Little bitter gourd to report: she used ADSL Internet access at home, and found that the phone bill and network fees were found to be more than 100 pieces than before. She told to prevent the black knife to do not understand, ADSL is a monthly online Internet, how can I come out? How much? She first came to the telecommunications department to query, and the main fees displayed on the list of costs were QQ personal account recharge, watch online movies, registration paid electronic mailbox, etc., she wants to cry without tears, and say that they have not I have used these services. Why is the ADSL account stolen?
Case analysis:
Several methods of stealing broadband accounts
1. Use the software that views the "*" number password
Many users are in the dial-up software in the dial-up software. In the system below Windows XP, the saved password is displayed in "*" so that you don't have to enter your password every time you go online. Saving your password is convenient for your own risk. If there is a uncomfortable person to touch your computer, you can easily know the real password behind the asterisk with the software that views the asterisk password.
2. Use a dedicated tool for reading a dial-up network password
Since ADSL uses virtual dial, such as commonly used ADSL virtual dial-up software RaspppoE, Winpoet. While installing these software, a dial-up connection is also created in the Windows dial-up network. In the Windows XP version, in addition to the way to view the asterisk password, the hackers can also use the read dial-up network password. Tools to read the username and password of the ADSL account. Such tools are Dialupass et al.
The little bitter gourd recalled the situation last month, I think these two possibilities are very small, because she is online, no other friends have used their own machines, and the family will naturally don't worry about the account. If you think about it, you are not a local hacker!
Assault detection:
Someone can steadpel the ADSL account
Vulnerabilities and weakvings are two major hidden dangers of network security. Now, some criminals on the Internet use IE6 vulnerabilities, making web-timbered accounts, and stealing users' accounts, although it is dominated by stealing online game accounts, but some people use the latest webpage Trojan to steal broadband Internet account. In addition, some scanning tools scan the weak password machine, and easily steal broadband accounts. Let's take a look at how hacker is crossed!
1. Making webpage Trojan stealing accounts
1) The way they use IE6 vulnerabilities to make webpage Trojans to use a tool called Exe2BMP. EXE2BMP can generate one .exe executable to three files. BMP, .asp, .htm three files. Put these three files inside the space that supports the ASP, when others open the .htm web page file, the previous .exe Trojan will be automatically downloaded to the other party's hard drive and run.
2) Since the use of EXE2BMP is very simple, there is a prime hacker who is safe common sense to use it easily. Now let's take a look at their usage process. After running EXE2BMP, click the "Select" button, select the prepared Trojan file, click the Generate button, generate three files in the folder where the Trojan file is located. Now, as long as the hacker uploads the three files generated to the personal space supporting the ASP, you are unfortunately browsed this HTM web page, then "Congratulations" you, you. Your account is also waiting for the hand.
It's really vicious. Is this not a defense? The little bitter gourd said. The anti-black knife looked at the little bitter gourd and shook his head smiles. This is nothing, this way is relatively passive for hackers, they will take the initiative.
2. Scanning weak password machine to get an account
The password is a lock of computer security. Many people's safety awareness is insufficient. It is a very simple password to the computer, and even many people do not set a password. This is the so-called "weak password". Others can easily enter the computer and obtain the account password. 1) Hackers will first run scanning tools such as streamer, X-scan, here let's take a look at how the hack is running. Press CTRL A shortcut to adjust the "Advanced Scan Settings" of the streamer, specify an IP range in the start address and end address. This IP range is selected to select China Telecom ADSL broadband Internet access. The hacker will first use the display version of QQ to log in to his QQ, select a friend with ADSL dial-up online, and scan his IP segment. Generally, the computer in such IP segments is a single-use ADSL family personal computer, and there is more machines with weak passwords. The target system selects "Windows NT / 2000", and the detection item is only hooked only in the check box in front of the IPC, and the other is not selected (as shown).
2) After setting it, click the "OK" button to complete the setting. Open the "Select A Light Host" dialog box, click the Start button to start scanning. 3) After a while, the scan results come out, generally one to three weak passwords in each such IP segment. After the hacker got the target machine's IP, account, and password, open the IE browser directly, input file: IP / C $ "Target = _BLANK> // ip / c $ _BLANK> // ip / C $ Enter, a requirement Enter a username and password dialog. 4) Enter the scanned username and password directly, click the "OK" button to see all the files under the other party, hacker can manage your files like yourself, manage your files. However, hackers may not delete your files (of course, do not rule out the role of fish without spitting bones), his purpose is to get the other's Internet account and password, they will enter the Program Files folder, find the other party ADSL The installation directory of the dial-up software, in the system below Windows XP, most people generally use the ENTERNET300 / 500 for telecommunications installation, and are generally installed in C: 5) Enter C: / Program Files / Efficient Networks / ENTERNET 500 / App folder. Saves the other party's Internet account and password in "Enternet.ini" inside, open the "Enternet.ini" file with Notepad, and the user's back-on account is the other party's Internet account, password = save The password, but unfortunately. Decryption is very complicated, but hackers may also use simpler methods. Copy the Enternet.ini file to the corresponding position of the ENTERNET 500 installation folder on his machine, then override On his machine running Enternet 500, you can use the way to view the asterisk password to get the broadband account and password on the remote host. Generally, after the hacker gets the account, you will usually log in to China Telecom's Internet Starry Site (http: / / www.chinavnet.com) Go to register. Use the registered username to purchase pay services online, these fees will be completed by the binding payment account, deduct from the phone number phone number applying this broadband account. Little bitter gourd suddenly Emption, I finally figured out the reason why my cost is sluggish! But I am stolen. Is there any way to prevent my broadband account from being stolen again? Don't worry, I have a way The anti-black knife said confidently. Anti-black knife tricks: prevent broadband account passwords and their remedies 1. For the prevention of local hacks. Do not check automatic storage password options; set complex boot passwords, can also effectively prevent Get the account password by scanning the weak password machine. 2. For the prevention of Trojan hacks. In Microsoft Home Download and install the IE vulnerability, for IE6 below version of the user, more upgrade to IE6, then install the patch (patch download Address: http://www.microsoft.c OM / China / TechNet / Security / Bulletin / MS03-032.ASP). 3. Broadband account password is stolen after the remedies. If the inexplicable entry is added to the payment list, you should suspect whether your own account is maliciously registered by others, you can go to the interconnected star home (http://www.chinavnet.com), click on the top of the page, select Broadband User, enter your Internet account and password directly, select the province, enter the verification code Click OK to log in. After logging in, click "My Star" to select "I want to sell" in "User Information" to log out your account.