HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 40 guests online
 
Advertisement

You are here: Home
EH-Net
May 19, 2013, 10:45:27 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
  Home Help Calendar Login Register  
  Show Posts
Pages: [1]
1  Ethical Hacking Discussions and Related Certifications / Incident Response / Re: My father is hacking me?! on: October 09, 2010, 04:18:10 PM
The laptop caught a trojan last year that required completely wiping the disk - my dad spent the summer reprogramming and reinstalling everything. So, yes, he had physical access to it.
And the MS RAS is enabled because that's what he uses to debug computers or fix technical issues when he's not around.
2  Ethical Hacking Discussions and Related Certifications / Incident Response / My father is hacking me?! on: October 09, 2010, 01:11:29 PM
Hello everyone,

My father, a (potentially) former NSA cracker, has been hacking my laptop computer ever since I left for college this year. I do not, however, have any concrete evidence or proof. From conversations that we have had, I am 99.9% certain that he has access to my computer (he set up an SSH on my computer, which I think that I have effectively disabled, but as I know almost nothing about SSH servers and how they work, I am not sure) through who knows how many programs and backdoors. I just installed the professional trial of eEye and ran a scan which showed that I have 5 high risk, 5 medium risk, and 14 low risk security issues. Here are the descriptions of a few of these:

Microsoft Windows contains a vulnerability in the SSL and TLS protocols when renegotiating session handshakes that could allow man-in-the-middle attackers to inject arbitrary data into encrypted TLS/SSL sessions.

The current MS RAS (Remote Access Server) is not encrypting data transfers. It is recommended to encrypt all transfers between client and server.

The current MS RAS (Remote Access Server) is not logging connections. It is recommended to log all RAS connection information.

It is recommended to enforce MSCHAP V2; this forces the server to drop any VPN (Virtual Private Network) connections that do not use MSCHAP V2 authentication.

By default, users are permitted to make RAS connections without any sort of authentication. It is recommended that you require users to authenticate themselves.

ICMP Timestamp request is allowed from arbitrary hosts.

Structured Exception Handling Overwrite Protection (SEHOP) is disabled on the target system. SEHOP is a mitigation that attempts to prevent an attacker from using the Structured Exception Handler (SEH) overwrite exploitation technique.

NTFS has the ability to support backwards compatibility with older 16 bit apps. It is recommended not to use 16-bit apps on a secure server since it could allow attackers to bypass access restrictions for files with long file names.

POSIX and OS2 should not be enabled. Enabling the POSIX or OS/2 subsystem can allow a process to persist across logins.




Can anyone help, please?
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.054 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.