Attempted Hacking/Cracking with Trojans
Results 1 to 7 of 7

Thread: Attempted Hacking/Cracking with Trojans

  1. #1
    Junior Member
    Join Date
    Jul 2002
    Posts
    2

    Question Attempted Hacking/Cracking with Trojans

    Seeking some advice here.....
    I have a firewall installed & receive at least one notification a day that an attempt has been made to send a trojan to me. Whilst I don't take this too personally (being on cable I assume this same program has been sent to thousands of others) should I continue to inform the ISP of the person responsible or is this really just a waste of time??
    Should I get a life & be happy that my firewall is doing it's job correctly??

    Thanks
    Stimpy

  2. #2
    Hi mom!
    Join Date
    Aug 2001
    Posts
    1,103
    If the same person repeatedly is sending you this trojan, you might want to inform his ISP. Let his ISP contact him, and tell him he's sending out trojans or virusses. Half the time, your 'attacker' doesn't even know he's attacking you. I wouldn't bother for individual cases though. Oh, and always include your logs, if you contact an ISP. Based on those, they can determine what course of action to take.
    I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.

  3. #3
    Banned
    Join Date
    Sep 2001
    Posts
    22
    Personally, i use neotrace firewall and neotrace. You can find it at http://www.mcafee.com/myapps/neoworx/default.asp.
    You can trace any possible intruders back to the last node and then report them to Hackerwatch. Thats what I do. I wouldn't say its the best way to do things. Usually the isp should already see the the guy scanning port 27234.

    Sorry about the web address. Here is a valid one
    http://downloads-zdnet.com.com/3000-2172-7139158.html

    here is a valid web adress sorry
    http://downloads-zdnet.com.com/3000-2172-7139158.html

  4. #4
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    You should report it to their ISP; however, not all ISPs take it very seriously if their users are doing nefarious stuff. Might also consider reporting it to a few orginizations that get things together and report them to the ISP and for example notify the authorities. One such place that I am aware of :

    http://www.dshield.org/fightback.html
    Dont know if they are affiliated by SANS, but off of their site http://www.incidents.org, dshield is referenced.


    Neb
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  5. #5
    Banned
    Join Date
    Jun 2002
    Posts
    458
    Yup, lots of ISPs don't really care what their users do unless they get called by law enforcement. Port scanning isn't illegal so chances are this ISP doesn't really care about what you are experiencing. If this is the same person who is repeatedly scanning you, then scan back and see if you recieve any open ports or just a long wait, because if the person has a firewall, they'll realize that somebody is there, I did that to somebody who constantly scanned me and after I did it for a few days they stopped. Try complaining to your ISP as well as his/her ISP, as your ISP might stick up for you, who knows, its worth a shot. And keep logs because you never know when they might become very useful. And I am assuming you have a firewall, does your firewall respond to these portscans? If not, then be happy knowing you are slowing these people down a whole lot.

  6. #6
    Khakisrule, you have a point about portscanning, but in this case, scanning could very well lead to immediate action. Lemme put it this way... Person Y scans Person X for sub7. He find's that he has it and enter's his computer with sub7. Scanning, in some case's, once a target is found, lead's DIRECTLY into their computer. So as portscanning is illegial, "trojan scanning" by most ISP's will lead them to take an extreme course of action.

  7. #7
    Junior Member
    Join Date
    Jul 2002
    Posts
    2

    Smile

    Thanks for all the replies they have all been of great use.
    Cheers
    Stimpy
    It\'s all very funny until someone loses an eye!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides