• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Damn hackers, anyway to counter/trace them/

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

tainice

Member
Joined
Oct 20, 2001
Location
Carbondale, IL
every since i installed the firewall, i notice that my computer has been attacked by the same peson from time to time, just wondering if there is a way to trace the address and eventually do something to stop it? my knowledge in this kind of matter is servely limited, so please, explain everything...:D thanz yo
 
Do you know the IP address of the person hacking you? If so, you can download a couple of programs that may help.

There is one called "Whois" (I believe) that will tell you about that IP address. More than likely the person does not have a static IP address, but Whois may tell you who the ISP is. Then you could contact them with dates and times and maybe they could do something about it.

There is also one called "Traceroute" (I believe) that will trace the IP address. If I remember correctly, it will tell you what City, State, Country the IP address is registered in. Again, you may be able to determine the ISP and report the person.

I don't know what sort of firewall you have, but Norton Internet Security has a feature called "Intrusion Protection". It will detect a port scan and will log the IP address. You can then ban that IP address from accessing your computer.

A few other words of warning. If you have a router, do not use the default userid and password. Everyone will know them. Change them to something unique. Minimize the user rights (allow read only) and/or eliminate "Shares" on your harddrives.
 
thanz man! yeah, i am using Norton personal firewall..i will do what you said. just a though, i read this from the pc magazine, that NPF by defualt, has left port 5(?) open, but cannot be manually closed, just wondering anyone knows how to do it?
 
man, it was a typo, i mean CAN be manually closed...duh... well, guess i will have to do a scan before saying any else. btw, really appricate your reply.....i was worrying to death by that annoying hacker...@_+
 
Great info. I have some guy on the network who writes me the same net send message over and over "Spam!" "Spam!"

I don't know how to get his IP. How do I do that?
 
AarontheJC said:
Great info. I have some guy on the network who writes me the same net send message over and over "Spam!" "Spam!"

I don't know how to get his IP. How do I do that?

I would suggest if you dont already have a software firewall, you get Sygate Personal Firewall. It can keep traffic logs and tell you exactly what ip address it originated from, and can run traceroutes and whois.
 
its all about zonealarm homes :p i think its the best, even the free utility stop most shiz, but it doesnt have the tracing built in, so ud need like traceroute and whois.....
 
tainice said:
every since i installed the firewall, i notice that my computer has been attacked by the same peson from time to time, just wondering if there is a way to trace the address and eventually do something to stop it? my knowledge in this kind of matter is servely limited, so please, explain everything...:D thanz yo

What makes you think that you are being attacked ??
Because you explain using the words 'from time to time' this suggests that this is either a very weak attack effort of not one at all.

A port scan can be a legitimate task done by system admins and as such it does not allways mean you are being hacked/attacked
Some ISP's and IRC servers scan for ports often used by trojans and other programs used to exploit systems, before taking any steps first establish what port that person is probing, what that port is used for, what it is that person is actually attempting and then who that person is.

The majority of software firewalls raise to many alarm bells imho, and confuse smoke with fire far to often
 
I have to say that I am about 70% agree with what you said. According to the explanatory note of the firewall, alarms issued by it may or may not be mean that someone is actually trying to hack into my rig¡Khowever, since I have no way of identifying who or what is probing my rig and for what purposes, I will screen out anything suspicious, just a way to protect myself. Besides, I don¡¦t usually receive any alarm at all, except that one, so there is no trouble to me in any rate.
 
unsceenmenace got to it before i could. I was going to say the exact same thing. I thought i was getting hacked to cuzz i saw the same IP everyday. I looked into the IP and found out it was comming from IRC.

AZN
 
black ice firewall will tell you when your pc is attacked, and the ip address of the attacker as well as alot of valuable protection options and utilites.
 
I have a great solution for the invesigation of the IP. Sam Spade. Every System Admin I know uses this program to track IP's. It'll do a who-is, tracert (slow and fast), check for an abuse alert, finger the IP, scan the IP etc. etc. etc.

And it's FREE! :D

You can get it here.

Wedo
 
just get a router and be done with it...it has a log of all incomming and outgoing messages or alerts....ZoneAlarm PRO allows you to click on a particular IP address and it takes you to ZONEALARM's website and gives you information about that IP
 
tainice said:
yo Wedo, thanz for the great proggy. really easy to use and very useful!

My pleasure... Sam and I get together almost daily. In fact, last night after responding to the mail I picked up a Sub Seven attack from Japan. :mad::mad:

So good 'ol Sam Spade lead me to the location (by reading the hop descriptions in the trace route) and an abuse email (with a who is).

I would like to find a counter attack program though :D

Wedo
 
Back