Have I been hacked?

I went to print a page from a website today and noticed that I had four or five printers listed that I don’t have. The printers were listed as “Canon BJ on server Sarah” or something similar. Each had a different type of printer and server name. I found out that I had printer and file sharing enabled, so I turned that off. The question I have is whether these additional printers are just something installed by XP as examples or whether someone hacked my computer. Any ideas? I haven’t had anything wierd or untoward happen that I know of, and I have Norton AntiVirus 2002 running. I was just wondering if there is anything I need to be concered about at this point.



Somewhat concerned. The thing is that you were file sharing, in other words: connected with other people (its mostly for businesses) so you took it off now, thats good, now your all done! Dont worry.

I don’t know why a hacker would add network printers… O_o So I doubt that.

I assume you are on a network, since you have sharing enabled (though Windows file sharing has its own host of vulnerabilities)… Are you on a large network?

“Canon BJ”. Hmm…I hope you don’t live in Boston.

XP will seek out and install shared printers that it finds on the same network segment. Is your computer on a local network? What type of Internet connection do you have?

If you’re on a cable modem, you may be seeing printers in the neighborhood! No kidding! When I first got @Home, I was able to see several (unprotected) computers in the neighboorhood. I think Comcast changed all that, but it’s a thought.

Could you print to them, Balthisar?

[sub]:evil grin:[/sub]

First, it isn’t hacking' at all. Hacking’ is the process of finding things out in a technical setting, usually tied in with the creation of software or other things. All of the best programmers are hackers.

You were worried about cracking, which is simply using computers in the commission of a crime (that’s an admittedly simplistic definition, but it will work here). That wasn’t really going on, either, but what was happening could have helped a cracker achieve his illegal (or possibly just annoying but lawful) ends.

You were the victim of open shares, or the practice of Microsoft OSes to make available on the Internet both files and access to things hooked up to the computer. People having access to a printer is probably only going to cost you some paper and toner, plus possibly embarassment if someone decides his buttocks are good enough to broadcast ( :smiley: ), but if you happen to share the file containing your tax info, well, there are much nicer positions to be in.

Information from a university about reducing the risks of sharing stuff.

This exact same thing happened to me not long ago, however I was able to identify all the computer names as belonging to my friends that I had previously been connected to on a local area network. Windows XP installs the printers on the network by itself, then even if the network has been disconnected the printers remain there until deleted, even if you can’t actually use them.

I find it interesting that no-one has mentioned XP’s built-in firewall facility… despite what people may think of it, it is a reasonable first line of defence.

Serenitynow, unless you are on a network (ie one that is local to your site), you shouldn’t be seeing any of these printers.

As someone has alluded to, XP has this habit of “finding” printers on your network connections. It sounds like you’re using cable or an xDSL connection which are essentially network connections - and that your provider is not filtering out NetBIOS (bad!). Time for you to get a firewall - use XP’s built-in one or get something like Zonealarm.

Hope this helps,
Max :slight_smile:

I can’t speak to XP’s firewall, having switched to Linux after I outgrew Windows ME, but I second the reccomendation for ZoneAlarm. You can download the free version here, and even the free version outperforms the pay version of many competitors. ZoneAlarm’s biggest leg up is that it prevents unauthorized programs from getting online, something many firewalls do not do. This means you will have to spend a few minutes configuring it to allow things like your browser and email client to have access, but it’s truly worth it.

Thanks for all of the info, everyone. I am not on a network, but connect to the internet via cable modem. The idea that it may be people in my neighborhood is interesting, but I didn’t immediately recognize names. Of course, I don’t know all of my neighbors. Apparently, XP automatically assumes you want printer or file sharing, or if it asks, I didn’t know any better. I am going to try the XP firewall and zonealarm and see which I like better.

I greatly appreciate all of information and advice.


serenitynow, isn’t it ironic that you’re not the one who’s been hacked, but you’re the one that did the hacking? :slight_smile: Your computer, I mean!

Serenity, you’re on he biggest network in the world - the Internet! In addition to what the others have said, the behaviour you’re seeing sounds a bit like (but not identical to) the Bugbear virus that was doing the rounds recently.

Four tips for safe computing in the Microsoft world:

1 - Get yourself a software firewall. Many people swear by ZoneAlarm.

2 - Get yourself a virus-checker. You may get it for free if your workplace is kind.

3 - Don’t use Outlook or Outlook Express. Email worms and viruses are typically targetted at these mailers. I recommend PMMail 2000 as a replacement for mail (payware) and XNews (freeware) for news, but these are very personal choices and others will recommend other packages.

4 - If you have to use Outlook or Outlook Express, turn off the Preview Pane.

I recommend Eudora (free trial version available) and XNews (freeware) for email and Usenet, respectively.