Tuesday, July 2, 2013
Find Hackers In Your Computer Using Netstat Command And Kick Them Out
By installing softwares which are pirated, manipulated and uploaded freely to internet by hackers we help them to create their cyber armies. After people downloaded and installed them, ports are opened and connected to the hacker's server. So that he can use your computer in his bad needs when you are online and your IPs MAC addresses will be recorded for the crime. Here is how to find and neutralize this threat in a simple way.
Restart your PC and do not open any web program like browser, messenger etc. Then find out your private ip-address using ipconfig command in command prompt which you can access by typing cmd on start menu search box. I'm using Windows 7.
It will be like this.
Now you can find out the internal network range. Which is here 192.168.1.x So any number which starts with 192.168.1. are my internal ip addresses.
Then type netstat -ano command and enter. Result will be like this.
Now watch for the established connections and IP addresses which are not in your subnet or simply which are public ip addresses. Oops!! :O I have a one..
I really amazed what was that and traced back to know what is that. 18.104.22.168 ip addess is a public address from a server from Denmark. I traced it from a reverse ip-lookup site and still no idea. I just restarted my computer and checked again to see weather it is comming again or not.
Yes, It came and this time the process id is 1396. Now I'm going to find what is running on that process using task manager and if it seems unknown I'm going to end that process.
Hit Ctrl + Shift + Del and start task manager.
View -> Select Columns --> check PID
Now you can see the PIDs (Process IDs) and click on the show processes from all users from interface of task manager.
PID 1396 (previously 1364)was Avast. If it is an unknown process with an unknown server connected, it can be a hacker. You can click end process and kick out the hacker from your PC.