Join 3,572 readers in helping fund MetaFilter (Hide)


How to tell if netbook is someone else's bot?
December 17, 2010 6:44 AM   Subscribe

Where can I learn more about how one's laptop can be remotely used by others, specifically pertaining to keystrokes, text saved in the cloud such as in a blogpost draft or yahoo mail or some such with a particular emphasis on means to identify and secure one's work, even if offline?

I am not sure if the question is clear enough so rather than tl;dr inside I will monitor the thread for any clarifications. I've been having trouble with my netbook using Windows XP lite and Firefox.
posted by The Lady is a designer to Computers & Internet (4 answers total) 1 user marked this as a favorite
 
Can you clarify if you are asking about:
a) How to purposely enable other people to remotely accessing and operate your laptop, e.g. someone can connect to you laptop via the internet and remotely use it as if they were using it in person.
or
b) How to ensure that other people are specifically prevented from remotely accessing your laptop, e.g. a hacker who accesses your computer and looks and your files, etc.
posted by EndsOfInvention at 6:48 AM on December 17, 2010


b)
posted by The Lady is a designer at 6:55 AM on December 17, 2010


Generally, bots are detected because they leave specific doors open through which network traffic goes.

These doors are "network ports". Most ports are used for useful stuff and are labeled numerically. Most web pages, for example, travel through ports 80 and 443. Other kinds of network traffic go other other port numbers that are generally reserved for that type of traffic.

Bots can use ports that are used by other forms of network traffic, like Windows file sharing or IRC (Internet relay chat), among others. These ports are associated with specific numbers.

Bot detection tools scan a local network for computers (e.g., your netbook) that have these kinds of ports open. If the ports are open, and if the bot detection tool sends a command to that port that returns a specific kind of response, then the computer is probably corrupted.

On your end, to prevent your computer from being compromised, here are a few tips:

• Run a safer operating system. Some OSes are just designed more secure than others, or give you finer-grained control over what your OS is doing behind the scenes. You may or may not be able to do this, depending on what software you have to run.
• Shut down unnecessary network services. For example, if you don't need file sharing, turn it off. If you don't need remote desktop support, turn it off.
• Install a firewall and antivirus software.
• Don't install untrusted software or web plug-ins.
• Don't install "freeware" on Windows.
• If you use Windows, never use Internet Explorer to browse the web for anything.
• If you use Windows, never run as an Administrator- or Power User-level account, until you have to install software or make system changes, like adding a printer.
posted by Blazecock Pileon at 6:59 AM on December 17, 2010 [1 favorite]


Securing your data in the cloud:

1. Use strong passwords, and do not re-use passwords on different web sites. Dictionary attacks on weak passwords are the #1 way accounts get hacked

2. Use encryption to connect to web sites. This means using SSL (https) when available, and a VPN when you must connect to http sites from an untrusted location (like a coffee shop's unencrypted wifi network).

3. Be aware that you are trusting a third party. If Google gets hacked, your Gmail will be compromised. This is a fundamental issue with cloud services. The one exception is that backup storage services will often let you encrypt data with your own key ... if this applies to you, do it.


Inoculating your PC against infection from the internet:

1. What Blazecock said, although instead of switching OSes I'd just advocate keeping your OS up to date with the latest security patches.

2. Gold standard: Do your web browsing in a virtual machine. If your web browser picks up something nasty, it doesn't get to the rest of your system.

3. Encrypt sensitive data in your computer. Don't just leave credit card and bank account numbers lying around. I use TrueCrypt to encrypt a virtual disk, but there are lots of options for encryption these days.
posted by qxntpqbbbqxl at 9:38 AM on December 17, 2010


« Older While in law school, my wife d...   |  Where can I find cardboard box... Newer »
This thread is closed to new comments.