FAQ about Hacked computers

My machines been hacked, what do I do?

  1. Disconnect your computer from the network (remove the patch cable).
  2. Contact the LTS Helpdesk for assistance.
  3. Backup your data files.
  4. Format the drives.
  5. Reinstall the OS.
  6. Install all the latest patches.
  7. "Harden" you system. Install the security benchmarks for your OS, which will go a long way towards hardening your system.
    For windows, you should go through microsoft's info at http://www.microsoft.com/technet/security, and scroll down to the link about hardening the systems.
  8. Install your application software.
  9. Turn on the firewall.
  10. Install Antivirus/End Point Protection software.
  11. Backup your system.
  12. Reconnect your system to the network. It is well known that systems have been "hacked" within 15 minutes of connecting them to the network after installing them, particually if they aren't patched. So patch the system BEFORE reconnecting it to the network.

That's a lot of work. Can't I just clean up the files?

No. You don't know how they broke into your machine, or what they left behind. If you don't start clean they could easily break back in.

That's a lot of work, will SNA do it for me?

No.

Where can I learn more about protecting my computer?