I've got a prob. with this one person-who uses kazaa as a gateway to get around my firewall. He/she is getting into my paypal inf. through my cookie files and old e-mails. I already deleted them but its too late. I've informed paypal-so they are watching who logs in and knows its not me. Is there anyway to find out what IP they are useing while doing this. I want to inform their provider they are trying to get my credit card and paypal inf. which is a federal offense since its FDIC! I have their username from kazaa- shouldnt kazaa server know what IP adress that user was from when loging on. Thanks for any help-I hate it when people abuse file shareing. I know have to turn off all kazaa file sharing cause of one ***** of a person. :t

why not encrypt everything, makes it a hecka a lot harder to decode anything they could take from your comp. Ive got a handy shell extension encrypter/decypter call cryptext. Uses 1024 bit encryption. if it would have been at the time of the hack, you could have gotten his adress. Using a program like the builtin windows netstat command(go into msdos window and type netstat) you could have proly got it. You might be able to get his adress through the program he used to steal your files. I don't think it was kazaa, maybe you had a trojan? See if he was stupid enough to install an ftp server and leave the log file there, you might be lucky. Try searching for files containing his username in the kazaa directory, it might keep a log of usernames with their ip adresses.

I havent loged off since that. So it would still be there right? I used command.com and typed that in- I got one that I havent seen before named **** adelphia.net with 4 #'s after. The other is windows.com-that should be there i guess. But the other I'm unsure of-this could be him right? Thanks! I searched his user name but nothing came up.:eek:

P.S> I would have atlest pass protected it had I known it was there. Forgotten files can = big issues. I already wiped them now as I cant use that stuff now!:rolleyes: :t

fyi, netstat shows what connections you currently have, so if he's still hacking you, that might be it. If you're still on kazaa it could be someone you're connected to. If he didn't hack you through kazaa, but through a trojan, then it could be the trojans' connection to him. :confused: If you can do a search on kazaa for someones username to download files from them. You could search for his username, then you could start downloading a file from him Then run netstat while you're dling from him and one of the established connections should be his. Never used kazaa(its spyware) so I wouldn't know.
its really hard to catch hackers after the damage is done if you don't have ip logging software(like web servers do). Chances are you'll never get vengeance on him. :(

I didn't know people could hack ou through kazaa!:( If I am behind a firewall and use kazaa, am I still safe?

Originally posted by Bizkitkid2001
I didn't know people could hack ou through kazaa!:( If I am behind a firewall and use kazaa, am I still safe?

Sorry about what happened to your paypal account but simnplest soultion is to not use kazaa

But if u reallly want to use it just disable the opinton that lets other people download from yo but only u can download from them. I would do that Too many hackers out there.

Your talking to the wrong guy;)

Did he actually download your paypal info USING kazaa or just use the kazaa gateway through your firewall to access your HD? i.e. did a download window appear in kazaa for what he took off you?

If so then it's the same problem that I found with the older version of Morpheus (the reason it got shut down).

I was looking at who was downloading from me and noticed that someone was downloading an accounts spreadsheet which was NOT shared.

The problem related to me sharing Folders in the root of my data storage drive (MP3's, Movies, Apps etc.) I had a folder for each and then a seperate folder on the same drive with important business (and other) data in. and that was also being shared despite not being on my shared list.

I contacted the people that made morpheus and told them about the problem with various screen grabs to prove what I was saying and they tried to tell me that it was just an 'isolated incident' that was peculiar to my machine, and told me how to fix it, which was removing the reference to it in my shared directory info, but all it did was remove it on that installation and at the same time make the problem go away for them.

I told them that it was their responsibility to do something about the security risk and inform users. they repeated the whole 'isolated incident' thing and told me not to worry. I told them if they didn't sort it I would have no choice but to make it public. At the same time I started hearing things in alt.2600 about the security breach, and in other places including sysopt.com so I sent all my info to the BBCi website. eventually the story became mainstream, morpheus issued a statement on their website that it was false and after a little while shut down.

I don't know how much of it was related to what I did, but if it's happening in kazaa now you need to be doing something about it.

I've gone and rambled on again for ages unnecessarily haven't I?

***viBe***
:xNEW STUFF *UPDATE*::xThe Sysopt.com Users 2002 SETI@home team website should 'GO LIVE' on Friday 26th July. If you would like to contribute to the site or the team have a look HERE (http://www.sysopt.com/forum/showthread.php?s=&threadid=111092) or alternatively HERE (http://www.sysopt.com/forum/showthread.php?s=&threadid=111495) if you would like to vote on the name of the 'www' address of the new site.

"i.e. did a download window appear in kazaa for what he took off you?"

Thats exactly what happend! I had ONE folder shared with music in it. He got into my hdd through it some how and even into my cookies. It totally bypassed my firewall which is Outpost. I saw what he dwloaded through the kazaa connection deal at the bottem. I then searched for them on my HDD to see where he was. He was all over-even in my email but he didnt get my credit card #'s there not stored thank god. He got the last 4 pin #'s from paypal acount and thats it-not the important ones in the begining.
and my paypal inf. but I took care of that.
Morpheus - had this issue at one time to huh. Must be somthing that they know and we dont.

Thanks vibe666, atleast I know its not just me or how did they put it 'isolated incident' . I have a older machine with nothing on it. I might just use it from now on for kazaa and then hook up to my main pc when I want to transfer with ethernet. That'll fix that prob. But man its just crappy they dont warn you ro nothing. Its like it just isnt a big deal-BUT IT IS! Thanks for the replys guys!;) :t

I was sitting in front of my machine on Sunday when suddenly Zonealarm shut off by itself. I was in the middle of patching a new installation of w2k, so I assumed this was related to the OS. As I restarted Zonealarm and it immediately told me that a remote IP address was accessing my system. I'm wondering where the hell this is coming from and shut down the machine. Just then my wife's machine shows an error message. She'd been on Kazaa the day before and forgot to shut it down. It had been running all night on internet connection sharing through my machine. I guess someone got into her machine and once they were inside the network they hopped over to mine and shut down zonealarm to open the door.

Short of hiding behind a router and firewalling yourself to death, I would strongly recommend not using p2p any more than neccessary, which will of course kill off p2p because no one will be on to share anything any more.

I wonder what companies are paying these hackers to put an end to p2p the guerilla way.

T

if you want to still use kazaa or other P2P apps, I suggest you manually go through looking at your shared files in the tree list and manually remove anything that isn't supposed to be there. I tried this using Morpheus and it worked, but you'll have to check anything that isn't a movie or MP3 file. all your zip files, and documents.

Here's how.

Open Kazaa and go to 'My Kazaa'. You get an explorer type view and from there you can search through the folders 'Document', 'Image', 'Other' and 'Software' for anything that you don't intend to share. Once you find something, right click on it and select 'Stop Sharing' at the top of the drop down box.

Thats it. I have some instructions in an old e-mail on confirming that the file has been 'un-shared', I'll try and dig them up, but it should work OK just the same.

In the mean time, It's a good idea to keep any sensitive data on a seperate partition that is 'un-shared'. ANYTHING on a partition with ANY shared files on it is potentially at risk!!! If you have your shared folder on you 'C' drive you could be unwittingly sharing all your data including cookies, e-mail etc.

I know that this is an issue with the old versions of Morpheus (1.3), and now it would seem that even the new version of Kazaa is affected by it. Someone might want to check out other P2P apps based around the same technology. I doubt if eDonkey2000 or Direct Connect are affected as they both work very differently from Kazaa, but Limewire, Bearshare etc. might also be putting you at risk.

CHECK WHAT YOU ARE SHARING!!! never trust everything to the application.

I'll get back to you on confirmation about the 'un-sharing' thing.

***viBe***
:xNEW STUFF *UPDATE*::xThe Sysopt.com Users 2002 SETI@home team website should 'GO LIVE' on Friday 26th July. If you would like to contribute to the site or the team have a look HERE (http://www.sysopt.com/forum/showthread.php?s=&threadid=111092) or alternatively HERE (http://www.sysopt.com/forum/showthread.php?s=&threadid=111495) if you would like to vote on the name of the 'www' address of the new site.

Found it:

1. Start Morpheus/Kazaa.
2. Go to the 'My Media/Kazaa' section.
3. right click on the file in question.
4. select the option 'Locate File'
5. a window will appear showing the location of the file.
6. Look at the location of the file to make sure its not a duplicate file on his hard dive.
7. Using a web browser type the following 'http://localhost:1214' 6. look at the list of files in the browser and see if the file in questions appears.

they don't seem to be displayed in any particular order so you might want to copy/paste the results from the IE window into excel so you can alphabetise them to make it easier to look through and see whats there.

Good luck.

***viBe***

I don't think people can take your files on limewire/gnucleus, its a totally different network. That is....unless your stupid enough to share your whole hard drive.

When I set up any of my boxes what I usually do is one partition for the os. one for other programs and utilities. and one of the other for file sharing programs and their respective share files. Maybe I'm fooling myself but as of yet I've had no problems to date.

I have ZoneAlarm only allowing Kazaa to go one way, download, I told it not to allow an upload, I only have Kazaa sharing one folder on my HDD, the one it downloads to. So do I need to worry about being hacked??