Results 1 to 20 of 20
  1. #1
    Member tainice's Avatar
    Join Date
    Oct 2001
    Location
    Carbondale, IL

    Damn hackers, anyway to counter/trace them/

    every since i installed the firewall, i notice that my computer has been attacked by the same peson from time to time, just wondering if there is a way to trace the address and eventually do something to stop it? my knowledge in this kind of matter is servely limited, so please, explain everything... thanz yo

  2. #2
    Member

    Edward2's Avatar
    10 Year Badge
    Join Date
    Apr 2002
    Location
    Folding@Home in Ball Ground, GA
    Folding Profile
    Do you know the IP address of the person hacking you? If so, you can download a couple of programs that may help.

    There is one called "Whois" (I believe) that will tell you about that IP address. More than likely the person does not have a static IP address, but Whois may tell you who the ISP is. Then you could contact them with dates and times and maybe they could do something about it.

    There is also one called "Traceroute" (I believe) that will trace the IP address. If I remember correctly, it will tell you what City, State, Country the IP address is registered in. Again, you may be able to determine the ISP and report the person.

    I don't know what sort of firewall you have, but Norton Internet Security has a feature called "Intrusion Protection". It will detect a port scan and will log the IP address. You can then ban that IP address from accessing your computer.

    A few other words of warning. If you have a router, do not use the default userid and password. Everyone will know them. Change them to something unique. Minimize the user rights (allow read only) and/or eliminate "Shares" on your harddrives.
    Q9300 @ 3.4GHz, Asus P5Q Pro, 4GB OCZ Platinum DDR2-1066, GTX580 @ 900GPU, OCZ Vendetta 2, PC P&C 750W
    i5-3570K @ 4.5GHz, Asus P8Z77, 4GB G Skill DDR3-1333, GTX580 @ 900GPU, CM Hyper 212+ HS/F, Corsair 850W
    4x 6180SE @ 2.75GHz, SM H8QGi-F, 32GB G Skill DDR3-1333, CM Hyper 212+ HS/F, Redundant 1400W


    Folding User Stats

  3. #3
    Member tainice's Avatar
    Join Date
    Oct 2001
    Location
    Carbondale, IL
    thanz man! yeah, i am using Norton personal firewall..i will do what you said. just a though, i read this from the pc magazine, that NPF by defualt, has left port 5(?) open, but cannot be manually closed, just wondering anyone knows how to do it?

  4. #4
    Member

    Edward2's Avatar
    10 Year Badge
    Join Date
    Apr 2002
    Location
    Folding@Home in Ball Ground, GA
    Folding Profile
    I haven't heard about that (port 5 being open). I have a router also, so when I do port scans, it does not detect any ports being open.
    Q9300 @ 3.4GHz, Asus P5Q Pro, 4GB OCZ Platinum DDR2-1066, GTX580 @ 900GPU, OCZ Vendetta 2, PC P&C 750W
    i5-3570K @ 4.5GHz, Asus P8Z77, 4GB G Skill DDR3-1333, GTX580 @ 900GPU, CM Hyper 212+ HS/F, Corsair 850W
    4x 6180SE @ 2.75GHz, SM H8QGi-F, 32GB G Skill DDR3-1333, CM Hyper 212+ HS/F, Redundant 1400W


    Folding User Stats

  5. #5
    Member tainice's Avatar
    Join Date
    Oct 2001
    Location
    Carbondale, IL
    man, it was a typo, i mean CAN be manually closed...duh... well, guess i will have to do a scan before saying any else. btw, really appricate your reply.....i was worrying to death by that annoying hacker...@_+

  6. #6
    Member AarontheJC's Avatar
    Join Date
    Jan 2002
    Location
    Southern USA
    Great info. I have some guy on the network who writes me the same net send message over and over "Spam!" "Spam!"

    I don't know how to get his IP. How do I do that?

  7. #7
    Member tainice's Avatar
    Join Date
    Oct 2001
    Location
    Carbondale, IL
    read the first post by Edward2, or get Norton Personal Firewall.

  8. #8
    Member Mpegger's Avatar
    10 Year Badge
    Join Date
    Nov 2001
    Location
    NYC
    Heatware Profile
    Originally posted by AarontheJC
    Great info. I have some guy on the network who writes me the same net send message over and over "Spam!" "Spam!"

    I don't know how to get his IP. How do I do that?
    I would suggest if you dont already have a software firewall, you get Sygate Personal Firewall. It can keep traffic logs and tell you exactly what ip address it originated from, and can run traceroutes and whois.
    NZXT Switch 810 | ASRock Z97 Extreme4 | i7 4790K| 32GiB | 780Ti
    Lackrack Enterprise Edition | Dell R710 | 2 x Xeon X5570 | 96GiB | 14(28)TB ZFS-Raid10

    -----------------------------
    [GB ≠ GiB] [MB ≠ MiB] [kB ≠ kiB]
    "Apparently, Plaintiff believes that he could sue an egg company for fraud for labeling a carton of 12 eggs a “dozen,” because some bakers would view a “dozen” as including 13 items." - Western Digital 2006

    "One World, One Web, One Program" - Microsoft
    "Ein Volk, Ein Reich, Ein Führer" - Hitler

    (Microsucks) Avatar and quote on loan from AntmanMike
    Heatware

  9. #9
    Member

    Edward2's Avatar
    10 Year Badge
    Join Date
    Apr 2002
    Location
    Folding@Home in Ball Ground, GA
    Folding Profile
    I would agree that Sygate personal firewall is a good program from what I have seen. I often use the Sygate port scan website to test my network's security.
    Q9300 @ 3.4GHz, Asus P5Q Pro, 4GB OCZ Platinum DDR2-1066, GTX580 @ 900GPU, OCZ Vendetta 2, PC P&C 750W
    i5-3570K @ 4.5GHz, Asus P8Z77, 4GB G Skill DDR3-1333, GTX580 @ 900GPU, CM Hyper 212+ HS/F, Corsair 850W
    4x 6180SE @ 2.75GHz, SM H8QGi-F, 32GB G Skill DDR3-1333, CM Hyper 212+ HS/F, Redundant 1400W


    Folding User Stats

  10. #10
    Member
    Join Date
    Sep 2002
    Location
    CA, USA
    its all about zonealarm homes :P i think its the best, even the free utility stop most shiz, but it doesnt have the tracing built in, so ud need like traceroute and whois.....

  11. #11
    UnseenModerator UnseenMenace's Avatar
    10 Year Badge
    Join Date
    Apr 2001

    Re: Damn hackers, anyway to counter/trace them/

    Originally posted by tainice
    every since i installed the firewall, i notice that my computer has been attacked by the same peson from time to time, just wondering if there is a way to trace the address and eventually do something to stop it? my knowledge in this kind of matter is servely limited, so please, explain everything... thanz yo
    What makes you think that you are being attacked ??
    Because you explain using the words 'from time to time' this suggests that this is either a very weak attack effort of not one at all.

    A port scan can be a legitimate task done by system admins and as such it does not allways mean you are being hacked/attacked
    Some ISP's and IRC servers scan for ports often used by trojans and other programs used to exploit systems, before taking any steps first establish what port that person is probing, what that port is used for, what it is that person is actually attempting and then who that person is.

    The majority of software firewalls raise to many alarm bells imho, and confuse smoke with fire far to often
    one M15x is never enough

  12. #12
    Member tainice's Avatar
    Join Date
    Oct 2001
    Location
    Carbondale, IL
    I have to say that I am about 70% agree with what you said. According to the explanatory note of the firewall, alarms issued by it may or may not be mean that someone is actually trying to hack into my rig¡Khowever, since I have no way of identifying who or what is probing my rig and for what purposes, I will screen out anything suspicious, just a way to protect myself. Besides, I don¡¦t usually receive any alarm at all, except that one, so there is no trouble to me in any rate.

  13. #13
    AznSniper AZN's Avatar
    10 Year Badge
    Join Date
    Mar 2002
    unsceenmenace got to it before i could. I was going to say the exact same thing. I thought i was getting hacked to cuzz i saw the same IP everyday. I looked into the IP and found out it was comming from IRC.

    AZN
    "The only fool bigger than the person who knows it all, is the person who argues with him." Stanislaw Jerszy Lec

  14. #14
    Member elekt's Avatar
    Join Date
    Sep 2002
    Location
    los angeles, California
    black ice firewall will tell you when your pc is attacked, and the ip address of the attacker as well as alot of valuable protection options and utilites.

  15. #15
    Member Mpegger's Avatar
    10 Year Badge
    Join Date
    Nov 2001
    Location
    NYC
    Heatware Profile
    Contrary to what you say...

    http://forum.oc-forums.com/vb/showth...hreadid=111440

    Looks like Black Ice only alerts, if it even does that.

    Besides. The 2 freeware firewalls are more then adequete (if not better) then Black Ice. Personally, I prefer and recommend Sygate Personal Firewall. ZoneAlarm works fine, but I like all the options and further tweaking I can do with Sygate.
    NZXT Switch 810 | ASRock Z97 Extreme4 | i7 4790K| 32GiB | 780Ti
    Lackrack Enterprise Edition | Dell R710 | 2 x Xeon X5570 | 96GiB | 14(28)TB ZFS-Raid10

    -----------------------------
    [GB ≠ GiB] [MB ≠ MiB] [kB ≠ kiB]
    "Apparently, Plaintiff believes that he could sue an egg company for fraud for labeling a carton of 12 eggs a “dozen,” because some bakers would view a “dozen” as including 13 items." - Western Digital 2006

    "One World, One Web, One Program" - Microsoft
    "Ein Volk, Ein Reich, Ein Führer" - Hitler

    (Microsucks) Avatar and quote on loan from AntmanMike
    Heatware

  16. #16
    Senior Kitty Power! Wedo's Avatar
    Join Date
    Oct 2001
    Location
    Lost Angeles
    I have a great solution for the invesigation of the IP. Sam Spade. Every System Admin I know uses this program to track IP's. It'll do a who-is, tracert (slow and fast), check for an abuse alert, finger the IP, scan the IP etc. etc. etc.

    And it's FREE!

    You can get it here.

    Wedo
    ~ Folding for Sharon, Joy, Kathy, Cathy, Nancy, Peanut, and so many others ~[/size]

  17. #17
    Member AMD'er's Avatar
    10 Year Badge
    Join Date
    Jan 2002
    Location
    Atlanta
    just get a router and be done with it...it has a log of all incomming and outgoing messages or alerts....ZoneAlarm PRO allows you to click on a particular IP address and it takes you to ZONEALARM's website and gives you information about that IP
    No Rig Must Build New Still Waiting to Build A New One

    R.I.P (2002-2006) to the following Machine!!!
    P4 2.6C @ 3.32
    IC7G
    512 HyperX 3500
    ATI 9800 Pro
    Words of Wisdom:
    A Wise Man Once Said..."I PITTY DA FOOL"

  18. #18
    Member Jawsome's Avatar
    Join Date
    Jun 2002
    Location
    Maple Grove, Minnesota
    it'd be funny if sygate or zonealarm had a "counterattack" button
    Main Rig
    Mobo: Gigabyte MA790X-DS4 | Processor: Phenom II 940 | RAM: 8GB DDR2 1000 | Video: Radeon 5850 1gb

    My Heatware

  19. #19
    Member tainice's Avatar
    Join Date
    Oct 2001
    Location
    Carbondale, IL
    yo Wedo, thanz for the great proggy. really easy to use and very useful!

  20. #20
    Senior Kitty Power! Wedo's Avatar
    Join Date
    Oct 2001
    Location
    Lost Angeles
    Originally posted by tainice
    yo Wedo, thanz for the great proggy. really easy to use and very useful!
    My pleasure... Sam and I get together almost daily. In fact, last night after responding to the mail I picked up a Sub Seven attack from Japan.

    So good 'ol Sam Spade lead me to the location (by reading the hop descriptions in the trace route) and an abuse email (with a who is).

    I would like to find a counter attack program though

    Wedo
    ~ Folding for Sharon, Joy, Kathy, Cathy, Nancy, Peanut, and so many others ~[/size]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •