Netbus/BO trojan installation.
    >
    >> S. Your windows screen goes horizontal or vertical.

    >
    >Bad video card, loose video connections, BO installation
    >
    >> T. The screen saver picture changes without your permission.

    >
    >Registry corruption.
    >
    >> V. All of a sudden, your speakers decide to play you some music.

    >
    >CD set to Autoplay or BO installation. Application running in
    >background.
    >
    >ME: Q-T and V deals with having a Trojan Horse on your computer and some
    >of the tricks these Trojan Horses can play on you.


    Trojan Horses doesn't "play tricks on you." They simply wait for
    instructions from someone else. Sudden "music" or sounds could be junk
    from a web page...

    >
    >> U. On occasion your mouse is out of your control or has an imagination

    >
    >> of it’s own. But this could also be caused by a corrupt mouse driver.

    >
    >Correct about the mouse driver. Can also be caused by lint/ dirt build
    >up o the mouse rollers or on the optical sensor as well as by a
    >defective mouse.
    >
    >ME: If you find you have updated the mouse drive, cleaned the lint/dirt
    >build-up, but your mouse still has an imagination of it’s own, your next
    >best bet is your computer is hacked/owned. Do your own research in
    >Google/Yahoo concerning the questions people ask about mouse control.
    >Just remember, "most" Windows users don’t realize they need to disable
    >Windows services before they stick their computer on the Internet. By
    >that time, a malicious hacker has probably already infected their
    >system. Deal with it, learn my ways or stay the victim; it’s your
    >choice.


    Actually, if the mouse is still "whacky", either the mouse, the cable or
    the driver are shot. The fact that you installed a new "driver" doesn't
    mean it's the right one, or that it'll resolve the problem.

    >
    >> W. Installing a hardware/software firewall for the first time can
    >> cause a number of different problems for you to setup and configure.
    >> Considering you didn’t have these installed from the beginning of your

    >
    >> computer going on the Internet.

    >
    >?? Makes no sense
    >
    >ME: When your computer goes on the Internet for the first time and you
    >haven’t installed a hardware or software firewall, expect to spend extra
    >time trying to get them to function properly and configure them. By
    >this time, the hackers have probably already installed their Virtual
    >Private Network(s) and they have to make the new hardware and software
    >function with their settings in their VPN(s). You will find at this
    >point that your computer will re-boot itself from time to time. Hackers
    >aren’t all that smart and they do make their own mistakes when they try
    >to configure hardware and software to function with their VPN(s).
    >HA-HA!


    See numerous comments regarding VPNs ... You are right about one thing
    though: It is a good idea to install a firewall before going on the
    internet. Unfortunately, this is often a catch-22, as you may have to go
    to a website to download the firewall.

    >
    >> X. Your firewall logs show alerts at 12:00 then 11:22 then 12:16 and
    >> back to 11:59.

    >
    >Sort log by time and not even type, port, etc.
    >
    >ME: Zone Alarm and Blackice Defender report alerts by date and time in
    >order if your system isn’t hacked or owned. If your Windows Platform
    >system is hacked or owned the hackers are abusing it to hack into other
    >computers, networks and servers. Other criminals are also using your
    >computers for their illegal activity, whether it be to set-up a murder,
    >purchase drugs, guns, explosives or identity theft. So they have to
    >change their date and time so their "tracking activity will be harder to
    >track down".
    >


    See numerous comments regarding failing CMOS battery.

    >
    >> Y. If using a dial-up/cable/dsl connection you see a number of pings,
    >> port 0, to your computer. The reason is so that the hackers can see if

    >
    >> your computer is online. A system needs to be online for the hackers
    >> to access these Networks and Servers. What the hackers actually do is
    >> port scan your Internet Service Provider Block of IP addresses and
    >> find your computer either with file sharing enabled or a
    >>Backdoor/Trojan present.

    >
    >Possible OS fingerprinting attempt although crude and ineffective. As
    >port 0 is reserved for special use as stated in RFC 1700. Coupled with
    >the fact that this port number is reassigned by the OS, no traffic
    >should flow over the internet use this port. Pings and port scans are
    >two separate items. Many services on the internet, including your ISP,
    >will ping your system to ensure your system is still online. If you
    >system is properly secured, port scans, at worst will result in a DOS
    >attack.
    >
    >ME: For one, if your Internet Service Provider (ISP) pings your
    >computer, the IP addresses would be similar in nature. For example: my
    >IP address is 207.14.155.12, if your ISP pings your computer, their IP
    >address would be like 207.14.0.0. Your firewall log pings wouldn’t come
    >from say 12.144.15.5, 155.19.133.10, 66.19.24.87, 12.231.57.197,
    >203.122.19.74, 12.231.62.18, 64.110.82.252, 24.24.17.103. My examples
    >deal with a hacker coming in using a Trojan Horse versus a Backdoor.
    >When a Backdoor is installed, certain hackers don’t necessarily need to
    >ping your system because once it’s online the Backdoor alerts the hacker
    >that the system is online. Hell, here is an excerpt from my book which
    >was one way we caught NCF, a ferret owner who was discovering what was
    >on our hard drives. Notice the change of the computer IP addresses and
    >ask yourself how a computer can go from having a 38.x address to 168.x
    >address. An individuals firewall log tells so many stories, but only if
    >you know how to read and understand them. If your on a Windows Platform
    >(minus 2000,NT,XP) and you didn’t disable certain services then
    >installing a firewall isn’t going to keep your computer hacker secure.
    >BTW- The only Newsgroup I had visited for years was alt.pets.ferrets and
    >NCF was the only user using Suite224.
    >
    >FWIN 5/25/2000 11:46:40 AM -8:00 GMT 208.131.247.203
    >247-203.suite224.net 0 38.28.67.34 0 ICMP No
    >FWIN 5/25/2000 11:46:40 AM -8:00 GMT 208.131.247.203
    >247-203.suite224.net 0 38.28.67.34 0 ICMP No
    >FWIN 5/25/2000 11:56:48 AM -8:00 GMT 208.131.247.203
    >247-203.suite224.net 2037 38.28.67.34 79 TCP No
    >FWIN 5/27/2000 11:09:10 PM -8:00 GMT 208.131.247.221
    >247-221.suite224.net 0 0 ICMP No
    >FWIN 5/27/2000 11:09:10 PM -8:00 GMT 208.131.247.221
    >247-221.suite224.net 0 0 ICMP No
    >FWIN 5/30/2000 10:46:32 AM -8:00 GMT 208.131.247.101
    >247-101.suite224.net 0 0 ICMP No
    >FWIN 7/3/2000 11:22:56 PM -8:00 GMT 208.131.247.56 247-56.suite224.net 0
    >168.191.230.174 0 ICMP No
    >FWIN 7/3/2000 11:22:56 PM -8:00 GMT 208.131.247.56 247-56.suite224.net 0
    >168.191.230.174 0 ICMP No


    Geez, so you got pinged! No big deal. There's millions of pings floating
    around there, and by themselves, they're pretty harmless.

    >
    >> Z. If someone is port scanning your system, in your firewall logs the
    >> port assignment aren’t in any type of order. You might see a probe at
    >> port 1,10,9,8,6,12,6,43 etc.

    >
    >Most port scanning software will randomize the order the ports are
    >scanned. A skilled "hacker" will not scan all ports since there are not
    >services running on all ports nor are there potential vulnerabilities
    >associated with all ports.
    >
    >ME: Port scanning applications normally will randomly scan port numbers
    >in order. In a few of the sample firewall logs shown in my book you
    >will see port numbers not in any random order. "The Trackers" weren’t
    >able to figure out why a hacker would scan port number
    >1,10,9,8,6,12,6,43, versus having them scanned in a random order. Basic
    >computer users, take a closer look at your firewall logs and see if you
    >also have port numbers being scanned as shown above.


    Irrelevant. The order the ports are probed has absolutely no relevance
    whatsoever. It doesn't make a system more or less secure, it doesn't
    make it more difficult to detect the scan; it's just more meaningless
    drivel from you...

    >
    >> AA. When you find you have to set Zone Alarm firewall on medium
    >> instead of high settings.

    >
    >IF ZA is misconfigured, some applications may be unable to communicate
    >and access to external systems (the internet) may not be possible.
    >Indicative of poor configuration and not "hacker" activity.
    >
    >ME: The only applications which were running at the time was Netscape
    >4.7, Nortons anti-virus and Eudora 5.1 when Zone Alarm had to be tamed
    >down to a "medium setting" for these applications to run. The only
    >exception may have been because we were also running Blackice Defender
    >simultaneously.
    >


    Still, that is not an indication that your computer were hacked, rather
    it indicative of your failure to understand how your firewall works.

    >
    >> BB. Once you can view all Files and Folders search for files named
    >> spool*.*.

    >
    >Spooler files are used by the system. Not sure what other use you
    >believe they have.
    >
    >ME: All I can say is that a file spool*.* was accessed on a regular
    >basis and it appeared on a weekly search of files accessed.
    >


    Did you print anything during this time period?

    >> CC. You may find another installed version of your software firewall
    >> application on your hard drive. You will need to Show all Hidden Files

    >
    >> and Folders under your Settings, Control Panel, Folder Option and
    >> View, if using a Windows Platform (excluding 2000,NT and XP).

    >
    >Illogical for a hacker to install a firewall that would eliminate or
    >limit access to your system. Possible indicator of improper installation
    >or a cross linked directory structure.
    >
    >ME: The additional Blackice firewall proved to me that it was probably
    >connected to the Virtual Private Network(s). Blackice firewall on my
    >computer proved that one firewall was mine and another belonged to a
    >hacker. A few of the logs had other computer IP addresses which weren’t
    >owned by me.
    >


    More unsubstantiated claims regarding VPNs ...

    >
    >> DD. When you see too many, Pings - port 0, HTTP/Proxy - port 80, 8080,

    >
    >> 3128, SMTP - port 25, FTP - port 21, NNTP - port 119 port probes. Your

    >
    >> computer is probably running an illegal "VPN server"; " web server";
    >> "proxy"; "mail and news"; "ftp"; which hackers are attempting to
    >> access for their own personal use.

    >
    >It is not "illegal" to run any of the servers mentioned above. The above
    >demonstrates a lack of understanding of the difference between a ping
    >and a port scan at best. It is not an uncommon occurrence to have
    >multiple ports scanned by multiple sources. Cure is to install an
    >properly configure a
    >firewall to block these scans.
    >
    >ME: There was no mention of running these servers and them being
    >illegal, which wasn’t my point. It was confirmed that my computer was
    >running one of them "anonymous remailers", but for legal purposes, most
    >of this information had to be removed from my book. From all the
    >evidence in my possession, there is no doubt in my mind that malicious
    >hackers install and set-up the above listed servers on innocent victims
    >computers. Once the computers were hacker secured, very few port scans
    >appeared in the firewall logs from the above listed port numbers.


    The fact that you may see such connection attempts in the logs are in no
    way indicative that you are running any such servers. It's fairly normal
    to get scans for web servers (code red and nimda are still very active)
    and mail servers (spammers are always looking for open relays).

    Repeat after me: a probe does not mean a server is running, it means
    someone are testing if your running one.

    >
    >> EE. If you don’t see your computer node/source IP address on a
    >> consistent basis to the right side of your firewall log, your system
    >> is compromised. (See the firewall logs below.) The hackers are
    >> entering through your system to attack other "Networks, or Servers and

    >
    >> Systems", so their identity can’t be traced.

    >
    >Missing firewall log so interpreation is difficult. Firewall logs may
    >indicate your local machine as 0.0.0.0, 127.0.0.1 as well as by the IP
    >address. A properly configured firewall would not permit entry to allow
    >"hackers" to use your system to attack others.
    >
    >ME: EE is only a partial excerpt from my book which is helping computer
    >users learn about Computers, the Internet and Hacking. Many basic
    >computer users don’t install a firewall until after their computer is
    >hacked and owned. By this time, installing a firewall is useless,
    >period. You were already informed that my computer was running Zone
    >Alarm and Blackice Defender; what good did these do for me, nothing.
    >Every computer on the Internet is assigned and IP address and this
    >address will appear on the right side of your firewall log. If your ISP
    >IP bank of numbers is, let’s say 12.231.xx.xx, then your IP address
    >listed in your firewall log would be 12.231.xx.xx. If your computer is
    >hacked or owned you may see that your IP address to the right of your
    >log is say, 155.16.222.134 or 64.12.133.22. If you need a more
    >technical answer, visit the below Website.
    >http://hackingtruths.box.sk


    That gives me a DNS error. The rest of this section is erroneous as
    well.

    >
    >> FF. When you perform a traceroute on an IP address and you lose your
    >> node/source IP address, ISP routers IP, or when you don’t see your
    >> node/source IP address at all.

    >
    >As stated above, a firewall may identify your machine in the logs in a
    >number of ways.
    >
    >ME: A firewall has nothing to do with performing a traceroute on an
    >IP. I had many interesting talks with security and network techs and
    >they were very interested in seeing these traceroutes. In the first
    >example, you can see that my IP address is 12.231.38.174 and my ISP
    >routers used to target 64.154.60.81. In the second example, my computer
    >doesn’t even exist at all and neither are there any routers to pass
    >through to get to the target IP. In the third example, my computer does
    >exist, but none of my ISP routers are present to get to the target IP.
    >


    Oh no, my IP address never shows up when I do traceroutes... I must be
    hacked!

    This is what a traceroute should look like:
    traceroute to 4.2.2.1 (4.2.2.1), 30 hops max, 38 byte packets
    1 firewall (192.168.0.1) 0.83 ms 0.78 ms 0.72 ms
    2 10.209.136.1 (10.209.136.1) 9.64 ms 9.68 ms 9.45 ms
    3 ...attbb.net (24.128.190.201) 9.43 ms 20.31 ms 8.10 ms
    4 24.147.0.217 (24.147.0.217) 8.75 ms 9.14 ms 10.39 ms

    It shows the LAN address of my firewall, but not the address of my
    computer, nor does it show the WAN address of my firewall; and that's
    the way its supposed to be. It doesn't mean you're hacked...

    >
    >
    >The Best Kept Secrets of Backdoors, Cracking, Firewalls, Hacking,
    >Proxies, The Internet, Trojan Horses, Virtual Private Networks, Virus,
    >Windows and different types of Servers can be found at:
    >http://geocities.com/secure20032220000/
    >
    >Tracker
    >


    Debbie, I'm not saying your computer wasn't hacked, only that 99% of the
    "signs of a hacked computers" that you're spewing here are wrong.

    Lars M. Hansen
    www.hansenonline.net
    Lars M. Hansen, Oct 1, 2003
    #8
  9. Tracker Spilled my beer when they jumped on the table and proclaimed
    in <>:
    <snip>


    From someone that found the right words:

    GENERAL COMPUTER HEALTH WARNING
    -------------------------------

    Any advice from a poster using the word 'tracker' may contain
    dangerous nonsense and should be immediately deleted from your
    computer.

    Do NOT contact this person by email

    Do NOT feed the Trolls, one warning is enough, further messages
    only reinforce the desire for attention that provides motivation.

    Visit the fan club at:
    http://www.sand-n-sea.us/debbiesdrival.htm
    Thund3rstruck, Oct 1, 2003
    #9
  10. Murray Cooper

    Tim H. Guest

    "Tracker" <"snailmail(removevalid)222000"@yahoo.com> wrote in message
    news:...
    >

    <Snip Junk>

    > > D. If using a Windows platform: when you start your computer, your
    > > original screen will pop up, but since the hackers need to boot into
    > > their Networks, or Server(s), the system will quickly re-boot and the
    > > original screen will appear twice. But your system may re-boot twice
    > > instead of once when loading Windows OEM versions.

    >
    > Can be caused by full logs and OS errors. System setting can force a
    > reboot if logs are full or if OS does not load properly. Installation of
    > wallpaper and images on the desktop can cause unusual activity at start
    > up especially if the items conflict.
    >
    > ME: This activity is something to watch for because the system would
    > also reboot on it's own after the computer was loaded. You have to also
    > remember that we were changing between DHCP, PPP and dial-up every few
    > minutes or every few hours and the owned system was running two Virtual
    > Private Networks. Same applies to E!


    I don't understand how you "switch" between DHCP, PPP and Dial-Up every few
    minutes? That's like saying I switch between driving, the trunk and the
    wheels every few minutes. This is all so funny it makes me feel sorry for
    you....it'll be #1 on book lists....under "Comedy."

    -Tim

    >
    > Tracker
    >
    >
    Tim H., Oct 1, 2003
    #10
  11. Murray Cooper

    W. Blevins Guest

    On Wed, 01 Oct 2003 11:01:50 +0400, Tracker
    <"snailmail(removevalid)222000"@yahoo.com> wrote:

    >The book was written in English, but I've talked to companies who may produce
    >my E-book in other languages.



    Languages such as Bullshitese....
    W. Blevins, Oct 1, 2003
    #11
  12. Murray Cooper

    W. Blevins Guest

    On Wed, 01 Oct 2003 11:13:53 +0400, Tracker
    <"snailmail(removevalid)222000"@yahoo.com> wrote:

    >One day people will take us serious


    At which time you will be undoubtedly be prescribed the appropriate
    medications for your dementia.
    W. Blevins, Oct 1, 2003
    #12
  13. Murray Cooper

    Heather Guest

    "Tracker" <"snailmail(removevalid)222000"@yahoo.com> wrote in message
    news:...
    >
    >
    > Murray Cooper wrote:
    >
    > > Tracker wrote:

    It's has
    > > > seen grown into a book which will help three levels of computer

    Windows users.
    > >
    > > "It's has seen grown..."? Was this book originally
    > > written and published in a language other than English?

    >
    > The book was written in English, but I've talked to companies who may

    produce
    > my E-book in other languages.


    Tracker shouldn't drink.......or should I say "beef's old lady' (gawd,
    that gives me such a horrible visual!!)

    Tracker can't spell or speak english properly......which was the point
    of the above email.......and which went over your pointy little head!!

    Give it a rest, ditzbrain!!
    Heather, Oct 1, 2003
    #13
  14. Murray Cooper

    The Saint Guest

    Tracker wrote:

    >I write prisoners


    This explains a lot. BTW, how long is Beef in for?

    >DUH!


    Your new signature? Fits you perfectly.
    The Saint, Oct 1, 2003
    #14
  15. Murray Cooper

    Tracker Guest

    Murray Cooper wrote:

    > Tracker wrote:
    >
    > > Remember, we’re talking about Windows Platforms (excluding 2000,NT,XP)
    > > and my book was written for basic home computer users only. It’s has
    > > seen grown into a book which will help three levels of computer Windows
    > > users.

    >
    > "It's has seen grown..."? Was this book originally
    > written and published in a language other than English?


    The book was written in English, but I've talked to companies who may produce
    my E-book in other languages.

    The Best Kept Secrets of Backdoors, Cracking, Firewalls, Hacking, Proxies,
    The Internet, Trojan Horses, Virtual Private Networks, Virus, Windows and
    different types of Servers can be found at:
    http://geocities.com/secure20032220000/
    I’m going to make an effort to participate and support the members of these
    groups in the future.

    Tracker who isnt in a good mood
    Tracker, Oct 1, 2003
    #15
  16. Murray Cooper

    Tim H. Guest

    "Tracker" <"snailmail(removevalid)222000"@yahoo.com> wrote in message
    news:...
    >
    >
    > Mike wrote:
    >
    > > "Tracker" <"snailmail(removevalid)222000"@yahoo.com> wrote in message
    > > news:...
    > > > Remember, we're talking about Windows Platforms (excluding 2000,NT,XP)

    > >
    > > Remember also that most users are using the very versions of the

    operating
    > > system you choose to ignore. Also remember that there are less security
    > > problems with Windows 9x and more with 2000 & XP and this makes your

    book
    > > worth even less.

    >
    > You don't want to be constructive and help other computer users then don't
    > waste all of our time.
    >


    Hey, speak for yourself. He makes a valid point. It seems as though if no
    one agrees with your "expert knowledge" then they're wrong. Kudos to the
    reviewer who took a break after a long laugh to actually reply to it! I'm
    waiting for someone to come along and get it through your thick skull that
    you're WRONG. Say it with me, "WRONG." On the other hand, if you want to
    prove your points, show evidence. Better yet, show me a person with industry
    credentials that agrees with you.

    Thousands of pages of kindling....

    >
    > Tracker
    >
    Tim H., Oct 1, 2003
    #16
  17. Murray Cooper

    Tracker Guest

    Mike wrote:

    > "Tracker" <"snailmail(removevalid)222000"@yahoo.com> wrote in message
    > news:...
    > > Remember, we're talking about Windows Platforms (excluding 2000,NT,XP)

    >
    > Remember also that most users are using the very versions of the operating
    > system you choose to ignore. Also remember that there are less security
    > problems with Windows 9x and more with 2000 & XP and this makes your book
    > worth even less.


    You don't want to be constructive and help other computer users then don't
    waste all of our time.

    > It is pointless to ramble on about VPNs in Windows 9x dial
    > up networking etc. when the vast majority of users with new computers will
    > be using XP. Your out of date advice will only serve to further muddy the
    > waters for the new user you claim to be helping.


    In my possession are 80,000+ computer victims running less then XP, 2000 and
    NT. Yes, 80+000! This information is in a very safe place. The information
    in my book will help millions of computer users, but the "Gold" is what we
    discovered on many hard drives. Do you think a Courthouse, a University,
    Boeing, a Hospital and so many other "Corporations" want the world to know
    their computers are hackable to the WORLD.

    > > and my book was written for basic home computer users only. It's has
    > > seen grown into a book which will help three levels of computer Windows
    > > users.

    >
    > What three levels? Dumb, Dumber and The Trackers?
    >


    The basic computer home user, the people who do know something about Computers,
    The Internet and Hackers and Bikers.

    >
    > >remember that we were changing between DHCP, PPP and dial-up every few

    >
    > Hilarious! Do you even know what these terms mean? Please explain how you
    > might use DHCP to connect to the Internet or how you might establish the
    > same connection without PPP? A proper explanation in your own words might
    > just give you some credence around here.


    DHCP was used on AT&T Cable, PPP= had a bit to drink to discuss this. Cable
    and DSL connections don't need a phone line to connect to an ISP, since your
    always connected. While our modems were connected, we changed settings in
    winipcfg and used the dial-up ISP address, but we were still online with Cable
    and DSL. Can't say too much more since alcohol makes ones mind wonder. During
    this time, we witnessed hackers saying "what happened to the Server". HA-HA!
    Don't ask.
    One day people will take us serious and we can't wait.

    The Best Kept Secrets of Backdoors, Cracking, Firewalls, Hacking, Proxies, The
    Internet, Trojan Horses, Virtual Private Networks, Virus, Windows and different
    types of Servers can be found at:
    http://geocities.com/secure20032220000/

    Tracker
    Tracker, Oct 1, 2003
    #17
  18. -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    On Wed, 01 Oct 2003 11:13:53 +0400, Tracker wrote in
    post:
    >Mike wrote:
    >
    >>"Tracker" <"snailmail(removevalid)222000"@yahoo.com>
    >>wrote in message
    >>>and my book was written for basic home computer
    >>>users only. It's has seen grown into a book which
    >>>will help three levels of computer Windows users.

    >>
    >>What three levels? Dumb, Dumber and The Trackers?

    >
    >The basic computer home user, the people who do know
    >something about Computers, The Internet and Hackers
    >and Bikers.


    (Bikers???)

    So who knows more about Windows? Harley or Honda
    owners?

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.0.2
    Comment: Because I *can* be.

    iQA/AwUBP3qOjaRseRzHUwOaEQJZLwCgvjZq/y7l1RwcawlKaLuZF56U/msAoO18
    0wrQm5t/XFxFta2Yk2Q0p0rD
    =hFaE
    -----END PGP SIGNATURE-----

    --
    Laura Fredericks
    PGP key ID - DH/DSS 2048/1024: 0xC753039A

    http://www.queenofcyberspace.com/usenet/

    Remove CLOTHES to reply.
    Laura Fredericks, Oct 1, 2003
    #18
  19. Murray Cooper

    CyberDroog Guest

    On Wed, 01 Oct 2003 11:13:53 +0400, Tracker
    <"snailmail(removevalid)222000"@yahoo.com> wrote:

    >In my possession are 80,000+ computer victims running less then XP, 2000 and


    I hadn't heard about the disappearance of 80,000+ computer users. You'd
    think the media would pick up on something like that.



    ---
    LOW-BRED, adj. "Raised" instead of brought up.

    - Ambrose Bierce
    CyberDroog, Oct 1, 2003
    #19
  20. Murray Cooper

    Mike Guest

    "Tracker" <"snailmail(removevalid)222000"@yahoo.com> wrote in message
    news:...
    >
    >
    > Mike wrote:
    >
    > > "Tracker" <"snailmail(removevalid)222000"@yahoo.com> wrote in message
    > > news:...
    > > > Remember, we're talking about Windows Platforms (excluding 2000,NT,XP)

    > >
    > > Remember also that most users are using the very versions of the

    operating
    > > system you choose to ignore. Also remember that there are less security
    > > problems with Windows 9x and more with 2000 & XP and this makes your

    book
    > > worth even less.

    >
    > You don't want to be constructive and help other computer users then don't
    > waste all of our time.


    So pointing out that you constantly refer to an operating system that is
    considered end of life is not constructive?
    What sort of feedback would you like?

    >
    > > It is pointless to ramble on about VPNs in Windows 9x dial
    > > up networking etc. when the vast majority of users with new computers

    will
    > > be using XP. Your out of date advice will only serve to further muddy

    the
    > > waters for the new user you claim to be helping.

    >
    > In my possession are 80,000+ computer victims running less then XP, 2000

    and
    > NT. Yes, 80+000! This information is in a very safe place. The

    information
    > in my book will help millions of computer users, but the "Gold" is what we
    > discovered on many hard drives. Do you think a Courthouse, a University,
    > Boeing, a Hospital and so many other "Corporations" want the world to know
    > their computers are hackable to the WORLD.


    I seriously doubt that any of those organisations would be running antique
    operating systems in any great number if at all.

    >
    > > > and my book was written for basic home computer users only. It's has
    > > > seen grown into a book which will help three levels of computer

    Windows
    > > > users.

    > >
    > > What three levels? Dumb, Dumber and The Trackers?
    > >

    >
    > The basic computer home user, the people who do know something about

    Computers,
    > The Internet and Hackers and Bikers.

    Thats four types. Maths not your strong point either?

    >
    > >
    > > >remember that we were changing between DHCP, PPP and dial-up every few

    > >
    > > Hilarious! Do you even know what these terms mean? Please explain how

    you
    > > might use DHCP to connect to the Internet or how you might establish the
    > > same connection without PPP? A proper explanation in your own words

    might
    > > just give you some credence around here.

    >
    > DHCP was used on AT&T Cable, PPP= had a bit to drink to discuss this.

    Cable
    > and DSL connections don't need a phone line to connect to an ISP, since

    your
    > always connected. While our modems were connected, we changed settings in


    Correction, DSL (Or at least ADSL) operates over your existing copper
    telephone cable.

    > winipcfg and used the dial-up ISP address, but we were still online with

    Cable
    > and DSL. Can't say too much more since alcohol makes ones mind wonder.

    During

    So you were dialled in, connected via Cable and also hooked in via DSL. No
    wonder your connection, IP address and firewall logs look weird!

    > this time, we witnessed hackers saying "what happened to the Server".

    HA-HA!
    > Don't ask.


    > One day people will take us serious and we can't wait.


    Somebody send out for a long stand please.
    Mike, Oct 1, 2003
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. tracker

    The Trackers First Review Response

    tracker, Sep 21, 2003, in forum: Computer Security
    Replies:
    31
    Views:
    1,194
    Dave Thornburgh
    Oct 10, 2003
  2. splatter

    USENET WARNING ABOUT TRACKERS/ TRACKER / DEBBIE

    splatter, Sep 23, 2003, in forum: Computer Security
    Replies:
    13
    Views:
    849
    lazimodo
    Sep 29, 2003
  3. Lord Shaolin
    Replies:
    4
    Views:
    378
    Bill Sanderson
    Oct 27, 2003
  4. Mimic
    Replies:
    8
    Views:
    511
    Mimic
    Jan 20, 2004
  5. LilAbner

    Trackers

    LilAbner, Jul 11, 2011, in forum: Computer Information
    Replies:
    0
    Views:
    602
    LilAbner
    Jul 11, 2011
Loading...

Share This Page