I just booted up my machine without Knoppix for one of the very few times in the last several months, and I noticed that the startup was a little strange.
It turns out that on October 4th at 00:57am, I was editing some MS-Word documents, which forced me to boot Win2K instead of Knoppix. Apparently I forgot to unplug the ethernet cable from my machine when I booted up Win2K. During the time while I was typing merrily away, some bastard in my apartment building installed a backdoor in my machine, including a keystroke logger in addition to a remote-control program.
The one thing that saves me much grief is that I know I haven’t done any banking or stock-trading from Windows in the last several weeks, due to my apartment building’s IP address being blocked by half the known universe thanks to some hacker on the network here. And even if I had been doing banking or trading, I would have been doing it from Morphix, and so I would have been safe from the bastard’s keystroke logger.
I’m pissed. :fume: I would like to get my landlady to help me go door to door and search for the offender, whereupon I would dump a bottle of Coke (NOT the Diet kind!) into his machine while the power was on.
Let this be a lesson to you. KNOPPIX IS YOUR FRIEND.
Weren’t you running any kind of firewall? Seems like a good one would have blocked the programs attempts to transmit data (assuming that he would have been able to install it in the first place). Or is this because of the network in your building? If it was the building’s network, it seems like permission setting would have been amiss on 2000 (though my network security skills are pretty weak, just curious.)
Normally I don’t leave my machine plugged into the network when I boot Win2K. I use Morphix whenever I browse the web. It was late, I was drunk, the kids distracted me, there was a typhoon, I dunno – I just forgot to unplug that one time. My bad. It shows just how fast it can happen, though. Given the files I was working on, I was not doing anything other than running MS-Word that night.
I already know what IP address was used to infect my machine. The idiot left a file behind with it specified.
The whole apartment complex is behind the NAT router that the landlord uses to share a single DSL connection to the entire building. This would probably be enough to stop outsiders. Unfortunately, this was an inside-the-building job.
It’s no wonder Yahoo and a lot of other sites are now blocking my apartment building’s IP address or IP range.
[quote=“MaPoSquid”]I just booted up my machine without Knoppix for one of the very few times in the last several months, and I noticed that the startup was a little strange.
It turns out that on October 4th at 00:57am, I was editing some MS-Word documents, which forced me to boot Win2K instead of Knoppix. Apparently I forgot to unplug the ethernet cable from my machine when I booted up Win2K. During the time while I was typing merrily away, some bastard in my apartment building installed a backdoor in my machine, including a keystroke logger in addition to a remote-control program.
The one thing that saves me much grief is that I know I haven’t done any banking or stock-trading from Windows in the last several weeks, due to my apartment building’s IP address being blocked by half the known universe thanks to some hacker on the network here. And even if I had been doing banking or trading, I would have been doing it from Morphix, and so I would have been safe from the bastard’s keystroke logger.
I’m pissed. :fume: I would like to get my landlady to help me go door to door and search for the offender, whereupon I would dump a bottle of Coke (NOT the Diet kind!) into his machine while the power was on.
Let this be a lesson to you. KNOPPIX IS YOUR FRIEND.
If you’ve got to run Windows on rare occasions to edit a Word document, you might want to permanently disable its ability to connect to the Internet. I’m not really sure what the best way to do that is since I haven’t used Windows in five years, but anyway, I’m sure you can kill its networking capabilities somehow - just delete the damn Internet daemon, whatever it’s called.
Does somebody else here have any advice about killing a Windows network?
[quote=“robert_storey”]If you’ve got to run Windows on rare occasions to edit a Word document, you might want to permanently disable its ability to connect to the Internet.
Does somebody else here have any advice about killing a Windows network?
regards,
Robert[/quote]
Good point. Removing the network drivers, TCP/IP, or any number of things would produce the desired effect. It must be easy to do, since so many people have trouble getting it (the Internet) to work.
In Win2K, look for the Services in Control Panel. Disable all those services that are open to the Internet.
Personally, I feel the easiest way would be just to install a free SW firewall like Zone Alarm or Sygate… for those times when you forget to unplug the cat5 cable
I dunno about 2000, but in XP U can click on the network connections, and disable your network card…that should effectively stop any activity on your network card while in Windows.