Notices

Overclockers Forums > Software > Internet, Networking, and Security
Internet, Networking, and Security Networking and Viruses/Malware trouble. Get the answers here.
Forum Jump

Damn hackers, anyway to counter/trace them/

Post Reply New Thread Subscribe Search this Thread
 
 
Thread Tools
Old 10-07-02, 08:51 PM Thread Starter   #1
tainice
Member

 
tainice's Avatar 

Join Date: Oct 2001
Location: Carbondale, IL

 
Damn hackers, anyway to counter/trace them/


every since i installed the firewall, i notice that my computer has been attacked by the same peson from time to time, just wondering if there is a way to trace the address and eventually do something to stop it? my knowledge in this kind of matter is servely limited, so please, explain everything... thanz yo
tainice is offline   QUOTE Thanks
Old 10-07-02, 09:15 PM   #2
Edward2
Member


 
Edward2's Avatar 

Join Date: Apr 2002
Location: Folding@Home in Ball Ground, GA

10 Year Badge
 
Do you know the IP address of the person hacking you? If so, you can download a couple of programs that may help.

There is one called "Whois" (I believe) that will tell you about that IP address. More than likely the person does not have a static IP address, but Whois may tell you who the ISP is. Then you could contact them with dates and times and maybe they could do something about it.

There is also one called "Traceroute" (I believe) that will trace the IP address. If I remember correctly, it will tell you what City, State, Country the IP address is registered in. Again, you may be able to determine the ISP and report the person.

I don't know what sort of firewall you have, but Norton Internet Security has a feature called "Intrusion Protection". It will detect a port scan and will log the IP address. You can then ban that IP address from accessing your computer.

A few other words of warning. If you have a router, do not use the default userid and password. Everyone will know them. Change them to something unique. Minimize the user rights (allow read only) and/or eliminate "Shares" on your harddrives.

__________________
Q9300 @ 3.4GHz, Asus P5Q Pro, 4GB OCZ Platinum DDR2-1066, GTX580 @ 900GPU, OCZ Vendetta 2, PC P&C 750W
i5-3570K @ 4.5GHz, Asus P8Z77, 4GB G Skill DDR3-1333, GTX580 @ 900GPU, CM Hyper 212+ HS/F, Corsair 850W
4x 6180SE @ 2.75GHz, SM H8QGi-F, 32GB G Skill DDR3-1333, CM Hyper 212+ HS/F, Redundant 1400W


Folding User Stats
Edward2 is offline Folding Profile   QUOTE Thanks
Old 10-07-02, 09:20 PM Thread Starter   #3
tainice
Member

 
tainice's Avatar 

Join Date: Oct 2001
Location: Carbondale, IL

 
thanz man! yeah, i am using Norton personal firewall..i will do what you said. just a though, i read this from the pc magazine, that NPF by defualt, has left port 5(?) open, but cannot be manually closed, just wondering anyone knows how to do it?
tainice is offline   QUOTE Thanks
Old 10-07-02, 09:28 PM   #4
Edward2
Member


 
Edward2's Avatar 

Join Date: Apr 2002
Location: Folding@Home in Ball Ground, GA

10 Year Badge
 
I haven't heard about that (port 5 being open). I have a router also, so when I do port scans, it does not detect any ports being open.

__________________
Q9300 @ 3.4GHz, Asus P5Q Pro, 4GB OCZ Platinum DDR2-1066, GTX580 @ 900GPU, OCZ Vendetta 2, PC P&C 750W
i5-3570K @ 4.5GHz, Asus P8Z77, 4GB G Skill DDR3-1333, GTX580 @ 900GPU, CM Hyper 212+ HS/F, Corsair 850W
4x 6180SE @ 2.75GHz, SM H8QGi-F, 32GB G Skill DDR3-1333, CM Hyper 212+ HS/F, Redundant 1400W


Folding User Stats
Edward2 is offline Folding Profile   QUOTE Thanks
Old 10-07-02, 09:31 PM Thread Starter   #5
tainice
Member

 
tainice's Avatar 

Join Date: Oct 2001
Location: Carbondale, IL

 
man, it was a typo, i mean CAN be manually closed...duh... well, guess i will have to do a scan before saying any else. btw, really appricate your reply.....i was worrying to death by that annoying hacker...@_+
tainice is offline   QUOTE Thanks
Old 10-07-02, 10:36 PM   #6
AarontheJC
Member

 
AarontheJC's Avatar 

Join Date: Jan 2002
Location: Southern USA

 
Great info. I have some guy on the network who writes me the same net send message over and over "Spam!" "Spam!"

I don't know how to get his IP. How do I do that?
AarontheJC is offline   QUOTE Thanks
Old 10-07-02, 11:53 PM Thread Starter   #7
tainice
Member

 
tainice's Avatar 

Join Date: Oct 2001
Location: Carbondale, IL

 
read the first post by Edward2, or get Norton Personal Firewall.
tainice is offline   QUOTE Thanks
Old 10-08-02, 04:18 AM   #8
Mpegger
Member

 
Mpegger's Avatar 

Join Date: Nov 2001
Location: NYC

10 Year Badge
 
Quote:
Originally posted by AarontheJC
Great info. I have some guy on the network who writes me the same net send message over and over "Spam!" "Spam!"

I don't know how to get his IP. How do I do that?
I would suggest if you dont already have a software firewall, you get Sygate Personal Firewall. It can keep traffic logs and tell you exactly what ip address it originated from, and can run traceroutes and whois.

__________________
NZXT Switch 810 / Gigabyte GA-X58A-UD3R / i7 980x @ 3857 / 24GiB / 780Ti
ESXi server / i7-3770s / 32GiB / 16TB ZFS-z2

-----------------------------
[GB ≠ GiB] [MB ≠ MiB] [kB ≠ kiB]
"Apparently, Plaintiff believes that he could sue an egg company for fraud for labeling a carton of 12 eggs a “dozen,” because some bakers would view a “dozen” as including 13 items." - Western Digital 2006

"One World, One Web, One Program" - Microsoft
"Ein Volk, Ein Reich, Ein Führer" - Hitler

(Microsucks) Avatar and quote on loan from AntmanMike
Heatware
Mpegger is offline Heatware Profile   QUOTE Thanks
Old 10-08-02, 05:44 AM   #9
Edward2
Member


 
Edward2's Avatar 

Join Date: Apr 2002
Location: Folding@Home in Ball Ground, GA

10 Year Badge
 
I would agree that Sygate personal firewall is a good program from what I have seen. I often use the Sygate port scan website to test my network's security.

__________________
Q9300 @ 3.4GHz, Asus P5Q Pro, 4GB OCZ Platinum DDR2-1066, GTX580 @ 900GPU, OCZ Vendetta 2, PC P&C 750W
i5-3570K @ 4.5GHz, Asus P8Z77, 4GB G Skill DDR3-1333, GTX580 @ 900GPU, CM Hyper 212+ HS/F, Corsair 850W
4x 6180SE @ 2.75GHz, SM H8QGi-F, 32GB G Skill DDR3-1333, CM Hyper 212+ HS/F, Redundant 1400W


Folding User Stats
Edward2 is offline Folding Profile   QUOTE Thanks
Old 10-08-02, 10:24 AM   #10
bubba gump
Member



Join Date: Sep 2002
Location: CA, USA

 
its all about zonealarm homes :P i think its the best, even the free utility stop most shiz, but it doesnt have the tracing built in, so ud need like traceroute and whois.....
bubba gump is offline   QUOTE Thanks
Old 10-08-02, 10:36 AM   #11
UnseenMenace
UnseenModerator

 
UnseenMenace's Avatar 

Join Date: Apr 2001

10 Year Badge
 
Re: Damn hackers, anyway to counter/trace them/


Quote:
Originally posted by tainice
every since i installed the firewall, i notice that my computer has been attacked by the same peson from time to time, just wondering if there is a way to trace the address and eventually do something to stop it? my knowledge in this kind of matter is servely limited, so please, explain everything... thanz yo
What makes you think that you are being attacked ??
Because you explain using the words 'from time to time' this suggests that this is either a very weak attack effort of not one at all.

A port scan can be a legitimate task done by system admins and as such it does not allways mean you are being hacked/attacked
Some ISP's and IRC servers scan for ports often used by trojans and other programs used to exploit systems, before taking any steps first establish what port that person is probing, what that port is used for, what it is that person is actually attempting and then who that person is.

The majority of software firewalls raise to many alarm bells imho, and confuse smoke with fire far to often

__________________
one M15x is never enough
UnseenMenace is offline   QUOTE Thanks
Old 10-08-02, 12:04 PM Thread Starter   #12
tainice
Member

 
tainice's Avatar 

Join Date: Oct 2001
Location: Carbondale, IL

 
I have to say that I am about 70% agree with what you said. According to the explanatory note of the firewall, alarms issued by it may or may not be mean that someone is actually trying to hack into my rig¡Khowever, since I have no way of identifying who or what is probing my rig and for what purposes, I will screen out anything suspicious, just a way to protect myself. Besides, I don¡¦t usually receive any alarm at all, except that one, so there is no trouble to me in any rate.
tainice is offline   QUOTE Thanks
Old 10-08-02, 03:25 PM   #13
AZN
AznSniper

 
AZN's Avatar 

Join Date: Mar 2002

10 Year Badge
 
unsceenmenace got to it before i could. I was going to say the exact same thing. I thought i was getting hacked to cuzz i saw the same IP everyday. I looked into the IP and found out it was comming from IRC.

AZN

__________________
"The only fool bigger than the person who knows it all, is the person who argues with him." Stanislaw Jerszy Lec
AZN is offline   QUOTE Thanks
Old 10-09-02, 08:12 PM   #14
elekt
Member

 
elekt's Avatar 

Join Date: Sep 2002
Location: los angeles, California

 
black ice firewall will tell you when your pc is attacked, and the ip address of the attacker as well as alot of valuable protection options and utilites.
elekt is offline   QUOTE Thanks
Old 10-09-02, 09:27 PM   #15
Mpegger
Member

 
Mpegger's Avatar 

Join Date: Nov 2001
Location: NYC

10 Year Badge
 
Contrary to what you say...

http://forum.oc-forums.com/vb/showth...hreadid=111440

Looks like Black Ice only alerts, if it even does that.

Besides. The 2 freeware firewalls are more then adequete (if not better) then Black Ice. Personally, I prefer and recommend Sygate Personal Firewall. ZoneAlarm works fine, but I like all the options and further tweaking I can do with Sygate.

__________________
NZXT Switch 810 / Gigabyte GA-X58A-UD3R / i7 980x @ 3857 / 24GiB / 780Ti
ESXi server / i7-3770s / 32GiB / 16TB ZFS-z2

-----------------------------
[GB ≠ GiB] [MB ≠ MiB] [kB ≠ kiB]
"Apparently, Plaintiff believes that he could sue an egg company for fraud for labeling a carton of 12 eggs a “dozen,” because some bakers would view a “dozen” as including 13 items." - Western Digital 2006

"One World, One Web, One Program" - Microsoft
"Ein Volk, Ein Reich, Ein Führer" - Hitler

(Microsucks) Avatar and quote on loan from AntmanMike
Heatware
Mpegger is offline Heatware Profile   QUOTE Thanks
Old 10-10-02, 09:46 PM   #16
Wedo
Senior Kitty Power!

 
Wedo's Avatar 

Join Date: Oct 2001
Location: Lost Angeles

 
I have a great solution for the invesigation of the IP. Sam Spade. Every System Admin I know uses this program to track IP's. It'll do a who-is, tracert (slow and fast), check for an abuse alert, finger the IP, scan the IP etc. etc. etc.

And it's FREE!

You can get it here.

Wedo

__________________
~ Folding for Sharon, Joy, Kathy, Cathy, Nancy, Peanut, and so many others ~[/size]
Wedo is offline   QUOTE Thanks
Old 10-10-02, 11:09 PM   #17
AMD'er
Member

 
AMD'er's Avatar 

Join Date: Jan 2002
Location: Atlanta

10 Year Badge
 
just get a router and be done with it...it has a log of all incomming and outgoing messages or alerts....ZoneAlarm PRO allows you to click on a particular IP address and it takes you to ZONEALARM's website and gives you information about that IP

__________________
No Rig Must Build New Still Waiting to Build A New One

R.I.P (2002-2006) to the following Machine!!!
P4 2.6C @ 3.32
IC7G
512 HyperX 3500
ATI 9800 Pro
Words of Wisdom:
A Wise Man Once Said..."I PITTY DA FOOL"
AMD'er is offline   QUOTE Thanks
Old 10-11-02, 12:16 PM   #18
Jawsome
Member

 
Jawsome's Avatar 

Join Date: Jun 2002
Location: Maple Grove, Minnesota

 
it'd be funny if sygate or zonealarm had a "counterattack" button

__________________
Main Rig
Mobo: Gigabyte MA790X-DS4 | Processor: Phenom II 940 | RAM: 8GB DDR2 1000 | Video: Radeon 5850 1gb

My Heatware
Jawsome is offline   QUOTE Thanks
Old 10-11-02, 12:55 PM Thread Starter   #19
tainice
Member

 
tainice's Avatar 

Join Date: Oct 2001
Location: Carbondale, IL

 
yo Wedo, thanz for the great proggy. really easy to use and very useful!
tainice is offline   QUOTE Thanks
Old 10-11-02, 01:28 PM   #20
Wedo
Senior Kitty Power!

 
Wedo's Avatar 

Join Date: Oct 2001
Location: Lost Angeles

 
Quote:
Originally posted by tainice
yo Wedo, thanz for the great proggy. really easy to use and very useful!
My pleasure... Sam and I get together almost daily. In fact, last night after responding to the mail I picked up a Sub Seven attack from Japan.

So good 'ol Sam Spade lead me to the location (by reading the hop descriptions in the trace route) and an abuse email (with a who is).

I would like to find a counter attack program though

Wedo

__________________
~ Folding for Sharon, Joy, Kathy, Cathy, Nancy, Peanut, and so many others ~[/size]
Wedo is offline   QUOTE Thanks

Post Reply New Thread Subscribe


Overclockers Forums > Software > Internet, Networking, and Security
Internet, Networking, and Security Networking and Viruses/Malware trouble. Get the answers here.
Forum Jump

Thread Tools Search this Thread
Search this Thread:

Advanced Search


Mobile Skin
All times are GMT -5. The time now is 11:16 AM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
You can add these icons by updating your profile information to include your Heatware ID, Benching Profile ID or your Folding/SETI profile ID. Edit your profile!
X

Welcome to Overclockers.com

Create your username to jump into the discussion!

New members like you have made this the best community on the Internet since 1998!


(4 digit year)

Why Join Us?

  • Share experience
  • Max out your hardware
  • Best forum members anywhere
  • Customized forum experience

Already a member?