What should I do?

[Josh]

Right

Last night, I somehow royally pissed of a hacker. and a good hacker at that. He forced me to reformat, to remove a trojan he had entered into my pc, that norton didn't detect. He was able to move files around my desktop, and tell what I had installed, and what my system specs were, so I'm totally sure he did do something. Through a mate, I managed to negotiate a "cease fire", in which fi I stay away from the guy, he wont do anything more. I'm still very worried though. I've been told the main downfall of my securty last night was not having SP2 installed, and so now i have EVERY microsoft update there is. Still though, he is aware of what ports I have opened etc, and i have no idea how to close them, or what closing them would do. As you have probably guessed, I'm pretty clueless. Can someone please sugest some security measures i can take to make my PC as secure as possible?

Thankyou

 

[SuAside]

get linux & write your own firewall permissions?

seriously thought, that sucks. a really clever hacker is nearly impossible to stop. anyhow, here are a few tips:
- if you are using a router, change the default password & disable the option that allows connections from outside the network to log in to the router itself (some routers can set that, others cant)*
- get a firewall, other than the windblowz one (and check the security levels & individual settings)
- get an AV (but you have hogton, so that'll do)
- regularly run anti-ad/spyware programs
- update your OS, firewall & AV regularly
- don't install software you got from questionable sources or that you were prompted to install by your browser
- don't use IE
- don't have any open networkshares (preferably not even printershares & such)

that's pretty basic. if you want to go to more advanced stuff, it gets complicated & probably over your head if you're a novice.

* adsl/cable router abuse can be really evil. run a trace, isolate the router, request info (you'll get the brand & model) and then use the default pw (often brandrelated: 'admin', 'tiger',...) to enter. once inside you can usually isolate the ISP account & passwords, which allows you to use the same connection elsewhere adding traffic to the poor unsuspecting sob's account. free bandwidth! only one of the possible abuses if people get inside your router.

 

[Sander]

I recommend Sygate Personal Firewall as a firewall, since it's easy to learn, intuitive and quite powerful. Not to mention free.

 

[Ratty Sr.]

I recommend ZoneAlarm Security Suite, because it has firewall, AV and anti-spyware all in one, is pretty easy to use and Sander hates it.

 

[Sander]

I recommend ZoneAlarm Security Suite, because it has firewall, AV and anti-spyware all in one, is pretty easy to use and Sander hates it.

ZoneALarm is one of the most widely used and one of the unsafest firewalls out there. It also has a terrible UI and isn't as good as Sygate. So really don't use it.

 

[SuAside]

well, i have to side with Ratty on this. if i have to recommend a free firewall, i most often recommend zonealarm too. it's pretty moron proof & it's 'ok' by normal standards.

i know it's far from being the best or the prettiest, but it's easy to explain & as i said, moronproof.

 

[Ratty Sr.]

Sander, you are cornered, your hit points are low, your mana depleted and you're out of healing potions. Surrender now or perish like a dog!

 

[Sander]

well, i have to side with Ratty on this. if i have to recommend a free firewall, i most often recommend zonealarm too. it's pretty moron proof & it's 'ok' by normal standards.

i know it's far from being the best or the prettiest, but it's easy to explain & as i said, moronproof.

Well, so is Sygate. And Sygate is a lot more secure, I wouldn't be recommending it if people could easily fuck it up.

Honestly, have you two even *tried* Sygate?

 

[SuAside]

Well, so is Sygate. And Sygate is a lot more secure, I wouldn't be recommending it if people could easily fuck it up.

Honestly, have you two even *tried* Sygate?

actually i have Sygate on my comp right now.

trying out various firewalls atm, trying to find what suits me best (havent decided yet). i used to have ZA (out of lazyness), but i decided to switch since it's own success made it a liability.

you're better off with half a brain & no firewall than no brain & a good firewall, btw.

 

[Unkillable Cat]

The best anti-hacker method I know of?

Don't piss off hackers.

 

[Ratty Sr.]

Honestly, have you two even *tried* Sygate?

I had it on my laptop (my poor, broken laptop). It's difficult to establish how good it was because it hardly got any mileage.

 

[SuAside]

I recommend Sygate Personal Firewall

as i said i was trying it out, right?

anyhow, i started having some computer probs a week ago. failed boots (frozen), a crash when unzipping a big file, a few programs that failed to load during startup, had to run a scandisk to sort out a few NTFS probs (small probs though)...

anyhow, with this many probs i had it pegged as a HDD with a section that was slowly dying our something (as recently one of my hdd's began to make a lil' more noise than usual). specialised tools showed all drives as healthy though.

so i started checking various programs & see if they were damaged somehow. i then decided to disinstall the sygate, on a hunch. i reinstalled zonealarm & poof all the problems were miracly gone.

(yes, i know, it's unlikely the problems were caused by a healthy sygate install. either way it's still a freak occurance. sygate got on my nerves anyway... the minimalistic ui was all good, but i kept getting popups from the ntkernel (network related) each time my other pc was online (on each netbios request, i suppose). each time i told it to block & ignore in the future, but it kept spamming anyway...)

 

[Sander]

as i said i was trying it out, right?

anyhow, i started having some computer probs a week ago. failed boots (frozen), a crash when unzipping a big file, a few programs that failed to load during startup, had to run a scandisk to sort out a few NTFS probs (small probs though)...

anyhow, with this many probs i had it pegged as a HDD with a section that was slowly dying our something (as recently one of my hdd's began to make a lil' more noise than usual). specialised tools showed all drives as healthy though.

so i started checking various programs & see if they were damaged somehow. i then decided to disinstall the sygate, on a hunch. i reinstalled zonealarm & poof all the problems were miracly gone.

...
Heh, odd. Pretty much impossible that this was caused by Sygate, but still odd.

(yes, i know, it's unlikely the problems were caused by a healthy sygate install. either way it's still a freak occurance. sygate got on my nerves anyway... the minimalistic ui was all good, but i kept getting popups from the ntkernel (network related) each time my other pc was online (on each netbios request, i suppose). each time i told it to block & ignore in the future, but it kept spamming anyway...)

That's odd. I'm on a network with some 20 other PCs around the house and have no such problems. And yes, I have the ntkernel on deny all. You must have had a pretty fucked up Sygate version, heh.

 

[SuAside]

...
Heh, odd. Pretty much impossible that this was caused by Sygate, but still odd.

yeah, that's my 'professional' opinion as well...

nearly impossible to have been Sygate, yet everything seems to be fixed now.

my best guess would be the Sygate install might have fubared some .dll's which have been wrecking havoc on my system, but that's nothing more than a guess without any real foundation.

That's odd. I'm on a network with some 20 other PCs around the house and have no such problems. And yes, I have the ntkernel on deny all. You must have had a pretty fucked up Sygate version, heh.

yeah well, i couldnt figure it out... i set the popup on 'ignore next time', i went into the program to set deny again, but still didn't work.

it's probably a borked install (although it worked fine for a week or two). but i guess you can understand that i'm not exactly jumping with joy for the idea of trying it again with a new install.