Sub7
Results 1 to 10 of 10

Thread: Sub7

  1. #1
    Senior Member
    Join Date
    Sep 2002
    Posts
    236

    Sub7

    Hello all...
    Lately I have been getting alot of intrusion attempts by Sub7... My friewall has blocked them all so far and loged the IP of the computer trying to get in to my system... My system shows to be clean of any trace of Sub7... My question is this I have used NEO Trace to find out where the computer that tried the attack is located... Where I am having trouble is figuring out is how do I go about deciphering all of the information I get from NEO Trace so I can contact the ISP and complain... There are two IP addresses that keep trying to get into my machine and I have traced them both...

    Sorry this is so long winded
    \"Nuts!\"- Commanding General 101st Airborne Division Dec 1944 in answer to German request that he surrender Bastogne during the Battle of the Bulge
    Life has a certian flavor for those who have fought and risked it all that the sheltered and protected can never experience.- John Stewart Mill
    White, Hetrosexual, Christian male. I own guns, hunt, eat meat, burn wood, and my wife wears fur... Any questions?

  2. #2
    Senior Member
    Join Date
    Apr 2002
    Posts
    1,050
    ok when you got the information from neotrace its like a whois if you have all of that logged and you should have the date and time yeah ? ok if you have all of that you should get a ripe address from the ISP you traced it back to send them a POLITE email saying that you have had scans from some one on there network are running port scans from the trojan sub7 are you sure about this now ? and send them the date and times of when the port scan was happening that should clear it up hopefully if it is a responsible ISP they shouldnt hesitate on taking approprate action agains the person(s) involved hope this helps
    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work
    http://muaythaiscotland.com/

  3. #3
    Banned
    Join Date
    Sep 2002
    Posts
    10
    Just to let you know don't get your hopes up thinking that it's going to stop when you notify the ISP of the kiddies. Most larger ISP's don't or won't do anything about it. Especially if it's just scans.

    There is a sub7 killer, it's a program that will mess up the people using sub7. It's worth a shot.
    http://www.blackcode.com/archive/sho...area=Firewalls

  4. #4
    Senior Member
    Join Date
    Apr 2002
    Posts
    317
    To report to the ISP :
    1. Get the ip address from your firewall log.
    2. Go to http://www.samspade.org
    3. Use the IP whois locator. It will give you ISP information for the attacker's IP address.
    4. Send a polite email to abuse@theisp.com - fully detail what you blieve has happened and what has been attempted. Include a copy of the logs as well.

    Regards.
    \"I believe that you can reach the point where there is no longer any difference between developing the habit of pretending to believe and developing the habit of believing.\"


  5. #5
    Senior Member
    Join Date
    Apr 2002
    Posts
    1,050
    on a side note you may want to read this tutorial by JCHostingAdmin on reporting and stopping internet crime against you read it here if you allready havent http://www.antionline.com/showthread...hreadid=234243 it should give you a better insight on whats happening
    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work
    http://muaythaiscotland.com/

  6. #6
    Senior Member
    Join Date
    Aug 2002
    Posts
    651
    4Midge: I must say that I have been getting a lot of them myself. The other day, I counted roughly 13 attempts. I just made sure that the traffic was dropped by the firewall. I asked the same type of question here on AO. I haven't been able to contact the ISP who owns the IP addresses as of yet, but I plan to. Good suggestion on the Sam Spade site. I downloaded the program and I like it.
    Opinions are like holes - everybody\'s got\'em.

    Smile

  7. #7
    Senior Member
    Join Date
    Sep 2002
    Posts
    236
    Thank you all for the help...

    4MidgetHitmen
    \"Nuts!\"- Commanding General 101st Airborne Division Dec 1944 in answer to German request that he surrender Bastogne during the Battle of the Bulge
    Life has a certian flavor for those who have fought and risked it all that the sheltered and protected can never experience.- John Stewart Mill
    White, Hetrosexual, Christian male. I own guns, hunt, eat meat, burn wood, and my wife wears fur... Any questions?

  8. #8
    Member
    Join Date
    Sep 2002
    Posts
    86
    Are you sure that it is intrusion attempts? Or is it just port scans by script kiddies looking to find a new zombie? I don't think that it will do you any good to try to find out who is doing the scanning. Most ISP's don't care whether or not their subscribers and doing port scans as long as the bill is paid.

    freeOn5> I wouldn't download any software that fights back when someone tries to intrude into your system. To the law that is the same thing as hacking and you can be procescuted if you do damage to someone's system, even though they may be hacking you.

  9. #9
    Senior Member cwk9's Avatar
    Join Date
    Feb 2002
    Posts
    1,211
    Another reason not to fight back is that the person doing the scanning might no even be aware of it. Often hackers will hijack a system and then use it as a base to scan and attack other computers.

    One thing thatís worth trying is using the net send command to send them a small text message. Of course they have to have NetBIOS open and be running windows. Problem is that its connection less so thereís no real way to see if they got your message, unless they send one back. Also you might just end up making your self target.
    Its not software piracy. Iím just making multiple off site backups.

  10. #10
    Omg, Look at the Similiar threads in this thread, lmfao. Anyways, I think that fighting back would be a HUGE mistake. First, it is against the law, even if he is hacking/scanning/etc you. You will get in trouble for fighting back because then they will say that you too are hacking. Second, like cwk9 said, You might be fighting back against a victim of hacking themselves. Lot's of hackers nowadays will hack into a system and use it against another. In that sense, they wouldn't get caught because if traced, it would be traced back to the IP of Victim #1. That is why you shouldn't fight back, but instead, report it. --Jason Copeland

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •