Newbie here; not a hacker; just a PC tech, but a good one. I'm involved in litigation. The opposing side is constantly breaking into my machine. Don't know how they keep getting my IP, which I change almost daily. I've scanned my machine for anything (including a rootkit), and I've found nothing. But, every once in a while, when I configure my Linksys to allow more than one DHCP user and then forget to change it back, I see the same (one of four) machine(s) on my DHCP clients table. Once they're in, they get my passwords and either change them on any Web subscriptions I may be using (presumably just to let me know they hacked me), or they'll get into any one of my Web sites and shut it down. This is called attrition, and they're winning. I don't know how to stop them. Any ideas would be helpful and extremely appreciated. BTW, just started using Sygate. Thanks, folks. Take care.
Being hacked; Need help
Set up a access policy on your linksys that allows only your mac address to connect to it, or that allows only the mac addresses you want to allow to connect to it, change the user name and password of the router very very strong one min 14 chars mixed-alphanumeric-ascii so that the pass can not be breached on the router. If they can connect to the router they are on your network. If its wireless they come through then make sure you only allow specified macs on your router. get a linux firewall between your servers and the router with NAT so that only you from the inside can get out and no one from the outside can get in, DNAT is what its called. Linux is free, I sugest you get ubuntu and then install webmin on it. Let me know if this helped.
Thank you very much, SpOonWiZaRd. I've already setup two policies: one to allow (me and my other machines) and one to deny (all of their MAC addresses). And I was very surprised that neither rule worked. I'll go over that again more carefully. Wireless is always disabled; I don't use it. I'll try DNAT and get back to you. And I'll get ubuntu. Any idea how they are getting my IP address? Wouldn't they need that to keep connecting? Without a rootkit or something sending them a signal, would it be stupid to presume that my ISP is providing it to them? Wouldn't surprise me at all. More later. Thanks again, buddy. Really appreciate it.
The best thing I can think of then is NAT with linux get linux from http://www.ubuntu.com and get webmin from http://www.webmin.com even then if they have your IP they will not be able to connect if your NAT is set up properly. You will need 2 NIC's in your linux box, the one will be internal and the other one external, you can give like 10 IP addresses for the external and internal NIC to confuse them. If you have their IP's you can flood them once they are on your network by using your linux box.
First, let me reiterate that your help is very much appreciated. Are you suggesting that I pull an old machine with 2 NICs out of my closet, install Linux (along with webmin), and place my router and network behind it? Do I have your idea right? I can do that right now. Getting their IP would be beautiful.
Yes, or you can put it behind your router which ever works for you. If they are on your network they must be on the same IP range right? Go to http://www.oxid.it and get Cain & Abel, free tool that has a sniffer, activate the sniffer and then click on the sniffer TAB, then click on the blue plus sign to see everyones IP with their corresponding MAC addresses and their OU Fingerprint.
Oh, you can even sniff between them and your router to see what their upto, by using APR you will become a middleman and see their passwords they use on websites ans such in clear text, you will even get their certificates, get their windows passwords and much more. Just read the help file on how to use the program when you get stuck, but what ever you do, do not install Abel on you computer, Abel is what you want on one of their computers so that you will have access to them whenever you want without ever using a password again.
Wow, you are blowing me away. I'm setting up the new Linux box right now. Be back in a couple hours.
Installed Cain and Abel. Feel like I've gotten back control of my network, somewhat. At least now I know when they're on and when they're not. Feel like a huge weight has been lifted. Onto the Linux box. Have a really good day. You deserve it.
Glad I could be of assistance, if you have troubles with webmin just google how to webmin ubuntu and they will tell you step by step what you need. You will be secure once you have NAT.