-
November 19th, 2001, 12:10 PM
#11
Member
This info helped tremendously! I understand what these nasty little things do and the impact potential they can have. Many Thanks!
-
November 19th, 2001, 06:26 PM
#12
well your assailant is somewhere near dallas or is routed through a server near there..... i can't get an exact read
-
November 19th, 2001, 07:59 PM
#13
Member
I am curious as to how you traced the person scanning my ports. I am a complete newbie; I know this must seem like a basic question.
-
November 19th, 2001, 11:26 PM
#14
actually that was a note to wasp88mm.... but the way i did it is through a prog that i wrote that does that. similar to the style of neotrace, but a little better... because i can do anonymous pings
-
November 21st, 2001, 04:55 AM
#15
for hillbilly75
11/20/01 22:47:10 dig 209.209.213.34 @ 198.6.1.2
Dig 34.213.209.209.in-addr.arpa@198.6.1.2 ...
Authoritative Answer
Recursive queries supported by this server
Query for 34.213.209.209.in-addr.arpa type=255 class=1
34.213.209.209.in-addr.arpa PTR (Pointer) philmax1-p34.mississippi.net
213.209.209.in-addr.arpa NS (Nameserver) ns1.bayou.com
213.209.209.in-addr.arpa NS (Nameserver) ns2.bayou.com
ns1.bayou.com A (Address) 206.28.99.10
ns2.bayou.com A (Address) 2
Up until recently all the real tracking tool were only found in *nix.
This dig i just did from a windows app called Sam Spade, from (oddly enough) SamSpade.org. The whole setup if really made for tracking and busting Spammers but its useful for a lot more.
as you can see from this, the culprit appears to be this account: philmax1-p34.mississippi.net
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
November 21st, 2001, 11:43 AM
#16
Member
I am going to go right on over and retrieve Mr. Spade. I had managed to trace another 'problem kidiot' to Southwest Kansas Online ( a dialup ). That is as far as I got however. This guy just kept pinging and scanning every five minutes or so. Anyway, I appreciate the info.
-
November 21st, 2001, 01:49 PM
#17
according to me u must scan your puter for trojans at least...once in two days... u can use tauscan trojan scanner ...which can be downloaded from here
just try it .... it works....
intruder...
-
November 22nd, 2001, 06:41 AM
#18
if the same person keeps doing it, go on over to securityfocus and do a serch for sub7. You'll find a couple of sub7 fake outs. They appear to the scanner to be sub7, but give you the options to send them the picture you want them to see when they do a screen capture (like the fbi emblem). you can also send them a message...."Your busted, fool!".
if you decide to download one, be sure to scan it for trojans as well as virii.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
November 26th, 2001, 10:15 PM
#19
Member
Went over to securityfocus and searched sub7. I found plenty of replies to questions but no fakeout utilities.
As for the scans, about 1 in every 3 are coming from IP208.189.34.143 Southwest Kansas Online. This guy just won't quit. He has taken a particular interest in my machine for some reason. Thanks.
-
November 28th, 2001, 05:14 PM
#20
one thing you can do is email the admin or the tech advisor of SouthWest Kansas Online
the admins addy is cjewell@swko.net
the tech is doug@swko.net
and tell them about there user dialing in to sub 7 you.... they might monitor the activity and cancel his or her* account
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|