[gauli]

this is probably not the place to ask this, but i could't fine any forum related to my problem


well, i come home today from school and find out that someone has hacked to my computer and has changed my main windows login..and now i have every damn thing i had in the computer locked... anyone know what are the chances of someone like me getting their logging and password back... i have all school work in the computer

any help would be extremely(!) appreciated... thanks

[Gort]

Damn, Beavis.

home? what - in a dorm?

If that's the case then dammit. ALWAYS lock your box down with your own authentication - especially in places where others are bound to lurk.

Now if this is a home issue, then I will assume you're on dsl or cable without firewall. Do yourself a favor: go buy a router! Routers are the most secure way of protecting any box on your network without using a firewall (unless you do your own domain hosting and require an open port, then you need a firewall)

First fix:
Try logging in as Administrator; if it's the first time as an Admin login, put in a password of your choosing. If that doesn't work try password 1234 or 1qw2as. If that doesn't work then your on the road to f**ked.

Last Resort (before calling an expensive help desk dude):
yank the drive out, put it in another machine as a secondary device, pull your data (burn to disc); wipe the drive and start over.
_________________
- Tom Carter

"You can't stop the waves but you can learn to surf" - Jack Kornfield

[cheney]

I do information security for the military so please take the following steps for the future:

1) If you are using a broadband connection go buy a dsl/cable router. This will make hacking your computer nearly impossible for idiot script kiddies.

2) Install a firewall. Close incoming traffic to all ports you do not vitally need. Close all out going ports that you do not regularly use.

3) Create a second administrator account. Rename the original guest and admin acounts and lock them down so that they have no rights or powers. Rename the second administrator account to "Administrator" and make it a standard user with a high level password.

4) All passwords can be broken on a long enough timeline. The point is to make this timeline as long as possible. Change the password settings so that you system will stall for 60 seconds after three consecutive login failures. This will prevent a brute force attack against your passwords.

5) Your password should be an absolute minimum of 8 characters for standard systems. If you have any sort of secure information you consider secritive then your password should be a minimum of 12 characters. You should passwords once ever 180-270 days and enforce password history.

6) Your passwords should be alpha-numberic with at least one capital letter or special character, and at least three of the characters should be numbers if the rest are letters. There should be no words that are found in a dictionary in your password.

7) Use a spy-ware detection AND trojan detection software regularly. Keep the definitions in these software packages currect every time you use them. Use both of these atleast twice a month.

Use an anti-virus software. This is not any way vital unless your system is connected on a LAN, or unless you are a fucking idiot who continually gets virus infections. I don't use anti-virus software because I don't open email attachments from strangers and I don't download shitty freeware software I don't need such as hacker tools.

9) If you ever gave a rats ass about any of your data then you would have stored it on a different physical volume from your OS and software. You would also back up your data onto dvd or magnetic cassets atleast once every 180 days. If your data is secure data or a remote backup for another system then it should be stored in a different physical building from the computer it was originally compiled on. Since portable harddrives and dvd burners are becoming cheap as dirt price should completely be a nonissue if you could give a shit about keeping your work alive.


I have probably forgotten alot of good pointers, but this should at the very least make for a great start in upgrading your security. Keep in mind that if you don't do any of these steps and if you are on broadband your computer is probably getting horribly raped about once a week (this is not an exaggeration). Even worse is that you are (unknowingly) giving everybody who asks all your credit, financial, and personal identification information without hesitation. I only wish I had such good service at most restaurants as your computers are with your credit info.

The only way to stop being a victim as often as you can fathom is to be proactive and keep your shit secure.
_________________
http://prettydiff.com/

[B0b]

never have your Administrator as Adminsitrator - change it to something you'll remember..

[Al Ian]

Not to many PW crackers check ASKII charictors. Use them instead of just alpha numeric.

The podunk way of using ASKII.
hold ALT + press any 4 numbers on the number-pad, release ALT

Example: �
_________________

http://jmarkey77.home.bresnan.net/

[Chris]

This is why ppl need secure external hardrives

try this:
http://www.listsoft.ru/programs/12378
_________________
My signature is irrelevant

[Drunken Monkey]

You should switch to linux because its so incredibly secure. Install gimp too, its so much better than photoshop! You can then walk around feeling l33t and stuff.

No but really, when you get all this sorted out google for "windows xp firewall" and enable it.
_________________
"A fear of weapons is a sign of retarded sexual and emotional maturity" - Sigmund Freud

[Gort]

[Drunken Monkey]

You know Gort, I've been sober through this entire incarnation. All 23 years of it. So i am afraid you will have to disambiguate that alcoholic slang of yours
_________________
"A fear of weapons is a sign of retarded sexual and emotional maturity" - Sigmund Freud