maemo.org - Talk
Page 2 of 17 1 2 3412 Last »
Show 40 post(s) from this thread on one page

maemo.org - Talk (https://talk.maemo.org/index.php)
-   Off Topic (https://talk.maemo.org/forumdisplay.php?f=19)
-   -   [URGENT] Expert Hacker Needed. (https://talk.maemo.org/showthread.php?t=89510)

AMD 2013-03-18 18:31
Re: [URGENT] Expert Hacker Needed.
 
The hacker's ID is 63.216.126.1
And the location is in Milan, Italy.

juiceme 2013-03-18 20:04
Re: [URGENT] Expert Hacker Needed.
 
Quote:
Originally Posted by AMD (Post 1329864)
The hacker's ID is 63.216.126.1
And the location is in Milan, Italy.
I don't think so... tracerouting from finland it appears that that IP address routes to lebanon.

stickymick 2013-03-18 20:27
Re: [URGENT] Expert Hacker Needed.
 
If it's a keylogger it'll be running as a background task. These are normally not scanned by an anti-virus or malware scanner.

You could give Avira Antivir Rescue System a try. This is a linux based boot CD that can scan the whole Windows installation because nothing in Windows is running at all.

minimos 2013-03-18 22:39
Re: [URGENT] Expert Hacker Needed.
 
Quote:
Originally Posted by AMD (Post 1329864)
The hacker's ID is 63.216.126.1
Also to me it seems that the IP is located in Lebanon.
But anyway, a search with 'whois' reveals that it belongs to 'Beyond The Network America' which is a shady operator at best and a nest of spammers & spybots at worst.
Terminate their connections with extreme prejudice.

fongo 2013-03-18 23:43
Re: [URGENT] Expert Hacker Needed.
 
Disable all apps & sites that use your FB login; and definitely do not use the same login/email password on FB as your email.

Verssetti 2013-03-19 01:27
Re: [URGENT] Expert Hacker Needed.
 
How do you connect by wifi or ethernet?

AMD 2013-03-19 04:49
Re: [URGENT] Expert Hacker Needed.
 
I connect by both. But WiFi is faster so I use WiFi more frequently. And since I might be watched, I changed my pass yesterday to something that does not have any meaning from any language. And since that change nothing happened. And I think because my passwords were so simple, the hacker could trace the password easily but now no matter how much I type it he'll get lost.. Well, let's test it this time and when I come back from school I will leave a reply.

Verssetti 2013-03-19 05:07
Re: [URGENT] Expert Hacker Needed.
 
Enter in the portal of your router and change the name of your wifi and the password maybe sniffing your account by your wifi.

dadaniel 2013-03-19 11:07
Re: [URGENT] Expert Hacker Needed.
 
well, it could be a keylogger, but honestly, i dont think so ...


... first check your facebook login history to find out who logged into your account: https://www.facebook.com/settings?ta...ction=sessions

... then check your applications under facebook: http://www.facebook.com/settings?tab=applications

... a friend of mine and me once tried to spoof logins through fb applications and it worked!



oh yeah ... if the ip 63.216.126.1 is the right one - here's the whois query and some other checks:

Code:
zeus:~# whois 63.216.126.1
#
# Query terms are ambiguous.  The query is assumed to be:
#    "n 63.216.126.1"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=63...showARIN=false                                              &ext=netref2
#

NetRange:      63.216.0.0 - 63.223.255.255
CIDR:          63.216.0.0/13
OriginAS:
NetName:        BTN-CIDR5
NetHandle:      NET-63-216-0-0-1
Parent:        NET-63-0-0-0-0
NetType:        Direct Allocation
Comment:        ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate:        1999-12-09
Updated:        2012-03-02
Ref:            http://whois.arin.net/rest/net/NET-63-216-0-0-1

OrgName:        Beyond The Network America, Inc.
OrgId:          BNA-42
Address:        450 Springpark PL
Address:        Suite 100
City:          Herdon
StateProv:      VA
PostalCode:    20170
Country:        US
RegDate:        2004-05-25
Updated:        2012-05-24
Ref:            http://whois.arin.net/rest/org/BNA-42

OrgNOCHandle: PUN6-ARIN
OrgNOCName:  PCCW US NOC
OrgNOCPhone:  +1-703-621-1637
OrgNOCEmail:  usnoc@pccwglobal.com
OrgNOCRef:    http://whois.arin.net/rest/poc/PUN6-ARIN

OrgAbuseHandle: PAD13-ARIN
OrgAbuseName:  PCCW AUP Department
OrgAbusePhone:  +1-703-621-1637
OrgAbuseEmail:  abuse.ops@pccwglobal.com
OrgAbuseRef:    http://whois.arin.net/rest/poc/PAD13-ARIN

OrgTechHandle: PUN6-ARIN
OrgTechName:  PCCW US NOC
OrgTechPhone:  +1-703-621-1637
OrgTechEmail:  usnoc@pccwglobal.com
OrgTechRef:    http://whois.arin.net/rest/poc/PUN6-ARIN

OrgTechHandle: MCKAY9-ARIN
OrgTechName:  McKay, Ian
OrgTechPhone:  +1-703-673-1012
OrgTechEmail:  usnoc@pccwglobal.com
OrgTechRef:    http://whois.arin.net/rest/poc/MCKAY9-ARIN

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


zeus:~# nmap -PN -sS 63.216.126.1

Starting Nmap 4.62 ( http://nmap.org ) at 2013-03-19 12:15 CET
Stats: 0:05:37 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 97.38% done; ETC: 12:21 (0:00:09 remaining)
All 1715 scanned ports on 63.216.126.1 are filtered

Nmap done: 1 IP address (1 host up) scanned in 347.784 seconds

... when i check the IP on robtex.com it tells me:
Code:
63.218.12.1
       
Summary

Cr01.ldn01.pccwbtn.net point to 63.218.12.1.
Which servers does 63.218.12.1 use?

63.218.12.1 uses the reverse pointer cr01.ldn01.pccwbtn.net only.

It is not listed in any blacklists.

... so once again a whois against pccwbtn.net:

Code:
zeus:~# whois pccwbtn.net

  Domain Name: PCCWBTN.NET
  Registrar: GODADDY.COM, LLC
  Whois Server: whois.godaddy.com
  Referral URL: http://registrar.godaddy.com
  Name Server: NS-CORP.CAIS.NET
  Name Server: NS-CORP2.CAIS.NET
  Name Server: NS-CORP3.CAIS.NET
  Status: clientDeleteProhibited
  Status: clientRenewProhibited
  Status: clientTransferProhibited
  Status: clientUpdateProhibited
  Updated Date: 28-apr-2011
  Creation Date: 07-may-2001
  Expiration Date: 07-may-2014
  Registered through: GoDaddy.com, LLC (http://www.godaddy.com)
  Domain Name: PCCWBTN.NET
      Created on: 07-May-01
      Expires on: 07-May-14
      Last Updated on: 27-Apr-11

  Registrant:
  PCCW-HKT DataCom Services Limited
  39/F PCCW Tower, Taikoo Place
  979 Kings Road
  Quarry Bay,  0
  Hong Kong

  Administrative Contact:
      Ralph, David  domain.admin@pccw.com
      PCCW-HKT DataCom Services Limited
      11/F East Exchange Tower
      38-40 Leighton Road
      Causeway Bay,  0
      Hong Kong
      +852.28836774      Fax -- +852.29625858

  Technical Contact:
      Ralph, David  domain.admin@pccw.com
      PCCW-HKT DataCom Services Limited
      11/F East Exchange Tower
      38-40 Leighton Road
      Causeway Bay,  0
      Hong Kong
      +852.28836774      Fax -- +852.29625858

  Domain servers in listed order:
      NS-CORP2.CAIS.NET
      NS-CORP3.CAIS.NET
      NS-CORP.CAIS.NET

after some googling - for me it looks like it's a torrent-server (or something similar - a kind of p2p network)

cheers!

stickymick 2013-03-19 11:53
Re: [URGENT] Expert Hacker Needed.
 
Quote:
Originally Posted by AMD (Post 1329951)
And I think because my passwords were so simple, the hacker could trace the password easily......
Errrm... TBH, you were asking for trouble, then. A long as possible complicated combination of letters and numbers is always the best.

Something that means something to you...... even if it's 3 words typed as 1 with the date when it happened is a good combination for a password.

i.e: arrowin1066theeye.


All times are GMT. The time now is 11:20.
Page 2 of 17 1 2 3412 Last »
Show 40 post(s) from this thread on one page

vBulletin® Version 3.8.8