Author Topic: Was My PC Being Hacked? (Read 501 times)

SirLoin · « **on:** August 01, 2005, 02:20:20 AM »

Nevr seen this before,but last nite after loggin off AH i tried to shut my PC off and i got this message "Other Users Are Logged On To Your Computer"

I clicked yes for shut down and got a black screen...i had firewall off.

anyone seen this before and was someone accessing my PC?

thnx.

214thCavalier · « **Reply #1 on:** August 01, 2005, 04:40:41 AM »

I think its time you kept your firewall on at all times Beefy.
If you are not connected to a Lan you should not have had that message.

To be honest i do not understand all the concerns with playing AH with firewall and antivirus turned off.
I always have them both on and playing from Uk with pings around 170ms i do not see any downsides to it.

I guess it may have more of an effect on gameplay if you are using a slow computer though.

Skuzzy · « **Reply #2 on:** August 01, 2005, 06:31:36 AM »

Some anti-virus programs are a serious problem, due to the way they scan files on every access to the files. They can cause random CTD's, file corruption, inability to save settings, complete lockups, inability to get logged on (particularly if you are saving the password), and a melee of other issues.

Improperly configured firewalls are just a nuisance as they consume way to much CPU time when improperly configured (i.e., log every access, block every port and so on). A properly configured firewall will block the ports that need to be blocked, not all ports.

I deal with these issues everyday Cav and they are real problems.

croduh · « **Reply #3 on:** August 01, 2005, 07:15:03 AM »

in some antivirus programs u can exclude htc folder from being scanned and that has improvment on the game.

FOGOLD · « **Reply #4 on:** August 01, 2005, 12:08:28 PM »

I don't understand this "only block ports that need to be blocked". Surely the hackers scan and scan to find open ports and then attack through them?

Networking etc really is the blackest of arts:rolleyes:

straffo · « **Reply #5 on:** August 01, 2005, 12:44:53 PM »

FOGOLD as far as I know an non locked port without an application/service associated is not dangerous at all.

You don't need to lock them in your fireware except if you want to drain the ressources of your PC.

FOGOLD · « **Reply #6 on:** August 01, 2005, 04:42:47 PM »

Can someone clear this up for me. Is it ok to close software firewalls so that the LAN can work ok as long as you are behind a NAT router which is not being used to surf the net or is it better to pull the phone plug too!

ALSO, given all that Skuzzy says, is it safe to disable all software anti virus and firewall to play Aces High?

StarOfAfrica2 · « **Reply #7 on:** August 01, 2005, 05:31:10 PM »

If someone is determined to get in, they will. Regardless of how many layers of protection you put on. Firewalls and A/V are just discouragement, they arent fool-proof protection. The average user is just as safe with only a router as they are with full software firewall and A/V running. When I had AOL running on my computer at home, I had several pings on my firewall for a few weeks. Tested by turning off the firewall and just monitoring port traffic. Nothing got in anyway.

Since I got rid of AOL, no pings at all. I still run a firewall when I'm surfing the net, and A/V as well. You never know what might be coded into the HTML of some websites. But for gaming? Totally unnecessary, and a resource hog.

FOGOLD · « **Reply #8 on:** August 01, 2005, 05:42:35 PM »

I thought that should be the case. After all, you are only connected to the game server and there wouldn't be an attack coming from there normally.

Is it the same with "always on" broadband? You are only vulnerable while surfing the net? I assumed that the greatest danger was when "interacting" with a website. A computer sitting idle even if it was connected couldn't pick anything up.

StarOfAfrica2 · « **Reply #9 on:** August 01, 2005, 05:59:06 PM »

Yes and no. As I said, if they want to get in they will. Just because your broadband is "always on", doesnt mean your computer has to be. I never leave my computer on when I'm done, unless I know I'm coming back. If you want to leave it sit turned on all the time, then yes you should take more precautions. Anytime you are connected, someone could "break in" if they know how and want to badly enough. Leaving a computer on long term is different from being connected to the game server. If you have worries about being hacked then

A) Keep the computer well protected as possible when you arent gaming. Nothing is perfect, but enough hoops to jump through will eventually discourage all but the most tenacious of hackers.

B) Shut it off when you arent going to be using it. They cant access what isnt there.

FOGOLD · « **Reply #10 on:** August 02, 2005, 01:09:59 AM »

I kinda hijacked this thread:o

Sorry! This stuff is really important and I appreciate the input SOA . Are gaming sites like Hyperlobby and Gamespy Arcade secure?

Skuzzy · « **Reply #11 on:** August 02, 2005, 06:49:38 AM »

Software from the Internet can only connect to ports on your computer where something is waiting for a connection. Programs waiting for a connection will be in the LISTEN state. Also known as LISTENERS. You will note only LISTENERS are TCP only. All the UDP ports will not have a state due to them being stateless by defination.

It is a networking impossibility for software to connect to a port which has no program running on that port on your local computer. Sort of like trying to get water out of the end of the water hose when it is not connected to a spigot. If the spigot is turned off, nothing can extract water from it.

To see which ports need to be blocked, startup a command prompt (Start->Run->command).
Type in "netstat -an". This will show all your open ports and the ones that are in a LISTEN state.

Additional temporary ports are port 25 (SMTP or inbound email), port 80 (WEB browser port), port 23 (Telnet if you use it), port 110 for POP3 (inbound email), ports 20/21 (FTP/FTP Data).

If you want to be paranoid, then block allports below 1000 as these are the defined ports for virtually all services. However, MS decided to use on in the 6000 range for some service.

People who claim software can connect to a port where no software is connected to it on the local computer are either trying to sell you something, lieing, and/or ignorant.

Does it hurt to block all ports? It certainly can. If you have logging enable in your firewall, then it certainly does hurt, as you will be logging useless information. You also add overhead for every legitimate network packet along with the possibility of corruption or loss of that packet (particularly UDP packets).

As far as the ports Aces High uses are concerned, they are find to leave open. Your computer is not LISTENING for a connection when Aces High is running and we do not use DirectPlay for our networking layer.

FOGOLD · « **Reply #12 on:** August 02, 2005, 10:18:18 AM »

Thanks for all this, especially Skuzzy.
The reason I'm asking is that we just got Broadband and I'm determined to understand the security issues properly.

I accept there is always risk and a compromise between functionality and safety.

The Router has NAT and IP filtering enabled and so far AH plays fine at a ping of 125 with no losses. When I play AH I turn off both the Nvidia firewall and the PC- Cillin firewall/ Antivirus.

StarOfAfrica2 · « **Reply #13 on:** August 02, 2005, 12:02:36 PM »

Sorry Skuzzy, I was being overly generic. I should have qualified my statements. Getting lazy.