Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Some questions

  1. #11
    AntiOnline Senior Medicine Man
    Join Date
    Nov 2001
    Posts
    724
    Thats what i thought too. I work at a ISP so that kinda scares me. Good think i dont work for AOL or Prodigy Internet. They get bombs by the week.
    It is better to be HATED for who you are, than LOVED for who you are NOT.

    THC/IP Version 4.2

  2. #12
    thank for the info and links everybody. i'll check 'em

  3. #13
    Senior Member
    Join Date
    Aug 2001
    Posts
    183
    Originally posted here by MsMittens
    I'm betting that a lot of the port 80s are leftover Nimdia and/or Code Red type worms. I still have students that connect and blam! get infected even at this point. The fact that ZA is picking it up is good. That means its doing its job, by protecting your machine from others.

    You might want to go and find Sam Spade. This can do a reverse DNS on ip's and you can then send a copy of your ZA log to their abuse desk to deal with it.
    I agree with this diagnosis-of course most of these virus only work on Windows 2000, but can be transferred or planted on any other Windows machine, but won't effect it's operations....
    “People don’t talk about anything.” [Clarisse]
    “Oh, they must!” [Guy]
    “No, not anything. They name a lot of cars or clothes or swimming pools mostly and say how swell! But they all say the same things and nobody says anything different from anyone else. And most of the time in the cafes they have the joke-boxes on and the same jokes most of the time, or the musical wall lit and all the colored patterns running up and down, but it’s only color and all abstract. And at the museums, have you ever been? All abstract. That\'s all there is now...\"
    -A conversation with Clarrise McClellan and Guy Montag from Fahrenheit 451

  4. #14
    Junior Member
    Join Date
    Mar 2002
    Posts
    3
    When you get the Zone Alarm popup alert, there is a button called "more info". This will take you to their "Alert Analyzer" page. There you can click the "Whois" tab and presto the originating ISP appears.

    Dragonseye

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •