Serious Security Breach Windows 7 Account! Need help!

[DarkAngelSent]

I tested it and confimed with him that he did use Iseeuu's method. While I was aware of the recovery console. I had not known that it was accessable through the advanced boot menu. I had thought that the recovery console is only accessable through a recovery CD, which is why i ruled it out as an option when I had said he did not use any peripheral devices such as USB or CD to boot from to get an OS loaded from.

Thank you to everyone for your help

 

[Tews]

next time, break his fingers ... :roflmao:

 

[iseeuu]

I tested it and confimed with him that he did use Iseeuu's method. While I was aware of the recovery console. I had not known that it was accessable through the advanced boot menu. I had thought that the recovery console is only accessable through a recovery CD, which is why i ruled it out as an option when I had said he did not use any peripheral devices such as USB or CD to boot from to get an OS loaded from.

Thank you to everyone for your help

We are glad you solved the mystery! Can I assume then, that giving the Default Administrator Account a password will prevent him from using recovery console to access your computer in the future?

If I may, I would like to share my philosophy on computer security, it is much like my home security. My front and back doors are closed and locked but only a small metal "strike plate" stands between a large person and the interior. It wouldn't take much force to shred the door frame and 2X4s around the door. Likewise the windows are easily broken with a rock giving easy access. I do not have an electric door opener so there is no security risk there. To have a really secure home, I would have to remove all openings, doors and windows, and live in a sealed box. Who wants to do that? Who can live like that? Instead I use all reasonable measures to make it easier for a thief to go somewhere else, easier targets where the doors are left unlocked or open.

Some basic computer security measures discussed on this forum are:

To use a "Limited User Account" for everyday and an "Administrator Account" for management and password protect all accounts including the "Default Administrator Account".

Use the password feature when your computer comes out of sleep or hibernation, or after the screen saver.

Use a strong password, like you mentioned, alpha-numeric. It takes about 20 seconds to crack a password of all lower case letters. Adding a capital letter makes it 26 times harder to crack. Adding a number and a special character takes so long to finally crack, it is just easier to move on. As an example, I like to take a familiar word: administrator, spell it backwards and add numbers: R08tsinimda.

Set the hard drive as first boot device and password protect the BIOS.

Use anti-virus / anti-spy software to detect trojans, keyloggers, and other malware.

Never open an email-attachment from an unknown sender (and sometimes from known senders).

Of course, just as someone can break open the door to my home, if they get physical access to my computer they can delete the BIOS passwords and gain access. There is no reasonable security measure to prevent that. But why would they expend that much effort, take that kind of risk, when there are so many easy targets?

Cheers!
Robert

 

[Bare Foot Kid]

Well said iseeuu.

 

[seekermeister]

ieeuu,

A parallel in keeping with your philosophy is a lesson I recently learned about thieves relating to my car. My car is so junky and ugly that I figured no thief in his right mind would even give it a second glance, so I never bothered to lock it up. A couple of weeks ago, I jumped in and started to put the key in the ignitition and felt something strange. Craning my head around, I saw that someone had attempted to jimmy the ignition, breaking the plasrtic all the way around it into jagged edges, and even the ignition looked as though someone had tried to use a screwdriver to turn it. Since then, I have learned to lock the doors. Obviously, thieves are not very particular, because every car in the lot is much better than mine.

 

[iseeuu]

ieeuu,

A parallel in keeping with your philosophy is a lesson I recently learned about thieves relating to my car. My car is so junky and ugly that I figured no thief in his right mind would even give it a second glance, so I never bothered to lock it up. A couple of weeks ago, I jumped in and started to put the key in the ignitition and felt something strange. Craning my head around, I saw that someone had attempted to jimmy the ignition, breaking the plasrtic all the way around it into jagged edges, and even the ignition looked as though someone had tried to use a screwdriver to turn it. Since then, I have learned to lock the doors. Obviously, thieves are not very particular, because every car in the lot is much better than mine.

Point well taken. Good lesson to remember. In Missouri recently, the morning temperature has been as low as 0. A few car owners started their cars to warm them up only to find them gone a few minutes later. Does it get any easier?

Cheers!
Robert

 

[DarkAngelSent]

Thanks for the advice guys! Many of the suggestions I have already implemented or use on a regular basis, but untill this happened, I never thought to or bothered putting a password on my bios, or setting my HDD as the primary boot device. I guess I was more concerned with functionality at the time as I had at the time been using the Peripherals to boot from. (Used to have a triple boot on my laptop). I guess I got a little cocky as I tend to follow a pretty good routine in terms of keeping my computers secure. I have my laptop set to prompt login after sleep, hibernation etc, I have state of the art Corporate level Server managed AVs on my home network, Alphanumeric Passwords (Random Letters and Numbers), Honeypots and ghost machines on my network etc etc.

It was a pretty big slap in the face to see him get through it in less than 5 minutes I had left it unattended. But the best way to learn is to fall down and get back up. Thanks for the help and insight guys

 

[iseeuu]

Thanks for the advice guys! Many of the suggestions I have already implemented or use on a regular basis, but untill this happened, I never thought to or bothered putting a password on my bios, or setting my HDD as the primary boot device. I guess I was more concerned with functionality at the time as I had at the time been using the Peripherals to boot from. (Used to have a triple boot on my laptop). I guess I got a little cocky as I tend to follow a pretty good routine in terms of keeping my computers secure. I have my laptop set to prompt login after sleep, hibernation etc, I have state of the art Corporate level Server managed AVs on my home network, Alphanumeric Passwords (Random Letters and Numbers), Honeypots and ghost machines on my network etc etc.

It was a pretty big slap in the face to see him get through it in less than 5 minutes I had left it unattended. But the best way to learn is to fall down and get back up. Thanks for the help and insight guys

You are most welcome! We would be happy for you to contribute what you learn about computer security from you class, if you like?

Cheers!
Robert

 

[DarkAngelSent]

If I can help in any way, Ill be glad to share

 

[iseeuu]

If I can help in any way, Ill be glad to share

Ahh ... I see a windows security Guru in our near future!

Happy surfing!
Robert