java chat cracked
I am total newbie, so take this in concern. Tell me please, is it possible to hack into a java chat? Because today I was malested by one person who could see what I was talkin about with somebody else?
Can they see my IP? What else can they found out about me?
How to protect against such things.
Thanks a lot.
Depends on the environment of the chat server. But ist is possible, even if you use a proxy, to gain your real ip and browser environment via java/java script.
Protection: Disable java and java script, as far as possible.
I am a newby this forum as well. However, I think your question may deal more with security in general than forensics. Digital forensics deals more with looking at an event or compromise in retrospect for reconstruction. On second thought, I think you are asking for information to piece the events together that led to this information being acquired.
To answer your question, there are two primary ways that someone could gather this information. The first would be from an application installed on your machine or the machine of the person you are chatting with. This could be an application trojaned with a keylogger or a corporate internet monitoring application. The other way someone could acquire this information is through a packet sniffer. Assuming that the chat application is not encrypted, someone operating a sniffer could capture the data and decode it into usable converstation snipplets. The sniffer could be located logically at any location between the two endpoints. An alternate way that the information can be gathered in some circumstances is through logs maintained directly on either host by some chatting applications.
To determine the most likely scenario, you would need to find someone who has analyzed this specific application and determined which scenarios are possible. You could then apply the possible scenarios to your situation and determine which is most likely.
Thanks for answers.
I think that somebody hacked the chat server, because prior to event it was not possible to connect to it for some time.
In that case there is no cure, IMHO.
Do you know some good sites about java security issues?