How to resend a virus

[It's Nobdy]

Can anyone tell me if there is a way to do this?
I have this same IP # hitting me with virus/tracking devices everytime I log onto my computer until I log off.
Is there anyway to send back to her what she is sending to me?

[MrLinus]

Rather than send the virus back to them, find out the ISP that owns the range and file a complaint with them. Then filter the emails based on Source IP into the Trash bin.

[DjM]

Have you thought about installing a firewall and just ignoring her?

Cheers:

[It's Nobdy]

Hello,
I just want to thank you for your quick reply.
I do have 2 firewalls up & running. I have both set for high risk & you know that dang window that pops up everytime you get hit? That really becomes annoying! Just thought I would try here before I took to sending complaints out!
Thanks for your time.

[It's Nobdy]

MsMittens,
Thanks a lot. It looks like I might have to do this.

[kurt_der_koenig]

I do have 2 firewalls up & running.

Why do you have two? One is enough especially since having two will slow down your computer! First off you don't know if the IP is actually the attacker- it could be a proxy or the machine is a zombie or something along those lines. Second, you can get in as much trouble with resending the virus as the original sender!

[It's Nobdy]

Thanks alot for your reply.
I was thinking that there was away to have something like a trampoline put in. Where it would hit your firewall and bounce right back to them. I had to put up 2 fire walls because with just one it seemed like they could still get into it. I've had 2 tracking devices removed & I had to get a whole new computer because of the Trojan virus. And yes it has slowed down my computer but it's worth it to me. I can't afford another computer!
Thanks again for all your help,
Respects

[XTC46]

one PROPERLY configured firewall is enough. If you have two up and they are not properly configured its like putting two screen doors on a submarine... also make sure you have an uptodate antivirus program, and run programs like adaware regularly.

[nihil]

Hi, It's Nobody. I don't think that you are going about this the right way.

If it is a "virus" it is attempting to replicate itself, almost certainly robotically and possibly
spoofing the addresses while it does it.

If you are interested, please PM me with a copy of the next one you get and I will take a quick look, or, is it that you are just getting warnings from your firewall (s )? That means very little......probably one of the many internet worms doing the rounds.

To be honest I wouldn't worry too much...........It is the one that isn't detected that will kill you

Take care

[Riotgirl]

Originally posted here by It's Nobdy
I've had 2 tracking devices removed & I had to get a whole new computer because of the Trojan virus

It's Nobdy, I've included the pertinent quotation from your post because I have the impression that you're misinformed on the function of a firewall. A firewall will not protect you from virii or trojans because in the vast majority of cases, the transmission mode (how one's system becomes infected) would be either through an application that has been granted access through the firewall (browser, email application, etc) or by the user running a downloaded executable (again, granted access) that contained a rather nasty payload (either virus or trojan).

I'll let Catch explain the purpose of a firewall:

Firewalls have two uses:

1. Filtering ports, either by packet type or data content.
2. Segregating network traffic.

Please see this thread for a greater understanding of firewalls (also, read through the various threads in the firewall section). The accepted wisdom is if you do use a (software) firewall then you will only need one because multiple firewalls can conflict with each other and open up a series of vulnerabilities or may simply not work at you. At best, you have a false sense of security - a worst, you have a wide open system.

I believe nihil has just replied and mentioned that from the description it's probably just a worm. Just turn off your alerts and don't let it stress you out. Even if it is a worm, or an attempted attack (unlikely, just opportunism) provided that the (ab)user or worm cannot get in, it's not an issue. If it does cause you concern, then take MsMitten's advice (also a sensible thing to do) and trace the IP (SamSpade comes to mind) and send a polite email to the user's ISP.

Also, if you're running a Windows box then you might wish to consider closing unnecessary services. Even if your firewall fails, if there are no or very few open ports, then the chance of an attacker getting into your box becomes that much more difficult. See this tutorial on how to identify processes on your (windows) machine. Also, see Black Viper for a guide to close services on Windows 2000 and Windows XP boxes. Update: quite a few users on this site have recommended this site. Credit to Lansing_Banda for providing the link in this thread.

Please, please educate yourself on the differences between a firewall, AV and IDS. Not opening any dubious executables from unknown or potentially untrustworthy sources is a good idea, not to mention ensuring that HTML and scripting is turned OFF in your email application. Also, make sure that you have an AV application that is currently updated and check every download against it or new application prior to install. Whilst a firewall may alert you to the fact that you have been infected with a worm i.e. asking permission to connect to the 'net, it will not stop you from becoming infected in the first place.

Regards,
Riotgirl

P.s. Another reason why I would not advocate vigilante action is purely because the IP address is probably either an infected or hacked box and is in all likelihood just another victim, rather than the attacker.