Results 1 to 9 of 9

Thread: how to catch the hacker

  1. #1
    Just burned his ISO
    Join Date
    Jul 2008
    Posts
    1

    Default how to catch the hacker

    Which tool can i use to catch a hacker. Someone hacked into friends pc, he used his MSN account and replace his password. Friend was usin XP and Comodo firewall, which showed attack from some IP, that my friend didnt write down. Friend replace firewall with ZoneAlarm and shut down the pc. He is not using it ever since and i recomend him to cal his ISP and ask them to do what they can.

    I will go to his place to see what i can do. He wants to know who he was, becouse he thinks that it is someone he knows. I dont know what to take with me. Ithink BT3 will help to see what is going on, but which tool can i use?

  2. #2
    Junior Member
    Join Date
    Jun 2008
    Posts
    30

    Default

    Quote Originally Posted by lal0nline View Post
    Which tool can i use to catch a hacker. Someone hacked into friends pc, he used his MSN account and replace his password. Friend was usin XP and Comodo firewall, which showed attack from some IP, that my friend didnt write down. Friend replace firewall with ZoneAlarm and shut down the pc. He is not using it ever since and i recomend him to cal his ISP and ask them to do what they can.

    I will go to his place to see what i can do. He wants to know who he was, becouse he thinks that it is someone he knows. I dont know what to take with me. Ithink BT3 will help to see what is going on, but which tool can i use?
    i thinks i type wiht proper engcish.
    and i think
    You need to read this: http://www.catb.org/~esr/faqs/smart-questions.html
    Code:
    Stupid:
    
        HELP! Video doesn't work properly on my laptop!
    Smart:
    
        X.org 6.8.1 misshapen mouse cursor, Fooware MV1005 vid. chipset
    Smarter:
    
        X.org 6.8.1 mouse cursor on Fooware MV1005 vid. chipset - is misshapen

  3. #3
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by lal0nline View Post
    but which tool can i use?
    I would disable the firewall and make the computer into a honeypot. Get an older hub and plug in an ehternet cable from the machine running BT3 into the hub from an ethernet nic in promiscuous mode. Wireshark is the program you would need to run packet captures to see the data on the wire.

    Quote Originally Posted by sunapi386 View Post
    i thinks i type wiht proper engcish.
    Are you fscking kidding???

    Quote Originally Posted by sunapi386 View Post
    and i think
    You need to read this: http://www.catb.org/~esr/faqs/smart-questions.html
    Code:
    Stupid:
    
        HELP! Video doesn't work properly on my laptop!
    Smart:
    
        X.org 6.8.1 misshapen mouse cursor, Fooware MV1005 vid. chipset
    Smarter:
    
        X.org 6.8.1 mouse cursor on Fooware MV1005 vid. chipset - is misshapen
    The OP's post is fine. I don't know where you are coming off so I'd suggest you mind your own P's and Q's instead of trying to bash someone with a legitimate question.
    dd if=/dev/swc666 of=/dev/wyze

  4. #4
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by swc666 View Post
    I would disable the firewall and make the computer into a honeypot. Get an older hub and plug in an ehternet cable from the machine running BT3 into the hub from an ethernet nic in promiscuous mode. Wireshark is the program you would need to run packet captures to see the data on the wire.
    This is a very good piece of advice, If the hacker indeed obtain the password through unauthorized access to your friends computer chances are that he will return to the crime scene for some more snooping around. There are a few good threads on the forum about how to go about setting up a honeypot to catch potential attackers.

    i thinks i type wiht proper engcish.
    and i think
    You need to read this: http://www.catb.org/~esr/faqs/smart-questions.html
    The OP's language is completely understandable and as the question also is both relevant and clearly stated I do not understand what ignited your inappropriate reaction.
    -Monkeys are like nature's humans.

  5. #5
    Good friend of the forums
    Join Date
    Jun 2008
    Posts
    425

    Default

    For the last week I was trying to replace images with ettercap, but the filters can't get the <img tags being WPA.

    Sorry to divert, but does any one know some points we can look up.

    Thanks
    James

  6. #6
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by compaq View Post
    For the last week I was trying to replace images with ettercap, but the filters can't get the <img tags being WPA.

    Sorry to divert, but does any one know some points we can look up.

    Thanks
    James
    WRONG THREAD

    I'd suggest you read the forum rules first off and NOT make it a habbit to hijack others' threads
    dd if=/dev/swc666 of=/dev/wyze

  7. #7
    Member Oneiroi's Avatar
    Join Date
    Jul 2008
    Posts
    59

    Default

    Quote Originally Posted by swc666 View Post
    wrong thread

    i'd suggest you read the forum rules first off and not make it a habbit to hijack others' threads
    quick run he's got the ban cannon!




    On a more serious note, even if you honeypot to catch the fact said hacker is accessing the system, what information can be attained to identify the hacker (or more likely script kiddy) legally?
    ---------

    OSX 10.6
    Advent Vega (Tegra 250)

    Working on getting BT5 working on the Vega

  8. #8
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by Oneiroi View Post
    On a more serious note, even if you honeypot to catch the fact said hacker is accessing the system, what information can be attained to identify the hacker (or more likely script kiddy) legally?
    Personally I would not go any longer than to obtain the IP address of the attacker and report it to the appropriate authorities, most likely the police and ISP, for further investigation.
    -Monkeys are like nature's humans.

  9. #9
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    This thread is not doing well so I am closing it. I advise all the posters in this thread who felt they needed to make fun of someone for their English to try to be more productive forum members rather than pick away at other people.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •