May 24th, 2002, 02:34 AM
I use Sygate Personal Edition firewall. I use it becuase it's free. When I was on Game Spy Network, I got scanned 3 times. My firewall has a back trace option which only tells some stuff I don't yet understand. I don't want them just to go scott-free. So, I was wondering that if I get scanned next time if there was a program that automatically locks on to their scanning attempt and just shuts down their computer. Nothing malicious or destructive, I just want something to shut down their computer. Thanks for any help.
May 24th, 2002, 02:48 AM
Yes this can be done sort of. They have programs that reply with a message. As well, you can wreak havoc on them yourself in other ways. But all this the point being moot. Why? Because this is concidered just as bad or even worse than them scanning you. Scanning is harmless. I happens constantly on the net. Even your ISP (well at least most ISP's) scan their own nets to look for suscribers running unauthorized services such as an HTTP or FTP server if it's disallowed by their TOS. Basicaly doing this is illegal in most areas. As I said a scan alone is nothing. If someone continues at it from the same IP over and over then you may have a slight problem. But unless you're a big company with some pull. The only recourse you have is to report it to the ISP of the offending IP and see if they can handle it for you by canning that account. But if you take action such as what you want, you may end up losing your ISP account or in legal trouble. Besides if you have something that important on your puter encrypt it. Also if it's someone that knows what they are doing. You'll get the IP of an anon proxy or some victim of a trojans computer.
Hope this helps.
The COOKIE TUX lives!!!!
Windows NT crashed,I am the Blue Screen of Death.
No one hears your screams.
May 24th, 2002, 03:18 AM
I'd also add that since your firewall blocked the scan then you are safe. On any given typical day at work I get a minimum of 6 spoof IP addys, dozen or so port scans, lots of stay packets from ligit email servers most common port 53, 137 pesky script kiddies lol lots of pushes from RealAudio if somone is using real player on port 6939 I think. Good GUI on my firewall ligit connect are green, ligit email black, ftp blue as well as file attachments. At best I'd say maybe one attempt a week may catch my attention enough to well just add another blocked IP to the list and most if not all proxy IP's as well so before they even try they have to sit for the delay in lost packets. Why bother to freeze them up in many cases they do it all by their self LOL..those are the fun ones to watch at the fire wall such and such adsl and the computer name launch see wow 12 scans and they are gone and back in about as much time as it takes to re-boot...LOL dah that must be a good one they think.
I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg
May 24th, 2002, 03:29 AM
The person scanning you might no even know it. Some hacker might of just hijacked there computer and used it to scan you. So if you decide to strike back you might just end up taking down someone who doesn’t even know what a port scan is. Who’s the ass then?
Its not software piracy. I’m just making multiple off site backups.