Have I been hacked ?

Thanks in advance for any light shed on my recent problem.

A list I belong to claims that some malicious emails they received contained my unique "static IP address ", but in searching my computer I cannot find evidence of this. I know I haven't sent these emails and I am the only one who uses my personal computer. I am on a network however, with at least 3 other computers in our office. We have a broadband connection.

Is there ANY way I have been hacked by either someone in the office, or a past employee that might be disgruntled and knows our static IP address ? Can someone send emails that appear to come from my static IP address w/o being on one of the 4 computers we have on our local area network ?

Sorry to sound ignorant, but when it comes to these kinds of things, I am. I'm really freaked out by this allegation and want to get to the bottom of it, whatever the answer turns out to be.

Elsie

 

Hi Elsie
Sounds more like a virus? Have you done a recent and updated virus scan?
Perhaps just use a free online scanner such as:

Housecall
Panda
Symantec
Grisoft

And for Trojans.....might I suggest:
Tauscan

Daizy

 

Elsie - I completely agree with Mz Daizy. Sounds very much like one of the PCs on your network is infected.

And as a side note, several of the viri running around these days will open their own SMTP session (email basically) and send from a PC to folks in the address book it finds and you won't see any evidence that you sent anything. It completely bypasses your email program except for raiding the address list and hides while it sends email out. Nothing for you to see then or later.

 

Hi Elsie
Have you tried an of the online virus scanners yet?

Daizy

 

I updated my virus definitions and ran a scan and it shows no viruses, although Norton has caught quite a few attempted lately.

The person who received these emails fowarded them to me, and it does show that the email came from my unique static IP address, however the account name doesn't match what mine is.

I have no record of this email being sent from my computer, but from the looks of the headers, it sure looks like it was sent by me. Is it possible on DSL for someone to hack into my IP and use the internet on my bandwidth, from a remote computer ? In other words ..... can they sign on to the net through my service from a remote locale ?

And if so ........ is it possible they can see what's on MY computer while they're logged onto my network, remotely ?

Thanks SO much for your time gang ..... all of you get far too little credit for your generosity in sharing knowledge.

Elsie

 

If you are on DSL (and so probably connected for long periods) someone could certainly sneak into your PC. Especially if you don't have a good, tight firewall.

As to spoofing posts so they appear to be from your address - certainly possible.

However, no one else can actually USE your ip address while you are connected with it and if someone grabs it while you are not connected, you will get an error telling you it is in use when you try to get on.

Assuming of course that your "static ip address" is a regular, assigned by the internic, address and not something private/local.

The private addresses are:

10.0.0.0 ...... 10.255.255.255 (class A)
172.16.0.0 .... 172.31.255.255 (class B)
192.168.0.0 ... 192.168.255.255 (class C)

 

Thank you SO much friends, for your responses.

Sorry it took me so long to get back to you all. My computer was in the hands of a friend who was investigating the situation. My DSL service got hacked into and he implemented a firewall so that can't happen again. It's been a harrowing experience, and sure opened my eyes to the vulnerabilities of cable modem service.

Hopefully things will return to normal soon and resume running smoothly. Again thank you SO SO SO much for your input.

Elsie

 

Hi again Elsie
Thanks so much for taking the time to post back with your progress. Glad to see you've got your issue resolved.

Daizy

 

I would not go so far as to say it can't happen again but the FIrewall sure helps to cut down the possibilities.

I would suggest that you ( or your Friend ) check into the Network properties and make sure that " File and Printer Sharing " is not bound to TCP/IP.

With it bound to TCP/IP it holds a port 139 ( NetBios ) open to the world. The Firewall might or might not block it.

And if you were on a Network it is really important to unbind it.

Doing this is HIGHLY recommeded by Symantec and others that give help on protecting a machine.

BillyBob

 

Just Reading and Learning

Hi BillyBob

To do this with XP do you just navigate to "Local Area Connection Properties" and uncheck "File and Printer Sharing for Microsoft Networks "

Thanks
Ron

 

http://grc.com/su-bondage.htm

http://www.staff.uiuc.edu/~ehowes/resource2.htm#EBURGER

 

http://www.staff.uiuc.edu/~ehowes/resource2.htm#EBURGER is for Windows 9x (95, 98, 98SE, ME), Windows NT 4.0 & Windows 2000 and http://grc.com/su-bondage.htm is for win9x and NT.

Nothing tere for XP or XP Pro as of yet.

Thanks

 

Ooops - sorry.

http://help.earthlink.net/techsupport/xmldocs/windows_XP/5877.help.html

 

Thanks brett, That took me to right what I had guessed in my first post but I know me.. Most of the time my guesses get me in trouble. haha

Hope I aint becoming a pest around here asking to many questions.

Ron

 

The more the merrier