Forgive me if someone asked this previously, but I haven’t seen it: If my computer were hacked, would I see more upload or download activity? Or it could be either, depending on why they hacked it?
Thank you kindly for any info.
Yes.
I would use the GlassWire “Usage” tab to drill down to what applications were doing this, and where they are connecting to. Might be harmless, but you never know. Also a good idea to run a malware scan now and then.
1 Like
I did everything you mentioned with AV, Windows, etc. and still got hacked. It can happen to anyone, because the hackers can evade your AV. You could be hacked right now and not even know it. That’s why I’m trying to learn how to use and read Glasswire info.
GW will alert to the kind of security issues a firewall can address, and then some, if under Settings > Security all the items are set as “notify me.”
Setting “First network activity” there along with “Ask To Connect” in the firewall screen is about as good as it gets.
So when you see “gotchadude.exe” requesting a connect after a “first network activity,” hitting Block would be advisable,
As for GW upload or download activity, that’s largely on your end to know that Super GeeWhiz Text Editorator in Apps Usage is something you installed or not. If the latter, then GW’s built in VirusTotal scan is a great tool. See the “Alerts Dictionary” below for the icons GW will flag with for activity which may or may not be suspicious. If you update your browser, you’ll get an Application info alert. But if you didn’t update, well, that’s suspicious. Which is one of the reasons why auto-updates of internet facing apps are not advised.
FWIW, I run Defender in Win10pro 21H2 with Microsoft Network Realtime Inspection Service and Windows Defender SmartScreen enabled. WIndows Security updates are checked hourly (for that, google on setting up MsMpEng.exe in Task Manager), otherwise default checks are adequate.
SpyShelter Premium and AppCheck Pro. Quad9 DNS and UltraDNS for the system, Cloudflare DoH in Firefox. In Firefox, the AdGuard extension using Stealth Mode, Phishing and malware protection and all the default AdGuard filters which includes Online Malicious URL Blocklist and NoCoin Filter List.
Cheers.
See also this Good Stuff:
1 Like
The problem you may face, is discovery after the attack. The best method is prevention.
If you are seriously worried about getting hacked, look at gateway firewall, something like (Open source) pfSense or OpenSense and make sure to install Snort or Suricata, etc (again open source versions available) to stop hackers the best you can.
I use pfSense + snort + pfBlockerNG on our network and Glasswire on the PCs. We get 100s of scans, attack attempts every day. You can run pfSense and OpenSense on old computers if necessary, but obviously the faster, the better.
Steep learning curve, but worth the knowledge. Loads of good tutorials on youtube.
1 Like