June 18th, 2009 03:39 PM
KFSensor and Chinese Hackers
Hi, I have Zone Alarm 8 (free) installed on Win XP. I also have just installed
KFSensor (a honeypot). This KFSensor is telling me I have five visitors on my PC. One is 184.108.40.206 which traceroutes/whois to CHINA. Is China hacking me? Is Zone Alarm useless? Do they still make that other firewall (though the name eludes me)? What is going on here and what can I do? Thankyou for all advice.
June 18th, 2009 05:06 PM
You probably have some piece of scumware on your machine calling home....
scan your machine with malwarebytes....
How people treat you is their karma- how you react is yours-Wayne Dyer
June 18th, 2009 06:30 PM
"China" is a country. This would be like me refeshing this page and saying that my browser is connected to the entire state of Connecticut.
June 18th, 2009 06:47 PM
Maybe China has those Carrier pidgins that can carry packets like in that old ass video.
Originally Posted by The-Spec
June 18th, 2009 07:42 PM
Actually you could base64 encode files to have them printable to paper...
then just tie it to all of these lil' four foot tall asians.
June 18th, 2009 08:10 PM
LOL DUDE straight from the horses mouth...
KFSensor is a Windows based honeypot Intrusion Detection System (IDS).
It acts as a honeypot to attract and detect hackers and worms by simulating vulnerable system services and trojans.
By acting as a decoy server it can divert attacks from critical systems and provide a higher level of information than can be achieved by using firewalls and NIDS alone.
No firewall is going to prevent conversations YOU INITIATE. You are broadcasting to the INTERNET "HEY EVERYONE LOOK AT ME". Your firewall knows this and will let anyone look.
June 18th, 2009 11:22 PM
June 19th, 2009 02:53 AM
Maybe people post things they already know so they'll have a reason to respond with, "I like and identify with you."
June 20th, 2009 08:43 AM
Perhaps you should join the *******............I am sure that you would feel at home there
What is going on here and what can I do? Thankyou for all advice.
1. Is this the one you were thinking about?
Here is a relative newcomer:
As already noted, if you are running a honeypot you are inviting traffic so please don't blame the firewall.
2. There are so many compromised machines in the World these days that just because an IP address resolves to a particular country, does not mean that is where the attacker is operating from. Last I read for China was a ratio of 2:1 externally controlled bots to local Chinese ones.
Last edited by nihil; June 21st, 2009 at 03:13 PM.
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
June 22nd, 2009 12:27 PM
I like and identify with you...