Internet Attacks

[XR6_ED]

  chooch said:

Hey guys, I work for tech support for optusnet.  if that happens all you do is disconnect and reconnect and that will change your IP address.

For you info whats happening is that one person (a geek from his laptop in a garage) has a port scanning program.  These programes will scan probably about 100,000 internet users online constantly by sending little 'pings' over the phone line looking for an available port on your computer to hack into, everytime a ping hits your computer Norton will display a message and make you think your being hacked when infact your not being hacked just pinged.....................however these programes send out thousands of pings per minute and probably report back to the user thousands of ports. not many ports would be available and the chances of someone hacking your pc is very unlikely and even more remote if your running a firewall (like Norton).

So chances are that the user who is pinging you doesnt even know that they have pinged your compter.

Also if a virus has infected a computer, then that virus can be running a port scan without the user even knowing.

Also smart hackers will block there IP address so it wont display any IP adress or the wrong IP address.  So the IP address you have wont really do much.

Basically, if a proper hacker wants yo hack you, you wont even know about it.  Hackers dont want general computers, they want company networks.

Hope this clears things up.  I deal with this stuff all day

:-)

good stuff

[Guest xrtwpn]

mate if they are any good at trying to hack you will never know there real IP addy

Just install a good firewall get all your windows updates and a virus detector and you will be fine

[CJF077]

Thats about all you can do. Technically though usually in the Terms and Conditions of the ISP the user has signed to they can suspend his account if he is using his ISP account to port scan IP ranges.

By the way im impressed MISSXR Not bad...

[Guest]

I wonder why my post was deleted from here,geea got any idea???

vik wondering whats going on

[FORDXR]

  geea said:

  jetute said:

  geea said:

  vik351 said:

  geea said:

I have noticed that lately I have been getting attacked alot. What am I able to do to track these people and beat the *beep* out of them???

Here is the address of the latest one 211.28.6.241 I have been attacked by this person 8 times in the last 20 minutes. How can I get in touch with them to find out who they are and deal with them?

Geea.

<{POST_SNAPBACK}>

I know the feeling Ive been threatened to be kicked off the forum for swearing,

Did you get a warning PM geea??? well did ya punk??? I know which way my moneys going

vik soon to be kicked out

<{POST_SNAPBACK}>

Not attacked on the site Vik. I'm having people try hacking into my cpu.

Geea.

<{POST_SNAPBACK}>

How do you know this?? you have some sort of program that can detect this??

<{POST_SNAPBACK}>

I have the Norton's Internet Security, it tells me when I'm attacked by what ip address and what program they are using. All the attacks that it tells me about are failures. I'm concerned that there could be attacks that I don';t know about that are successful.

Geea.

<{POST_SNAPBACK}>

There is your problem, Worst program ever.

All "Internet Security" programs are a joke, no one is trying to hack into you even if that’s the message you get, they scan millions of IPs everyday looking for open relay mail server (to spam from) or anonymous FTP servers.

The truth is no one cares for your files. If a real hacker (not a kid with a port scanner or Trojan) wanted to gain access to your computer do you think a simple program will save you?

All these lame programs do is create paranoia, My advice to anyone/everyone is to keep all your windows updates up-to date.

Edited 29/11/04 12:36 AM by FORDXR

[KrasH]

If you want to find the location/isp of any ip address, http://www.dnsstuff.com is a nifty site. Keep in mind that the senders IP may have been hijacked (find a weak system and use that as the source of the attack, hence why port scanning is common), but more than likely it's a script kiddy who hasn't got a clue. I've actually had some "chinese" ip's port scanning me which I found quite strange.

The best defence is a proper hardware firewall that is built into most adsl routers. These software firewalls can be good but unless you're running linux, they are pretty much over rated. Then again, setting them up in stealth mode (any packets sent to your computer will be dropped, and if the sender get's no reply, you "don't exist") can help. Most firewalls have protection from DoS (Denial of service) attacks which seems to be the most common attack out there.

Some tools if you are interested. Ethereal for packet sniffing. I have it on my linux box and on my windblows boxes. You can filter what type of traffic to see, what ip's etc. You'd be suprised how much junk some of the traffic may have. If you're pretty technically savy, try out nessus (I think that's it's name). It's a port scanner (most commonly used one) and use it on yourself (I think the 127.0.0.1 loopback ip ie. you, will work) . This way you can see what holes you may have. If there is a hole, from the internet to your computer, close it up. See if the firewall software is actually doing it's job.

And the common solution from many here. Keep virus software etc upto date. Download Ad-aware and Spybot - Search and destroy. These programs will clean out any "unknown" background programs that may have been installed when web browsing etc.

[Buf-Phoon]

  KrasH said:

And the common solution from many here. Keep virus software etc upto date. Download Ad-aware and Spybot - Search and destroy. These programs will clean out any "unknown" background programs that may have been installed when web browsing etc.

<{POST_SNAPBACK}>

Good call Add Spyware Blaster also not bad.

[ktford]

I got a new issue with the PC at work, I get all these pop up windows proclaiming that we need to install spyware detecting technology & a link with the prices & how to buy it.

Scotty