need help with a hacker
ghostguy6
08-29-2004, 10:05 PM
ok i need help with a hacker. reject_852001 is his yahoo screen name. This hacker (a.k.a kyle) has threatened to harm someone i care about, and they do know their phone number and address, as well as alot of other personal info. "kyle" has called that person and has talked to her and she swears she does not recognise "kyle's" voice. She had the phone company try to track him, but the calls always come from a payphone. She has even called the police and they say the cant do anything because there is no real suspect. I tired to trace "kyle" but whenever i do the connection is lost before i can get an ISP. My question is this, Is it posible to obtain "kyle's" IP address while having a convo on yahoo with him so i can perform a more accurate trace? It this volates the TOS would someone be willing to perform a search on "kyle" and PM me his IP address and possibly his ISP?
Plastic_Fork
09-01-2004, 07:36 PM
Try this. Open a DOS window while he's talking to you in a chat window and type in this command: "netstat -a" and press Enter.
Should show a list of all the network connections being made to your PC including his IP while the window is open. You can do this while using share programs to get IP's of people downloading from you. It's possible that you'll just get an IP from Yahoo though. If not, try using this command for the IP if you think it might be him: "tracert" and press the spacebar to make a space and then type in the IP and press Enter. It will attempt to trace the networks for the source and will give you an idea which networks the IP is coming through.
Just an FYI though. Most IP's can be bounced off of other servers or spoofed. The IP you see may or may not be his actual IP. If you get an IP, paste it here:
American Registry for Internet Numbers
http://ws.arin.net/cgi-bin/whois.pl
Asia Pacific Network Information Center
http://www.apnic.net/apnic-bin/whois.pl
Latin American and Caribbean Internet Addressess Registry
http://lacnic.net/cgi-bin/lacnic/whois
Réseaux IP Européens
http://www.ripe.net/ripencc/pub-services/db/whois/whois.html
These are basically IP and DNS databases and registries where you can do a WHOIS query to locate where an IP originates. Since a lot of hackers will bounce or spoof IP's, you may have to search all of these sites to find out which country it's originating in. Just because he's here in the US doesn't mean he isn't hacking you from somewhere else. Odds are you'll find him on ARIN since that's the US registry, but better check them all.
I use these places to find out where people are sending me spam mail from to have the ISP's do something about it. :)
I hope some of this helps. At least it gives you an idea where to start. You can also download tracer programs that will trace IP's for you. If you have a router that you're using to connect to broadband, see if it has logging capability. You can see which IP's are connected to you from that as well.
And if nothing else, contact Yahoo about it and see if they can help.
Should show a list of all the network connections being made to your PC including his IP while the window is open. You can do this while using share programs to get IP's of people downloading from you. It's possible that you'll just get an IP from Yahoo though. If not, try using this command for the IP if you think it might be him: "tracert" and press the spacebar to make a space and then type in the IP and press Enter. It will attempt to trace the networks for the source and will give you an idea which networks the IP is coming through.
Just an FYI though. Most IP's can be bounced off of other servers or spoofed. The IP you see may or may not be his actual IP. If you get an IP, paste it here:
American Registry for Internet Numbers
http://ws.arin.net/cgi-bin/whois.pl
Asia Pacific Network Information Center
http://www.apnic.net/apnic-bin/whois.pl
Latin American and Caribbean Internet Addressess Registry
http://lacnic.net/cgi-bin/lacnic/whois
Réseaux IP Européens
http://www.ripe.net/ripencc/pub-services/db/whois/whois.html
These are basically IP and DNS databases and registries where you can do a WHOIS query to locate where an IP originates. Since a lot of hackers will bounce or spoof IP's, you may have to search all of these sites to find out which country it's originating in. Just because he's here in the US doesn't mean he isn't hacking you from somewhere else. Odds are you'll find him on ARIN since that's the US registry, but better check them all.
I use these places to find out where people are sending me spam mail from to have the ISP's do something about it. :)
I hope some of this helps. At least it gives you an idea where to start. You can also download tracer programs that will trace IP's for you. If you have a router that you're using to connect to broadband, see if it has logging capability. You can see which IP's are connected to you from that as well.
And if nothing else, contact Yahoo about it and see if they can help.
ghostguy6
09-02-2004, 09:44 AM
Ive tried the netstat-a thing and tried to trace all the IP numbers that had an "ESTABLISHED" beside it. The best i could get was the yahoo server. Ill try those sites you gave me. Can you recommend and trace programs? I am behind a router but i dont know if it logs or not Ill look into that though. Yahoo has recieved several e-mails from both me and the person I am trying to help, and we have yet to hear a reply from Yahoo :swear: "Kyle" now knows I am looking for him too and I believe has has tried to hack my computer too, but so far I do not believe he has been succesful.
2.2 Straight six
09-02-2004, 01:55 PM
if you find him pm me and i'll come over with a few pieces of "equipment" and we'll teach the dirty bastard a lesson or two sounds like he needs to be thrown in prison
ghostguy6
09-02-2004, 02:20 PM
All i need is his IP address, Ive already got more than enough people williing to help me out with this asshole! If anyone can and is willing to help me find his Ip address can you PM it to me?
Plastic_Fork
09-02-2004, 10:42 PM
Ive tried the netstat-a thing and tried to trace all the IP numbers that had an "ESTABLISHED" beside it. The best i could get was the yahoo server. Ill try those sites you gave me. Can you recommend and trace programs? I am behind a router but i dont know if it logs or not Ill look into that though. Yahoo has recieved several e-mails from both me and the person I am trying to help, and we have yet to hear a reply from Yahoo :swear: "Kyle" now knows I am looking for him too and I believe has has tried to hack my computer too, but so far I do not believe he has been succesful.
Bummer, man. Wish I could have been better help than that. NeoTrace would pinpoint where the IP was coming from, but most tracer software needs an IP first.
What brand router do you have? My Linksys has a logging feature. Here's a good place to test your network security:
http://www.grc.com/
I've used that site to find weaknesses and stealth my network. Great site, and the guy who made it is awesome. Good place to read up and learn about network security. Also, if you've got a router make sure you're using a private network IP addressing scheme like 10.10.x.x, 10.0.x.x, or 192.168.x.x for your IP structures. This will help keep your network from broadcasting and receiving unauthorized packets from outside sources.
You can use your router to forward the NetBIOS (137, 138, and 139) and IDENT (113) ports to a non-existant IP as well to help prevent your PC's from being detected online.
About the only thing that can detect you from there (if your router uses a NAT firewall) is anyone that's directly connected to you, but other ports they try to access (like NetBIOS or IDENT) should be closed to them.
Bummer, man. Wish I could have been better help than that. NeoTrace would pinpoint where the IP was coming from, but most tracer software needs an IP first.
What brand router do you have? My Linksys has a logging feature. Here's a good place to test your network security:
http://www.grc.com/
I've used that site to find weaknesses and stealth my network. Great site, and the guy who made it is awesome. Good place to read up and learn about network security. Also, if you've got a router make sure you're using a private network IP addressing scheme like 10.10.x.x, 10.0.x.x, or 192.168.x.x for your IP structures. This will help keep your network from broadcasting and receiving unauthorized packets from outside sources.
You can use your router to forward the NetBIOS (137, 138, and 139) and IDENT (113) ports to a non-existant IP as well to help prevent your PC's from being detected online.
About the only thing that can detect you from there (if your router uses a NAT firewall) is anyone that's directly connected to you, but other ports they try to access (like NetBIOS or IDENT) should be closed to them.
ghostguy6
09-03-2004, 10:07 AM
My router is a linkys (sp) wireless, i cant remember the model # off hand right now, The 128bit encryption is enabled on it. I dont think "kyle" has made it into my computer yet, but I think he has tried. Im getting spammed to hell by porn sites, that I have never heard of, not that I look for that sort of thing anyways. As for the girl I am trying to help, he made it into her computer and fucked up the keyboard somehow, deleted the bios I think, well anyways the computer got shut down and now she cant type in her password. She going to take it to the store she got it from and get them to fix it, its still under warranty.
Plastic_Fork
09-03-2004, 07:34 PM
My router is a linkys (sp) wireless, i cant remember the model # off hand right now, The 128bit encryption is enabled on it. I dont think "kyle" has made it into my computer yet, but I think he has tried. Im getting spammed to hell by porn sites, that I have never heard of, not that I look for that sort of thing anyways. As for the girl I am trying to help, he made it into her computer and fucked up the keyboard somehow, deleted the bios I think, well anyways the computer got shut down and now she cant type in her password. She going to take it to the store she got it from and get them to fix it, its still under warranty.
I have the Linksys wireless router as well. Go into your router and there should be a "Log" tab at the top. Enable the logging and put your PC's IP into it so it will log all the traffic to and from your PC specifically.
If you're getting spammed a lot by other sites, I suggest this. Go here:
http://www.lavasoftusa.com
Download and install Ad-Aware personal edition (it's free). It'll help clean up and ad-ware/spy-ware that may be feeding those spammers your info.
Also, when you open the emails, view the full header information and you can get the IP of where the emails are originating. Take those IP's and plug them into the IP searching websites I posted above. Should give you an idea where they're coming from and usually will give you an email address to report abuse. Send an abuse email to that address and forward a copy of the email with the full header info with it (so they know the routing information as well). And if that fails, either put mail filters on your email program/site or change email addresses.
As for your friend, she needs to do the same thing. Run Ad-Aware to clear out ad-ware/spy-ware. Also I would recommend she update her anti-virus software and run a full scan for trojans or worms. Could be a virus that affects the BIOS, but I doubt the BIOS was deleted. If the BIOS were deleted the PC wouldn't boot, especially get as far as asking for the user password for Windows or the BIOS password if she has one. Odds are either the BIOS was slightly altered or more than likely either the keyboard is messed up, the PS/2 or USB port is damaged, the USB ports aren't active in the BIOS (re-enable them if they aren't - set to auto), or it's just not plugged in all the way on the back of the PC (or front if it's plugged in there). Make sure the keyboard is plugged in and have her reboot and try typing first. I that fails, try swapping keyboards with another one you know works and see if it will type. If it's USB, try the other USB ports as well (reboot for each one). Sometimes it's the smallest things with computers.
I have the Linksys wireless router as well. Go into your router and there should be a "Log" tab at the top. Enable the logging and put your PC's IP into it so it will log all the traffic to and from your PC specifically.
If you're getting spammed a lot by other sites, I suggest this. Go here:
http://www.lavasoftusa.com
Download and install Ad-Aware personal edition (it's free). It'll help clean up and ad-ware/spy-ware that may be feeding those spammers your info.
Also, when you open the emails, view the full header information and you can get the IP of where the emails are originating. Take those IP's and plug them into the IP searching websites I posted above. Should give you an idea where they're coming from and usually will give you an email address to report abuse. Send an abuse email to that address and forward a copy of the email with the full header info with it (so they know the routing information as well). And if that fails, either put mail filters on your email program/site or change email addresses.
As for your friend, she needs to do the same thing. Run Ad-Aware to clear out ad-ware/spy-ware. Also I would recommend she update her anti-virus software and run a full scan for trojans or worms. Could be a virus that affects the BIOS, but I doubt the BIOS was deleted. If the BIOS were deleted the PC wouldn't boot, especially get as far as asking for the user password for Windows or the BIOS password if she has one. Odds are either the BIOS was slightly altered or more than likely either the keyboard is messed up, the PS/2 or USB port is damaged, the USB ports aren't active in the BIOS (re-enable them if they aren't - set to auto), or it's just not plugged in all the way on the back of the PC (or front if it's plugged in there). Make sure the keyboard is plugged in and have her reboot and try typing first. I that fails, try swapping keyboards with another one you know works and see if it will type. If it's USB, try the other USB ports as well (reboot for each one). Sometimes it's the smallest things with computers.
jcsaleen
09-03-2004, 08:03 PM
Tell him to stop being a little bitch and meet u face to face. :mad: Knock his out when u c him hes probly some little geek that sits home and jerks all day.
ghostguy6
09-05-2004, 12:05 AM
I have the Linksys wireless router as well. Go into your router and there should be a "Log" tab at the top. Enable the logging and put your PC's IP into it so it will log all the traffic to and from your PC specifically.
If you're getting spammed a lot by other sites, I suggest this. Go here:
http://www.lavasoftusa.com
Download and install Ad-Aware personal edition (it's free). It'll help clean up and ad-ware/spy-ware that may be feeding those spammers your info.
Also, when you open the emails, view the full header information and you can get the IP of where the emails are originating. Take those IP's and plug them into the IP searching websites I posted above. Should give you an idea where they're coming from and usually will give you an email address to report abuse. Send an abuse email to that address and forward a copy of the email with the full header info with it (so they know the routing information as well). And if that fails, either put mail filters on your email program/site or change email addresses.
As for your friend, she needs to do the same thing. Run Ad-Aware to clear out ad-ware/spy-ware. Also I would recommend she update her anti-virus software and run a full scan for trojans or worms. Could be a virus that affects the BIOS, but I doubt the BIOS was deleted. If the BIOS were deleted the PC wouldn't boot, especially get as far as asking for the user password for Windows or the BIOS password if she has one. Odds are either the BIOS was slightly altered or more than likely either the keyboard is messed up, the PS/2 or USB port is damaged, the USB ports aren't active in the BIOS (re-enable them if they aren't - set to auto), or it's just not plugged in all the way on the back of the PC (or front if it's plugged in there). Make sure the keyboard is plugged in and have her reboot and try typing first. I that fails, try swapping keyboards with another one you know works and see if it will type. If it's USB, try the other USB ports as well (reboot for each one). Sometimes it's the smallest things with computers.
I run Adaware SE and Spybot S&D and I also advised her to do the same as soon as all this started. Ill look into the routers logging capabilities. When my friends computer was hacked she went to get a drink and once she returned she had lost all control, the mouse and the keyboard would not respond, she said the cursor was moving and windows were opening and files were being removed. I told her to hit the reset button on the tower but it was to late the damage had been done. Her computer is currently at the store they bought it from and the techs there are at a total loss. The manager told her if they cant fix it by monday they will give her a new computer.
If you're getting spammed a lot by other sites, I suggest this. Go here:
http://www.lavasoftusa.com
Download and install Ad-Aware personal edition (it's free). It'll help clean up and ad-ware/spy-ware that may be feeding those spammers your info.
Also, when you open the emails, view the full header information and you can get the IP of where the emails are originating. Take those IP's and plug them into the IP searching websites I posted above. Should give you an idea where they're coming from and usually will give you an email address to report abuse. Send an abuse email to that address and forward a copy of the email with the full header info with it (so they know the routing information as well). And if that fails, either put mail filters on your email program/site or change email addresses.
As for your friend, she needs to do the same thing. Run Ad-Aware to clear out ad-ware/spy-ware. Also I would recommend she update her anti-virus software and run a full scan for trojans or worms. Could be a virus that affects the BIOS, but I doubt the BIOS was deleted. If the BIOS were deleted the PC wouldn't boot, especially get as far as asking for the user password for Windows or the BIOS password if she has one. Odds are either the BIOS was slightly altered or more than likely either the keyboard is messed up, the PS/2 or USB port is damaged, the USB ports aren't active in the BIOS (re-enable them if they aren't - set to auto), or it's just not plugged in all the way on the back of the PC (or front if it's plugged in there). Make sure the keyboard is plugged in and have her reboot and try typing first. I that fails, try swapping keyboards with another one you know works and see if it will type. If it's USB, try the other USB ports as well (reboot for each one). Sometimes it's the smallest things with computers.
I run Adaware SE and Spybot S&D and I also advised her to do the same as soon as all this started. Ill look into the routers logging capabilities. When my friends computer was hacked she went to get a drink and once she returned she had lost all control, the mouse and the keyboard would not respond, she said the cursor was moving and windows were opening and files were being removed. I told her to hit the reset button on the tower but it was to late the damage had been done. Her computer is currently at the store they bought it from and the techs there are at a total loss. The manager told her if they cant fix it by monday they will give her a new computer.
Plastic_Fork
09-05-2004, 02:29 PM
I run Adaware SE and Spybot S&D and I also advised her to do the same as soon as all this started. Ill look into the routers logging capabilities. When my friends computer was hacked she went to get a drink and once she returned she had lost all control, the mouse and the keyboard would not respond, she said the cursor was moving and windows were opening and files were being removed. I told her to hit the reset button on the tower but it was to late the damage had been done. Her computer is currently at the store they bought it from and the techs there are at a total loss. The manager told her if they cant fix it by monday they will give her a new computer.
Sounds like a back-door trojan virus. Those are pretty nasty and can give the hacker full access to the PC. And I mean full access as in, like they were sitting in her chair operating the PC themselves. They can even open and shut her CD-ROM or power off the PC if they wanted. That's something an anti-virus program would have to fix. The spyware removal programs will take care of ad-ware, spy-ware, and mall-ware, but the trojan is a virus.
If she doesn't have a router with a NAT firewall, she should invest in a software firewall like ZoneAlarm. Odds are the hacker deleted system files and now the OS won't boot or something similar. They'll probably have to format the drive and reinstall Windows. It's easier to give her a new PC while they fix and refurbish hers to re-sell later when they're finished.
Sounds like a back-door trojan virus. Those are pretty nasty and can give the hacker full access to the PC. And I mean full access as in, like they were sitting in her chair operating the PC themselves. They can even open and shut her CD-ROM or power off the PC if they wanted. That's something an anti-virus program would have to fix. The spyware removal programs will take care of ad-ware, spy-ware, and mall-ware, but the trojan is a virus.
If she doesn't have a router with a NAT firewall, she should invest in a software firewall like ZoneAlarm. Odds are the hacker deleted system files and now the OS won't boot or something similar. They'll probably have to format the drive and reinstall Windows. It's easier to give her a new PC while they fix and refurbish hers to re-sell later when they're finished.
ghostguy6
09-05-2004, 03:14 PM
I had her do a virus scan with nortan. It didnt find anything. I couldnt perswade her to use a better scan. She is behind a router but im not sure if the NAT firewall is enabled. She did install zone alarm after "kyle" started threatening her, but it may have been to late, at this point Im thinking he may have had his backdoor installed before we installed zone alarm
my3rdskyline
09-17-2004, 10:52 AM
I work for the airforce on a computer network with over 15000 users and we get this shit daily. basicly here's the deal. you can get specific legally binding information that is nonreputably linking the suspect to these events from the persons ISP IF YOU HAVE A POLICE warrent. this however requires the suspect to actually do something bad. Everything you have said falls under what most people consider "anoying" not criminal activity (which is required to get a warrant for disclosure of privacy act information from the persons ISP). sucks, but that's the man for yah.
so what's the deal? do you know this guy or something? let me guess you are under the age of 18 and this girl is your friend and there is another guy being a pain in the ass making you all paranoid.
if there were a REAL concern you can get your phone number changed, request a restraining order against an unnamed person (this will get you information from the ISP on who the guy is) and actually take legal action against it. but do you really want to do that? I mean is this just someone you know being a dick or do you really have a stalker and are actually concerned for your friends safety?
so what's the deal? do you know this guy or something? let me guess you are under the age of 18 and this girl is your friend and there is another guy being a pain in the ass making you all paranoid.
if there were a REAL concern you can get your phone number changed, request a restraining order against an unnamed person (this will get you information from the ISP on who the guy is) and actually take legal action against it. but do you really want to do that? I mean is this just someone you know being a dick or do you really have a stalker and are actually concerned for your friends safety?
Automotive Network, Inc., Copyright ©2026