Where can I find record that my computer was attacked?

0 pts.
Tags:
Intrusion management
Security
The following question was sent to SearchWindowsSecurity.com by a user: Some hackers attacked my computer and shut it down. No port scan program or logger is reporting an attack. What's going on, and where can I find record of the attack?
ASKED: October 14, 2004  1:13 PM
UPDATED: March 5, 2012  10:19 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

I’m assuming that you’re running a windows OS. The first question that occurs to me is “How do you actually KNOW that you were attacked, and not suffering from some other problem?” Your original question below makes that assumption without providing any evidence.

For the future, I strongly recommend that you install a firewall – software or hardware – each has strengths the other lacks. I use both, personally speaking.

Without knowing more about your particular configuration, I can only offer general guidelines on where to look. But here are a few places.

1) Bring up a command prompt and do dir c: /s /ah /o-d > c:lookupfiles.txt
This will list everything on your system drive, including hidden files, and sort by date – the minus in front of the d will cause the newest files to be listed first. This is done in the command prompt so that you can have an output file. You can do the same thing in the “Search” tool, but I like having the output file.

2) Look at the system event logs – All 3 (System, Security, and Application) for anything within the time window of the attack.

3) If you have a software firewall (McAfee, Symantec, Zone Alarm, etc.) look at the log files for those.

4) If you’ve got an external hardware firewall (of any sort), look for log entries there in the same time window.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • G2hpkz
    this is rather ravishing..
    15 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following