|
-
June 21st, 2004, 10:26 PM
#11
Me and a few of my friends very regularly battle it out via the internet using NMAP and all sorts of other stuff. We have never had any probs with our ISP's though.
I dont think they care unless they receive a lot of complaints on a regular basis about you!
-
June 21st, 2004, 10:38 PM
#12
My ISP only cares if someone complains enough... But anyone with half a mind scans on a different PC than their own if they plan on attacking... Proxies don't work either, because they show up as proxies, public computers get used the most for this type of thing.
[H]ard|OCP <--Best hardware/gaming news out there--|
pwned.nl <--Gamers will love this one  --|
Light a man a fire and you\'ll keep him warm for a day, Light a man ON fire and you\'ll keep him warm the rest of his life.
-
June 22nd, 2004, 01:49 AM
#13
Junior Member
that must be on effective worm to be able to go thorugh all thoes ports or a realy infected system. Both could be possable but it seems like a kiddy looking for machines to be exploited by his programs. Like it was said nmap isn't ilegal but a scan can be consitered an warning for a attack. Rule of thumb: "if it would make you suspisious don't do it to them".
-
June 22nd, 2004, 02:33 AM
#14
not really... Sasser opens up quite a few ports on a computer I am quite sure... Even a skiddie wouldn't scan the same target over and over again... Unless they are really really stupid...
As a rule of thumb: "If a port scan makes you suspicious, you are too damn paranoid"
[H]ard|OCP <--Best hardware/gaming news out there--|
pwned.nl <--Gamers will love this one --|
Light a man a fire and you\'ll keep him warm for a day, Light a man ON fire and you\'ll keep him warm the rest of his life.
-
June 22nd, 2004, 02:45 AM
#15
Originally posted here by ack!_GRUB!
that must be on effective worm to be able to go thorugh all thoes ports or a realy infected system. Both could be possable but it seems like a kiddy looking for machines to be exploited by his programs.
Actually worms will only scan a small number of ports... what you wanna scan is an IP range pluse a small number of ports that usually associate with the services which it'll use. Usually it'll run a buffer overflow exploit or take advantage of trojans that have been dropped by previous worms. Im sure there are still some idiotic scumbags out there that are still infected with welchia, agobot, doomjuice, & (ect). I'd like to send these peaple to camps and have them exterminated in giant gas chambers disguised as showers.
But why always just assume the "OMG how dare this guy" approach of things? Esspecially when automated attacks have consistantly been on the rise for the past 6 to 5 years or so.
-
June 22nd, 2004, 04:13 AM
#16
To funny and a retard usually is just that.
First consider what you and so called friends are engaged in you topic LOL are these per chance your very activites.
Ports:
139 - Usually associated with the Bagel virus you or a fried have it and are looking for other systems. Or have placed it on another system.
6129- They these so called friends are looking to see if some sort of remote Admin is there.
139- This is about file sharing that relates to port 445 Server message or netbios looking for stuff to open to 139.
3127- Again most likely Mydoom that relates to the above.
1025- RPC ( Remte Call Procedure Call).
You want to know whay you have this stuff look to your own actions check any process running play with this tool online with on-line friends do not complain here. Try a goolgle search on your port numbers. You did not mention any software your are running.
Smiles crap stinks and a few here do also and I wish them luck it is rare I respond to nonsense, just make my living in the real world while real kids want to break Windows like that takes any knowledge.
Peace
I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg 
-
June 22nd, 2004, 04:13 AM
#17
Using nmap is like using any other tool, it's not illegal until you use it to break the law.
--PuRe
-
June 22nd, 2004, 09:08 AM
#18
Originally posted here by Cpt. Commander
Just so you know, some of the ports being scanned is, 2745, 6129, 139, 80, 445, 3127, 1025. Oh, by the way, his scanning has picked up again. He had stopped for a while, but it started again at 10:30 and lasted till 10:40. Then he stopped until 11:23 and did it once. But now he has stopped again. *shrug* I am wondering if maybe the person has a virus and doesn't know about it? Any opinions?
Its just a zombie infected with phatbot , do a whois and send an abuse complaint to the isp and if you are lucky they will tell them to clean up their computer , i see this all the time.....
edit http://www.us-cert.gov/current/current_activity.html --2/3 of the way down the page
Do unto others as you would have them do unto you.
The international ban against torturing prisoners of war does not necessarily apply to suspects detained in America\'s war on terror, Attorney General John Ashcroft told a Senate oversight committee
-- true colors revealed, a brown shirt and jackboots
-
June 22nd, 2004, 02:48 PM
#19
Junior Member
Yeah. I did that yesterday. Thanks Lumpy.
Don\'t mistake lack of talent for genius.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote