Hackers - What to look out for and prevention!?

Hi, I was just looking through my logs and such and saw some alot of gobbly gook. It made me nervous. so I was wondering what are the main tips on detecting a Hacker, spotting Hacking attempts and prevention of Hackers?
I understand that I depends on what kit you have and such and that your computer has to make connections with others to use the internet but what do I and every other average Apple user need to look out for in logs on modems, firewalls and applications.
I personaly have looked at my logs on my Netgear Modem and logs on my System Profiler application. I see connections to various things but i'm no good at networking. All I know is to have my firewall on!
Also...I am always nervous when using Bit Torrent, do I have any need to be?
Thanks all ~ Joe
p.s - I have also read in other posts that posting log information is a dumb idea so have played safe and kept them to myself. So there's my tip! :)
PowerBook G4 15" - Sept 04- 1.5 GHz   Mac OS X (10.4.2)   Power Mac G4 1GHz DP - Airport Extreme - 2MBPS Broadband

It's not always true that an invalid access is an attack. For example, if your firewall application reports that the misused source port is a high port number, it might be a trigger packet. Some ISP may configure the servers system incorrectly or insufficiently. Some organization or a group of companies may send scanning packets to P2P users in a special way in order to improve heavy WAN traffics caused by P2P software users. You might mis-configure your modem or router firewall system or a built-in firewall has a bug, etc.
If a source port number is in the rage between 49152 and 65535, it is normally either dynamic or private ports. Dynamic ports are randomly assigned, and private ports are used by OS software or applications. By seeing any high ports with other logs events, you may guess whether someone attacks your node, about his/her skills/ability and the time zone. You may see one of high ports displaying on Netstat program for Network Utility application when pressing "Display the state of all current socket connections"-- udp4 0 0 localhost.xxxxx. Netstat may help to know who is on networks but not in real time. You need to refresh the button manually.
Here are two basic points:
* It is important to know yourself and think of your computer configurations before you start thinking who is there or your enemy.
* The most important matter in computer security is to be aware, and watch the systems carefully something most people do not do. For example, check if asl.log facility status with the level integer value displays differently from regular bases. If system.log or console.log reports that your computer name and the host name are changed, you may be facing to a serious security situation.
If you want to see whether your ISP blocks ports or you have opened ports, security scan service such as grc.com (Shields UP), dshield.org or seifried.org are available on the Internet.
Mac OS X Tiger built-in firewall (ipfw) has basic features. You can add rule-sets if you want. See for example here. Normally, you do not need to change the default rule-sets that blocks unwanted incoming packets.
Here is how to read about a log example for Mac OS X built-in firewall:
ipfw: 64000 Deny TCP 123.456.78.900:4990 444.555.66.777:1433 in via en1
The ipfw rule-set 64000 denies a Transmission Control Protocol IP packet sent by the source address 123.456.78.900 via the port number 4990 to attempt an invalid access to the destination address 444.555.66.777 targeting to the port 1433 in via your interface "AirPort." The destination address in this case is your local IP address, but not a remote IP address assigned for your ISP (for instance) node. The BSD device name for Built-in Ethernet interface is "en0." "en1" is used for AirPort or the first PCI Ethernet card if you install one.
You see the Mac OS X built-in firewall do not tell you the service name of a misused port number and the host name of the source IP address in real time. Therefore, it may be uncomfortable to analyze the background in details-- especially, if events of the firewall log would be flooded by access attempted every minute or more frequently. You may not even be able to send an e-mail to abuse team who is responsible for the source IP address net block to ask for the investigation if you want to do so. To send an enquiry has two meaning-- suggesting their server vulnerability or insufficient configuration and making a good use of their reply to your analysis.
In this case, an unassigned port number 4990 is misused by someone directly or indirectly (e.g. bot, botarmy, etc.) from the server 123.456.78.900, and the port 1433 for sniffing if a Microsoft SQL Server (Windows related) is running on your machine. There is also known history that some viruses try to exploit vulnerabilities in Microsoft SQL Server. The most known ports being misused in recent days are 8 (ICMP ping) 135, 139, 445 and ports for Trojan Horses and P2P technology driven software such as BitTorrent-- See also this world map, http://isc.sans.org/.
You may think about why bad IP packets pass through your ISP servers especially if servers are configured with a firewall system.
If you want to know more about Transmission Control Protocol specification, find "RFC 793" documentation on the Internet. All assigned port numbers document is available at www.iana.org.
If you are interested in third-party firewall, DoorStop X and Who's There are very good applications. You'll see it when you use their trial version with the full features.
Good firewall applications may protect your computer from various invalid access attempts but not for the real solution. Good packet analyzing (Sniffers) applications may help to inform you a result of analysis but not for the real solution. End-users, ISPs and the authorities need to run to the same direction together.

Similar Messages

  • What to look out for when upgrading from 10.4.5 to 10.4.6

    I'm thinking about upgrading our server from 10.4.5 to 10.4.6 (I've delayed it because I remember hearing a few things were broken in the process on some setups). So, being the novice that I am, what should I look out for?

    The best thing you can do is to take a full backup of your system and then apply the latest update.
    Also, it is safer to apply the combo update.
    If you do not hear problems in here, there are probably not any problems
    Mihalis.

  • Buying a used Mac - what to look out for

    I'm not really sure this should be in the MacBook Pro forum, but I had to put it somewhere.
    I'm considering buying a used Mac for my son. My daughter is using an old Aluminum PowerBook and when she gets older, I'll upgrade her as well. For my son the unit will be for mostly at home, so it doesn't need to be a laptop, but since laptops can basically be used as desktops as well, I'm posting here.
    What I want to know are any "gotcha's" that might not occur to me. For example, such and such types don't have particularly good battery life, the hard drive on this one is easy to change but not on that one. This one is known to have video problems but that one is great, etc.etc. Things to look out for or be aware of.
    I'm not adverse to buying old PPC based systems. Some of the old PowerMacs with G5 processors can be had for really, really low prices, but they're obviously limited to Leopard.
    This is a 10 year old boy, so I'm not going to spend a fortune on it. Kids will be kids, you know.
    Thoughts anyone?

    I assume you're ruling out completely all iBook G3's, right?
    If you got a butt kickin' PowerMac it might be quite a machine at quite a price. I've seen some G5 quad core's selling for as little as $100. With something that old, though, how long will it be before there's something like a power supply failure.
    Watch out for 17" iMac's from the 2006-2007 era. The displays have a tendency to develop vertical lines, and once they start doing it, it spreads like a disease across the display. WIth a unit like that you would have to use an external display and hide the original.
    Some of the earlier MacBooks had some battery issues and charging issues.
    I know for a fact that if you get a 2009 MacBook and put 4G of RAM into it you can comfortably run Mavericks. Of course if you read the posts of some of the people on this site they will claim you can ***never*** run Mavericks comfortably on anything. I'm not really sure what their problems are. You can pick one of these up for less than $200 for one in moderate shape to slightly over $200 for one in good shape.
    As with any laptop, check the battery out. On all systems check the HD and OD, especially the latter, to see if their working. I had to do a refurbishment/resell program on some of our older stuff and the ODs were bad in almost all of them. Thoroughly check the HD if the unit is a laptop or it's over 3 years old (just my advice).
    As far as PowerBooks, they're going to be too slow to handle any online video, but probably suitable enough for anything else. You can (I'm not joking) pick up a decent 12" model (1.33GHz, for example) for less than $70. You could also look at the 15" models but be wary of a problem some of them developed over time with RAM chips in a certain bank not being recognized.
    For reasons known only to God, old Titaniums are selling for more than Aluminum PowerBooks. I really wonder if people on eBay see the black Titanium keyboard on the metal base and think they're getting a new unit. Titaniums in good shape are a rarity because the hinges in the back liked to bust. They also ran hot enough to burn your legs. I'd steer clear of them.
    Most of the G4 iBooks we had and tested seemed OK. Some of the iMac G5s seem to be remarably solid. With the 2009 Intel iMac's (and maybe 2010 as well) you may need to be careful about the drive you install do to an unusual thermal monitoring setup.
    Well. That's if for me now.
    Later.

  • 10.4.2 upgrade to 10.4.8... web/ftp server.. what to look out for?

    Anything I should be aware of.
    I backed up all of my data, including configs httpd, and other shared apps like squirrelmail, roundcube, phpicalendar.(just in case the update decides it wants to wipe the dir completely)
    I have heard about issues with mysql SOCK, but have not kept up to date on what the updates may or may not effect.
    Curious what people's issues have been throughout the updates to 10.4.8.
    I suppose I could read through all of the threads, but I would kind of like a rundown of things to checkout, before I commit to this update.
    P.S. I ASR'ed the booted OS onto another drive, just in case I have to revert while figuring out the solution's to the problems.

    Looks like everything went fine.
    I decided to do a target disk mode install of the combo update. The problem I ran into is that my MacBook Pro was unable to install the PPC combo update, since it is not a PPC. So I had to use my old powerbook.
    Some of my squirrelmail configs were off, but easy to re-implement. Even some of my hacked passwd plugins and seive plugins were fine.

  • Is there anything we need to look out for when running Forte 3.0.N.1 and iDS5.0 SP1 on WindowsXP?

    We are in the process of migrating to Windows XP and during the transition period from 95 to XP we will need to run the uncertified for XP products Forte 3.0.N.1 client runtime and the iDS5.0 SP1 admin console on XP for a time.
    We were just wondering if there were any gotchas or problems we need to look out for?

    Hi Kelsey,
    Forte 3.0.N.1 is not certified to run on Windows XP. UDS 5.0.1 is the only certified ti run on Windows XP but just as client and is not certified to be a Server.
    Anyway, let me know what your problems were when running Forte on Windows XP.
    Cheers!!!

  • What defects should I look out for on a new C2D MacBook?

    Hi all,
    So, here's my Mac story. I've had macs for the past 4 years, I just like working on them when I have the option. When the new MacBook came out last Spring I immediately bought one, and then 3 returns laters, I got one that wasn't falling apart and was happy. Then the C2D came out, and I was antsy to upgrade. I know it was foolish but I talked myself into a MBP C2D. I got that, about 2 weeks ago and was very dissapointed in the display, grainy and all. So I talked to apple and they're taking it back. But here I am with no laptop again. SO I purchased a new C2D MacBook, and it arrives today.
    So back to the question ... what defects with the new one should be on the look out for? It's difficult to figure out which MacBook people are talking about when they talk about their problems.
    Thanks for the help

    To be honest, you shouldn't be looking for any defects. There were some problems with a small percentage of the original MacBooks which have since been resolved and should not appear on the new Core 2 models. Get your MacBook and enjoy it. If you discover something is not working the way you feel it should, address it then. To be on the look out for problems that you may have heard others having is only going to make you worry and probably think you have found a problem where none may exist.

  • Buying a used iMac G5, tips and things to look out for?

    What tips could you guys give me on when looking for a used iMac G5? I like the 20" models specifically and it seems the models are all over 1.6GHz so the speeds are fine.
    I currently own a G4 1.67 PowerBook and did a bit of reading up on that before I bought it, seeing what things to look out for what things turned faulty after a while and such. Such as the logic board and the 1 RAM slot going faulty on a few models, recalled batteries, which helped a lot in buying a used one.
    I'm looking for a new desktop but can't afford to fork out over 1 grand for the new iMac's and the speed of my PowerBook is enough for my usual browsing and processing and few photos. So please don't bother telling me to buy a new one cos new is always best, I don't mind spending reasonably less and having a decent machine still - 1.67 15" PowerBook has proved well :P

    Don't buy a new intel. buy a refurbished one from Apple. The PPC architecture is on its way out, few programs are being written for it, and most new applications are only for intel. I realize that even a refurb might cost a bit more than you planned to spend, but it will be worth it down the road.
    Look in the [Apple Store|http://store.apple.com/us/browse/home/specialdeals/mac?mco=MTE3NjY], the choice changes daily, so just keep you eye open for the one you want and snap it up. And get Apple Care as well.
    Let us know what you ended up with please,

  • What to watch out for on craig'slist

    Found a 32g wi fi for $230 on craig'slist. When something is to good to be true it usually is. Is there something I should watch out for.
    Thanks

    What to look out for is "the ad is on CL". :>
    I have done a couple deals thru CL. A few seemed like scams, a couple I know were and the ones
    that did go mostly well, the people said they would pay what I was asking then when we met, all tried
    to get me to go lower. I guess they think that when your there and they are waving $, you will sell
    instead of leaving and trying again.

  • Move FTP server - what to watch out for

    Hi,
    The client is looking at moving the ftp server to another server (another ip address). I know I will need to amend the communication channels to contain the new ip address's. What will need to be done from a basis side? What other things will I need to look out for?
    Thanks,
    Leanne

    HI,
    Mostly changes need to be carried out at File adapter level.
    Changes required
    1) New FTP server ip address
    2) change in directory path
    3) password
    4) port.
    chirag

  • An app everyone should look out for

    Hello apple users,
    Today I am here to warn you all for one of the many app's that scam you, this one is named "panorama backgrounds & parallax wallpapers & dynamic livepapers for ios 7, whatsapp, hangouts, viber"
    Like the name and description promises it that you get many panorama, parallax, dynamic, whatsapp, hangout and viber backgrounds/wallpapers/livepapers. It only costed 1,79 (Euro) so I thought, why the heck not
    When I launched the app, all I got was this:
    About 30 backgrounds for whatsapp, easily found on google.
    And also, it has fake reviews (at the bottom you can see the real ones of people saying the truth)
    Any apps you know of other people should look out for?

    Hi,
    To migrate from Exchange 2010 to Exchange 2013, you can refer to the articles provided by Amit Tank.
    For one thing about public folders, Exchange 2013 users can access public folders on Exchange 2010, but Exchange 2010 users can't access public folders on Exchange 2013. If you still use public folders, you need to migrate mailboxes before moving public
    folders to Exchange 2013.
    Best regards,
    If you have feedback for TechNet Subscriber Support, contact
    [email protected]
    Belinda Ma
    TechNet Community Support

  • Purchacing a s/h early 2008 MP - things to look out for?

    Hi guys, Ive been offered a early 2008 MP at what i would consider to be a reasonable price. It is the 2 x 2.8 quad core model. Currently it has 6gb (not apple) ram & I'll be getting it with the original HD.
    Not sure about any other options at this stage.
    Just wondering if there are any specific things I need to be aware of with this model & to look out for. I have the serial number of the machine if that's relevant.
    This would be my first MP - i have had macs for years but never MPs.
    Any advice would be appreciated
    cheers

    http://store.apple.com/us/browse/home/specialdeals/mac/mac_pro
    2009 4-core 2.66 showed up @ $2119
    2008 2.8 8-core @ ~ $2495?

  • This is what I looked up. did, and the results.

    This is what I looked up. did, and the results.
    HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\(601ED020-FB6C-11D3-87D8-0050DA59922B))\InpocServer32\E:\Utilz\WS_FTP95\wsbh02k0.dll
    HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\(B5326945-FC55-11D3-87D8-0050DA59922B)\InpocServer32\E:\Utilz\WS_FTP95\wsbh02k0.dll
    HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\(601ED012-FB6C-11D8-0050DA59922B)\1.0\0\Win32\E:\Utilz\WS_FTP95\wsbh02k0.dll
    HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\(601ED020-FB6C-11D8-0050DA59922B)\InprocServer32\E:\Utilz\WS_FTP95\wsbh02k0.dll
    HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\(B5326985-FC55-11D3-87D8-0050DA59922B)\InpocServer32\E:\Utilz\WS_FTP95\wsbh02k0.dll
    HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\(601ED012-FB6C-87D8-0050DA59922B)\1.0\0\Win32\E:\Utilz\WS_FTP95\wsbh02k0.dll
    HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\(601ED020-FB6C-87D8-0050DA59922B)\InpocServer32\E:\Utilz\WS_FTP95\wsbh02k0.dll
    HKEY_USERS_5-1-5-21-1972086658-3452135462-417872613-100\Software\WinRAR\ArcHistory\0) E:\Utiz\WS_FTP95\E:\Utilz\WS_FTP95\wsbh02k0.dll
    HKEY_USERS_5-1-5-21-1972086658-3452135462-417872613-100\Software\WinRAR\ArcHistory\0) E:\Utiz\WS_FTP95\ExtraPath\E:\Utilz\WS_FTP95\wsbh02k0.dll
    Firefox Reinstall BackupBookmarks-2012-09-11.LDIF
    Dialog box: Imported data for Record: 1
    Box checked for First record contains field names.
    Imported address book AddressBook.ldif
    I clicked on [Finish]
    There are:
    Personal Address Book
    FireFoxReinstallBackupBookmarks-2012-09-11 *1
    Collected Addresses
    *1 Where are these?

    Find your profile with Help → Troubleshooting from the menu or [≡] button, click on "Profile Folder: [Show Folder]" there. Your address books are in '''abook.mab''' and '''history.mab'''.
    If Thunderbird has created a new profile and it's empty, go back one folder level to "Profiles" and find the other one. You can copy the ".mab" files over to the new profile ''after shutting down Thunderbird'' and they should be picked up.
    Also see [http://kb.mozillazine.org/Transferring_data_to_a_new_profile_-_Thunderbird this article] if you need to manually move additional items from the previous/broken profile.

  • I have Mac OS X Version 10.6.8 ,I want to buy the updated operating system that puts iMessage and Facetime on my Macbook Pro. What should I search for, and then purchase, in the App Store?

    I have Mac OS X Version 10.6.8 ,I want to buy the updated operating system that puts iMessage and Facetime on my Macbook Pro. What should I search for, and then purchase, in the App Store?

    FaceTime can run in the version of OS X that you currently have. To get Messageyou need Mountain Lion. The protocol used by Messages is iMeassage.
    The question is does your MBP meet the specs for Mountain Lion.
    iMac (Mid 2007 or newer)
    MacBook (Late 2008 Aluminum, or Early 2009 or newer)
    MacBook Pro (Mid/Late 2007 or newer)
    MacBook Air (Late 2008 or newer)
    Mac mini (Early 2009 or newer)
    Mac Pro (Early 2008 or newer)
    Xserve (Early 2009)
    Your Mac needs:
    OS X v10.6.8 or OS X Lion already installed
    2 GB or more of memory
    8 GB or more of available space

  • What does SC stand for and is used for?

    I am new to SRM, can anyone tell What does SC stand for and is used for?

    Hi
    SC- Shopping cart . For eg.It is a just a request form to purchase the materials /services.
    http://help.sap.com/saphelp_srm2007/helpdata/en/74/344c430fab4d0bbc30996d56cc293a/frameset.htm
    SC is also one of the business objects in SRM.
    regards
    Muthu

  • How to look out for oss notes

    how to look out for oss notes

    OSS Note
    http://www.sappoint.com/basis/.pdf
    http://www.sap-img.com/basis/oss-notes.htm
    http://www.sap-img.com/basis/manually-applying-the-oss-note.htm
    REgards,
    Santosh

Maybe you are looking for

  • Re: Pin number recognition

    I am having the exact same problem and no one seems to be able to help

  • Please Its very urgent How to connect the thumb device using java media fra

    I was new to JMF please help me i wnat the code for connecting to the signatuure pad or thumb device present iam doing project in biometrics please if any body knows the code farward it tome bye Advance Thanks

  • Debugger keeps asking to update AIR runtime on device

    Flash Builder 4.5.1 AIR 3 SDK HTC Desire Z hi, everytime I compile/debug a mobile project to my  Desire Z phone, I get this popup telling me that I don't have the AIR3 runtime. No matter if I click yes or no, it keeps doing that, and then it takes ab

  • I want a smaller image - how?

    I have a Flash movie converted in FCP (5.0.3) to a QT movie. But when I burn it to DVD, not the whole image can be seen. There is justified text on it, and the letters on the extremes cannot be viewed on my tv (they can on the Mac). So I would like t

  • Corrupt file/error message

    When I try opening a downloaded program, I receive an error stating: C:\Users\Kelly\AppData\LocalLow. When I try opening the link, I receive another error. How do I fix this problem?