Question related to hacking

[DigiBoy]

Guys,

help me out.

Our wifi is open to the public but they need to buy access cards. One of our guest got this new laptop, VISTA OS. He said that he was online and was typing something and then suddenly the cursor hi-lighted his text and erased it.

COndition:
1. No Remote software installed

Question
1. Since the laptop is new, is it possible that remote desktop is enabled? If it is enabled, the remote user still need to ask permission right?

2. Are there remote softwares that you can hide?

3. The hacker is either in the local network or passing through the net...i dont really know

4. Any other possible ways?

5. How do you increase computer security since its impossible to increase wifi security...( or is it possible? )

thanks much

[kensh1n]

if remote desktop ang g gamit ma lock unta to iyang screen bsan pa ug /console.
try to scan sa iyang mga installed nga software.. try pud ug check ang startup sa mmsconfig..

wow.. amazing kaau n dha.. wait ko sa lain nga mo reply sa mga possibilities.

[cliff_drew]

@ DigiBoy:

Condition 2 and question 1 is quite confusing.

[DigiBoy]

@ DigiBoy:

Condition 2 and question 1 is quite confusing.

erased condition 2... tehee...thanks...

ana akong usa ka amigo nga di daw possible.... sa iyang knowledge...pwde ra daw ma hide ang remote software and run as service which is....naka try pud ko...but other than that...huwat pako reply sa lain istorians...

[junmar4]

@ DigiBoy:

Condition 2 and question 1 is quite confusing.

I think he meant question 1 is based on condition 2 where rdp is disabled, is it possible nga naay nag-enable sa rdp without the owners permission (knowing nga bag-o ang laptop).

@TS, I guess it's only a glitch on the part of either the hardware or software. If you read to some threads here in istorya, naay cursor nga molihuk ra ug iya.

[dammy]

most of the remote software uses port number to login and a software tool for update of your IP to where you are located.

i found out a simple way to sniff this and trace for open ports in your computer.

a hacker tool used for sniffing ports can be useful too for your security.

download this tool will help you trace what port is open for a remote desktop access without your permission, after you can block that port if you dont know that port.

RealVNC uses port 5800-5900 for remote access dont know the others.

after you download the namp tool install this in your computer, after installed you can run the GUI or you can use CMD or command prompt for the nmap tool to work.

in your CMD type nmap(space)--traceroute(space)"yourIP" then wait for awhile

you able to see a text consisting a port number and name of the application who uses that port

Code:

Starting Nmap 5.21 ( http://nmap.org ) at 2010-05-21 09:09 China Standard Time
Nmap scan report for 192.168.1.106
Host is up (0.0034s latency).
Not shown: 991 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
111/tcp  open  rpcbind
443/tcp  open  https
1720/tcp open  H.323/Q.931
2000/tcp open  cisco-sccp
3306/tcp open  mysql
4445/tcp open  unknown
8000/tcp open  http-alt
MAC Address: 08:00:27:98:30:B1 (Cadmus Computer Systems)

HOP RTT     ADDRESS
1   3.42 ms 192.168.1.106

to know your ip, in your CMD type "ipconfig"

Code:

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : 
   IPv4 Address. . . . . . . . . . . : 192.168.1.106
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1

hope this will help a little.

[cliff_drew]

@ DigiBoy:

If there are no other actions being done on your guest's laptop then maybe junmar4 is right nga possible hardware/software glitch ra na. Not totally nga gi hack.

Pwede sad naay nag sniff/trace open ports within your network as what dammy said. Same with Malware-infected laptop/PC pwede sad mag create ug unknown remote connection. but out of context na ani nga situation since new man kaha ang laptop. These are just possibilities though.

[DigiBoy]

ill try this tool and give you a feedback... any other stuff in mind guys? lisod gyud ni no? tsktkstsk...hehe

by the way, his firewall is on...doesnt that block any port access?

[cliff_drew]

by the way, his firewall is on...doesnt that block any port access?

Do not assume that he/she is protected. Anything could be done even though his/her laptop is behind a firewall.

[DigiBoy]

Mao ba bro? Oh my MOMAY... anyways..thanks sa pag share sa software dammy...pero medyo naglisod ko gamit...nice ang advanced port scanner v1.3 but back to the topic....anyone else know if naa pa other possible ways to do it?