cracker troubles
Results 1 to 10 of 10

Thread: cracker troubles

  1. #1
    Junior Member
    Join Date
    May 2002
    Posts
    2

    cracker troubles

    We are part of an online community that is under attack (going on 3 months now) by someone who is sending e-mail bombs and cracking our systems. Avoiding the e-mail bombs isn't a problem. But, we keep getting hit by intrusion attempts. They've broken through (3 firewalls and Norton Internet Security) twice now through bombardment attacks. Now, when we start getting hit, we get offline and disconnect our cable modem for a bit. It's gotten to the point where my husband doesn't even want to use the computer any more.

    My question is this... What GOOD programs are out there that can help us trace this person and nail him? The Norton pops up the immediate IP. But, it's already been traced through chains of as many as 6 IPs. Most of our traces point to a single person...who has been put on notice. But, we don't want to take further legal action until we're sure it's him and not someone trying to frame him (a very real possibility).

    Any information/advice would be greatly appreciated!

    heyoka

  2. #2
    Senior Member
    Join Date
    Feb 2002
    Posts
    262
    Well you could use a intrusion dection program but you should only have one firewall up at a time becouse I think if you have more then one it will couse conflicts between the otheres. Anyway you can goto www.iss.net and get blackIce this will act as a firewall and let you know what someone is trying to do, who is doing it, and give you advice on how to deal w/ it and report it. All firewall's have there good and bad and everyone has there favorites, I just recomned BlackIce becouse its easy and gets the job done.
    aislinn, Aria, BTBAM, chevelle, codeseven, Cky, dredg, evergreen terrace, from autumn to ashes,hopesfall, hxc, luti-kriss, nirvana, norma jean, shai hulud, this hero dies, tool, underoath, zao,

  3. #3
    Senior Member
    Join Date
    Sep 2001
    Posts
    310
    Hey
    I would reccomend going to http://grc.com and scaning yourself. See if your box is easily open to attack. If it is then follow their instructions and patch up!
    script language=\"M$cript\";
    function beginError(bsod) {
    return true; }
    onLoad.windows = beginError;

  4. #4
    Top Gun Maverick811's Avatar
    Join Date
    Oct 2001
    Posts
    852
    Since you have been able to trace the IP back, contact the ISP of the offending IP address. Get them to investigate and look into the situation further. You are only allowed to protect yourself, not go after or try to get back at the attacker.

    As far as protection, what is your setup now? I'm assuming that you are running three software firewalls? If you are serious about security, I'd recommend purchasing a hardware based firewall - at a minimum, a device such as a Cable/DSL router from Linksys will provide some protection.
    - Maverick

  5. #5
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,542
    Maverick811 hmm... that will probably be expensive... another thing you (heyoka) can do is purchase a cheap box (Pentium I) even without hdd or monitor, install 2 nic's in it and get yourself a free linux based router program. It will turn that box into a firewall/router for FREE.

    www.freesco.org
    www.bbiagent.com
    www.linux.org -> apps

  6. #6
    Top Gun Maverick811's Avatar
    Join Date
    Oct 2001
    Posts
    852
    You are right, VictorKaum, some options would be expensive - but buying a Linksys router for around $100 (US) isn't too bad, and I know that there are some firewall appliances out there that are specially designed for small offices and homes such as the Firebox SOHO from WatchGuard. I guess my view is that protection is usually worth the price. But your idea with the older box is a good one.
    - Maverick

  7. #7

    Re: cracker troubles

    Originally posted here by heyoka
    We are part of an online community that is under attack (going on 3 months now) by someone who is sending e-mail bombs and cracking our systems. Avoiding the e-mail bombs isn't a problem. But, we keep getting hit by intrusion attempts. They've broken through (3 firewalls and Norton Internet Security) twice now through bombardment attacks. Now, when we start getting hit, we get offline and disconnect our cable modem for a bit. It's gotten to the point where my husband doesn't even want to use the computer any more.

    My question is this... What GOOD programs are out there that can help us trace this person and nail him? The Norton pops up the immediate IP. But, it's already been traced through chains of as many as 6 IPs. Most of our traces point to a single person...who has been put on notice. But, we don't want to take further legal action until we're sure it's him and not someone trying to frame him (a very real possibility).

    Any information/advice would be greatly appreciated!

    heyoka
    What the heck got the attacks strarted??? Some backround would help

  8. #8
    check the IDS list http://www.cert.org/tech_tips/intrud...checklist.html

    on the site should also be information on incident response (get the fbi on they @ss)

    good luck

    noODle
    http://doscerveza.ontheweb.nl

  9. #9
    Banned
    Join Date
    Apr 2002
    Posts
    149
    if you think you know his ip why dont you just block it? you say you have 3 firewalls....if you configure them correctly then it shouldnt be a problem.

  10. #10
    Fastest Thing Alive s0nIc's Avatar
    Join Date
    Sep 2001
    Location
    Sydney
    Posts
    1,584
    hmmm i'd stick to the Complain To Their ISP bit.. coz if there's anyone who knows who they are, it would be the ISP.. coz the ISP has a log of which user has which ip address at that certain time.. and if the person still wont comply to the ISP's complain.. u can always tell this to the feds.. they would gladly help..

    use www.cybercrime.gov as a reference on what u can do if ur under attack.. and what ur rights are as a cybercrime victim.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •