How did they do that?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
A few months back I found out that a friend of mine, whom I trusted
and allowed access to my wireless router and admin page, was spying on
my computer via some remote tool.  How where they able to do this
without installing anything on my personal computer?  It was almost as
though they had complete remote access even though I had disabled
remote access.  I'm worried they are somehow doing it again because my
mouse has been jumping around.  This was how I caught them last time.

Re: How did they do that?

On 01/19/2009 02:52 PM, Michelle sent:
Quoted text here. Click to load it

Hello Michelle:

I hope by now you realize the administrative password should be changed
and that the new one be somewhat complex.  This password should differ
from the administrative password for your computer.

You may have system services permitted that amount to security holes.

Sometimes a mouse will indeed seemingly make the pointer move without
stimulus.  However, such movements are either pure vertical or pure
horizontal, and they are usually very infrequent.  You should never see
applications opening or closing without your control.

If you don't need to permit wireless access 24/7, you might wish to
consider a plan or schedule for limiting that access.

Your "friend" may have installed software in your system that permits
them access to your system.

If you you personally lack the computer savvy to inspect your system for
software you didn't wish to be installed, you should seek the assistance
of someone who can.  This is also a good opportunity to make sure you
have decent antimalware and that your patches and other security is up
to par.

Please make a follow-up post as to your progress.  Best wishes to you.

1PW  @?6A62?FEH9:DE=6o2@=]4@> [r4o7t]

Re: How did they do that?

Michelle wrote:

Quoted text here. Click to load it

Did you reset the router yet?
Did you enable WPA2 on your router?
Did you enable WPA2 on any wireless access points in your intranet?
Did you change to a STRONG admin password to log onto your router?
Did you check for any port forwarding rules in your router?
Any ports left open in the router to allow unsolicited inbound connects?
Jerky mousing cease when you disable your host's LAN connectoid?

Re: How did they do that?

Quoted text here. Click to load it

And you know taht they did it how? Mouse jumping around is NOT evidence of
They could easily have put a user that they can log into, or gotten root

Quoted text here. Click to load it

Re: How did they do that?

Unruh wrote:

Quoted text here. Click to load it

Obviously you've never been the recipient of someone using Remote
Desktop Protocol, TeamViewer, or LogMeIn to remotely control your host
to see the mouse cursor moving around (RDP usually blanks the screen).
Obviously an outside cannot obtain remote access unless then can get
through the router, through any software firewall, and can connect to a
client running on the targeted host.

Site Timeline