-
July 10th, 2002, 02:07 PM
#11
The law enforcement tactic mostly doesn't work. I had this twice and both times they said portscanning isn't illegal. Once it just didn't melt my router with an ddos attack because i pulled the plug out . The thing droby10 sais is a good idea.
Mailing the ISP always is worth a trie.
-
July 10th, 2002, 03:58 PM
#12
Vorlin & Guus are giving you solid advise. Your first step should be your ISP and the intruders ISP (if you have it). Like they said, ISP's take abuse serious these days and if you can prove (your log files) that one of their subscribers is abusing the system (and you), they will shut him down. Law enforcement would be your next step, if the threats continue. Again, you will need to compile as much evidence as possible (log files again and any e-mails you may have received) to prove you are being threatened and that the individual on the other end of the IP address or e-mail address is the one attacking you.
Good Luck.
-
July 10th, 2002, 04:02 PM
#13
Another thing you can do to help is report them to incidents.org, cert.org, or a few other sites like that focus on security and following up in events like this. Usually having SANS or a few other groups like that asking an ISP questions about its customers is more than enough to have them re-evaluate their slow or no response...
Another site that is, at least to me, fascinating: http://www.dshield.org/
Distributed ids...
neb
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
-
July 10th, 2002, 05:30 PM
#14
Junior Member
thx for the info people... I have send an e-mail to the ISP. But he already trashed a couple of my hotmail accounts by changing the passwords. But the funny thing is that I found his hotmail account. I´m waiting on respons from the ISP and I will probably take it to the law enforcement. Is there a way to get my hotmail accounts back? He even changed the secret answer...
-
July 10th, 2002, 06:11 PM
#15
Senior Member
Do you know where this person lives? Just kdding! I would set a trap with a honey pot. Let the person get in and do some dammage or take some files. This will be grounds for legal action.
-
July 10th, 2002, 07:24 PM
#16
Junior Member
i have had problems with hackers wanting to gain access to my pc (for what gain who knows) and i think i know the person doing it. i have logged and reported every violation they did. eventually it stopped from one IP address and started from another. so i started reporting again. come to find out, it wasnt who i thought it was at all, as the second and following attacks were from other countries. i know the possibility is there that they could have spoofed their IP address, but so is the possibility there is more than one hacker in the world. never underestimate your enemy. firewall logs are all well and goodfor port scans and the like, but what can someone do against buffer overflows, Denial of Service attacks or other exploits that may not get recorded in a firewall log? I have Windows XP and it has a nice event log, but being a newbie some of that stuff is greek to me. and when you click the "For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp." link, all i get is a page telling me "thanks for submitting a question we know nothing about" or something similar. there should be a tutorial aimed at teaching people how to read firewall logs and system performance logs. anyone know of any?
-
July 10th, 2002, 07:47 PM
#17
There is a good book put out by SANS on this, I will try to find out what the title is...
Found it: Intrusion Signatures and Analysis, Stephen Northcutt, et.al, New Riders, Indianapolis, Indiana, ISBN 0-7357-106305
Kind of dry reading at times, but I found it fairly informative...and it is pretty much what you are asking for...
Neb
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
-
July 10th, 2002, 07:53 PM
#18
The MS article for deciphering event logs is KB article Q308427. It should give you at least some idea of how to read the event logs. The following url has a pretty good article about reading firewall logs: http://www.robertgraham.com/pubs/firewall-seen.html
Hope this helps!
-
July 10th, 2002, 08:03 PM
#19
Junior Member
Have you tried changeing ISP and checking to see if by chance you have been trojaned?As most stalkers try and put a trojan on thier victims system.The cleaner at >moosoft.com/ is a very good trojan cleaner.
-
July 10th, 2002, 08:15 PM
#20
Senior Member
just log everything s/he does, make sure you tell his/her ISP first, give them a day or two and if they don't do anything then go to the proper authorities, im not sure about the laws over there but i think they are a little bit softer on the computer related crimes, after all thats where some of the best crackers are, just because its harder to prosecute them.
a common mistake made by even the best...
Hacker - 1.One who is proficient at using or programming a computer. 2. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities. 3. One who programs obsessively. 4. An expert at a particular program.
Cracker - 1. One who makes unathorized use of a computer, especially to tamper with data or programs. 2. An individual who attempts to gain unauthorized access to a computer system.
as you can see, what most people refer to as a hacker is really a cracker and most people dont even know they're wrong
I did not come here to tell you how it is going to end, I came here to tell you how it was going to begin. I\'m going to hang up this phone, then I\'m going to tell these people what you don\'t want them to hear.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|