Bots and Simulations > Internet Mode Commentary
What's going on with the DB server?
Peter:
--- Quote from: Testlund ---I decided to uncheck everything I don't need regularly. If this is hooked into something I need to have running than there is no other option than a complete uninstall, so no point in disabling it just to see if it's one of those. This access try is done about every 25 minutes through the ports I mensioned above. No harm done, because my firewall blocks whatever it's trying to do, and it doesn't seem to cause system instability.
Alright, this is what I think it's all about:
When you install BitTorrent you also install a server client called BTDNA. This client will always run in the background nomatter if you quit BitTorrent or not. Your computer will be a permanent file server after this. If you uninstall this though it should probably stop. I'm not absolutely sure about that though. These access tries I'm talking about happend AFTER the install of BitTorrent. Maybe some hacker was lucky to get into my system through BitTorrent just for the few minutes I was downloading the file. I don't know. The fact remains that immediately under the install process of BitTorrent there were lots of UNUSUAL popup warnings from my firewall.
Most people may not care if files are getting uploaded/downloaded after install of BitTorrent, even if they quit the program, especially if they keep sharing files a lot anyway, but I don't like it when I can't control WHEN a P2P client is running. The longer you keep running a file sharing application, having ports open for it, the higher the risk some hacker gets through.
I just think BitTorrent is risky business and that's all I'm going to say about it. That's my opinion.
--- End quote ---
Well if it is BTDNA, a part of BT. You should be able to remove it.
Look into the add/remove programs in windows, and look there for DNA/bittorent. Something that looks like it.
You should be able to disable the startup of it in msconfig, I think?
Can you find this program in taskmanager?
I don't know what it is called in Sweden, so the eh, ctrl-alt-delete screen. Can you find the program somewhere there?
BTDNA, should NOT be running if you have disabled it in msconfig, if it isn't somewhere in msconfig and it will start up. Shame on BitTorent.
I haven't used bittorent anyway, I was lazy and I just used the inbuilted client in the opera-webbrowser. There it is as simple as clicking onto a file, and it would download as if it was just a normal download.
Testlund:
Yes, I had no problem uninstalling it. It just took a little while before I found out it was not BitTorrent that was doing the job, it was BTDNA. BitTorrent is just a gui for managing the downloads. I don't know what BTDNA is doing all the time once you've downloaded a file. Probably just keep sharing that file or maybe other files gets passed through your computer, pretty much like a spam bot.
Peter:
So, is the problem fixed, or are there still troubles.
Numsgil:
Did you run the uninstaller? I find it odd that bittorrent's GUI would uninstall, but leave the core program running.
My guess is that the core program was probably just updating the servers that direct traffic to say where you were and what files you were sharing. And you can not get hackers in to your system just by running P2P software. The people who designed the internet were smarter than that.
The issue is when you want users to log in to your system remotely, and you want to keep out people who aren't legitimate. For instance, at work there's a way for people to submit code and access files from home. It's through that same pathway that a hacker might try to breakthrough and access files and submit code, etc. But the hacker can never do more than a legitimate user could.
Another example: windows has something called remote desktop. It basically lets you connect to another windows computer through the internet. I have a small server farm I'm setting up, and I can turn on any of the computers, and log in to them, and run them just like I was there, on my desktop, even though my actual computers are in another room. In theory if someone were to figure out my password (brute forcing it or using a dictionary attack wouldn't work. Most passwords are found either because people write them down, throw them away, and the hacker digs through the corporate garbage, or the hacker is the one who set up the network and knows some back door password, or something like that), and they were on my LAN, they could gain control of these computers like they were sitting down in front of them.
However, my router does not allow incoming traffic from the internet to access the ports you need for remote desktop. So it is impossible for anyone to get at these computers from the internet unless they can first hack my router. But my router specifically does not allow incoming traffic from the internet to access its login page. So it's physically impossible for someone to hack my computers through the internet.
However, my router is wireless, and I haven't set up a password for it (because I'm lazy), so in theory someone could get within 50 feet of my house, use my wireless router to connect to my Lan, and then somehow figure out my password, and log in to these spare computers. But that's the only physically possible way, because I'm specifically not allowing incomming traffic from the internet to access the stuff it needs to hack my computer.
If you just have a vanilla install of XP, fresh out of the box, with no fixes, and hook it up to the internet, you won't get hacked. Hacking can only occur if you, the user, install or run an executable on your computer. Either something involving outlook or word macros, an installation package, batch files, etc. etc. Or if you the user specifically set your computer up to be accessible from the internet. And even then someone has to figure out your password, and if you make it 8 letters or longer, and mix lower and upper case with some numbers, it becomes impossible*.
* at the present time. Most systems rely on a mathematical fact that it's hard to factor large numbers. If that ever becomes easy, pretty much all existing protection schemes become trivial to break. Of course, you still have to have your computer set up for remote access.
Testlund:
I agree with what you're saying Nums. That's pretty much how I think it works, but sometimes it seems hackers gets into computers too easy. I'm no expert in this so I don't know exactly how they do it, I just know where the risks lie. There is a reason why you need a firewall with stealth ports for instance. Just for somebody knowing your computer exists may be enough to find a way in. I've read about how they can get access through Windows services for instance. Just read what it says in all those security fixes you're downloading from Microsoft, where it says a hacker can get control of your computer through this vulnerability. Maybe they need my administrator password to do it, I don't know. It doesn't say.
Just visiting a web page may be enough to get a backdoor installed that imediately gives access to the computer.
Now I forgot my sandwishes in the owen just because I had to write this. Right after I felt the strong smell the fire alarm started beeping. I'm glad I don't have sprinklers.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version