:confused:
Can anyone tell me if there is a way to do this?
I have this same IP # hitting me with virus/tracking devices everytime I log onto my computer until I log off.
Is there anyway to send back to her what she is sending to me?
Printable View
:confused:
Can anyone tell me if there is a way to do this?
I have this same IP # hitting me with virus/tracking devices everytime I log onto my computer until I log off.
Is there anyway to send back to her what she is sending to me?
Rather than send the virus back to them, find out the ISP that owns the range and file a complaint with them. Then filter the emails based on Source IP into the Trash bin.
Have you thought about installing a firewall and just ignoring her? :p
Cheers:
Hello,
I just want to thank you for your quick reply.
I do have 2 firewalls up & running. I have both set for high risk & you know that dang window that pops up everytime you get hit? That really becomes annoying! Just thought I would try here before I took to sending complaints out!
Thanks for your time.
MsMittens,
Thanks a lot. It looks like I might have to do this.
Why do you have two? One is enough especially since having two will slow down your computer! First off you don't know if the IP is actually the attacker- it could be a proxy or the machine is a zombie or something along those lines. Second, you can get in as much trouble with resending the virus as the original sender!Quote:
I do have 2 firewalls up & running.
Thanks alot for your reply.
I was thinking that there was away to have something like a trampoline put in. Where it would hit your firewall and bounce right back to them. I had to put up 2 fire walls because with just one it seemed like they could still get into it. I've had 2 tracking devices removed & I had to get a whole new computer because of the Trojan virus. And yes it has slowed down my computer but it's worth it to me. I can't afford another computer!
Thanks again for all your help,
Respects
one PROPERLY configured firewall is enough. If you have two up and they are not properly configured its like putting two screen doors on a submarine... also make sure you have an uptodate antivirus program, and run programs like adaware regularly.
Hi, It's Nobody. I don't think that you are going about this the right way.
If it is a "virus" it is attempting to replicate itself, almost certainly robotically and possibly
spoofing the addresses while it does it.
If you are interested, please PM me with a copy of the next one you get and I will take a quick look, or, is it that you are just getting warnings from your firewall (s :eek: )? That means very little......probably one of the many internet worms doing the rounds.
To be honest I wouldn't worry too much...........It is the one that isn't detected that will kill you :D
Take care
It's Nobdy, I've included the pertinent quotation from your post because I have the impression that you're misinformed on the function of a firewall. A firewall will not protect you from virii or trojans because in the vast majority of cases, the transmission mode (how one's system becomes infected) would be either through an application that has been granted access through the firewall (browser, email application, etc) or by the user running a downloaded executable (again, granted access) that contained a rather nasty payload (either virus or trojan).Quote:
Originally posted here by It's Nobdy
I've had 2 tracking devices removed & I had to get a whole new computer because of the Trojan virus
I'll let Catch explain the purpose of a firewall:
Please see this thread for a greater understanding of firewalls (also, read through the various threads in the firewall section). The accepted wisdom is if you do use a (software) firewall then you will only need one because multiple firewalls can conflict with each other and open up a series of vulnerabilities or may simply not work at you. At best, you have a false sense of security - a worst, you have a wide open system.Quote:
Firewalls have two uses:
1. Filtering ports, either by packet type or data content.
2. Segregating network traffic.
I believe nihil has just replied and mentioned that from the description it's probably just a worm. Just turn off your alerts and don't let it stress you out. Even if it is a worm, or an attempted attack (unlikely, just opportunism) provided that the (ab)user or worm cannot get in, it's not an issue. If it does cause you concern, then take MsMitten's advice (also a sensible thing to do) and trace the IP (SamSpade comes to mind) and send a polite email to the user's ISP.
Also, if you're running a Windows box then you might wish to consider closing unnecessary services. Even if your firewall fails, if there are no or very few open ports, then the chance of an attacker getting into your box becomes that much more difficult. See this tutorial on how to identify processes on your (windows) machine. Also, see Black Viper for a guide to close services on Windows 2000 and Windows XP boxes. Update: quite a few users on this site have recommended this site. Credit to Lansing_Banda for providing the link in this thread.
Please, please educate yourself on the differences between a firewall, AV and IDS. Not opening any dubious executables from unknown or potentially untrustworthy sources is a good idea, not to mention ensuring that HTML and scripting is turned OFF in your email application. Also, make sure that you have an AV application that is currently updated and check every download against it or new application prior to install. Whilst a firewall may alert you to the fact that you have been infected with a worm i.e. asking permission to connect to the 'net, it will not stop you from becoming infected in the first place.
Regards,
Riotgirl
P.s. Another reason why I would not advocate vigilante action is purely because the IP address is probably either an infected or hacked box and is in all likelihood just another victim, rather than the attacker.
If a virus is trying to infect your computer through a port like what a rpc exploit does, then chances are that the persons computer is infected, ant they more than likely have no knowledge of it. There machine is probly already infected, so it would be slightly pointless to bounce it back.
Its 3 AM in here so forgive me if I'm repeating any answers....
First and foremost, 1 firewall, properly configured is sufficient as mentioned above.
Second: Lower the alerting level to "low" as your firewall will get hit constantly but you do not need it to report every single case....thats why you think you're being targeted. When the alerting setting is set at "LOW", your firewall will only report attacks which are a real danger to your computer.
Third: As mentioned above, it is most likely a zombie machine scanning the network. If it is defenitely a zombie machine, then you can report the offending IP to the ISP and they could look into that. Do a WhoIS on the IP and get a hold of the admin for that network. You can give them a call or email them.
Good Luck.
Too much like fate ............
On return to home page - This in the Quick Tips:
Quote:
Firewalls are fantastic security tools, but they are useless unless you configure them correctly.
-submitted by SoggyBottom
View All Quick Tips
"Is there anyway to send back to her what she is sending to me?"
WoW... I didn't know you can find the sex of a person from IP address......
Quote:
Originally posted here by oxygen
"Is there anyway to send back to her what she is sending to me?"
WoW... I didn't know you can find the sex of a person from IP address......
Pfft Of course you can, 127.0.0.1 is your little home maker Wife, 138.138.138.138 Is The Misfits network, And 133.7.0.0 is every script kiddie who is a girl, and 133.7.1.1 is all the dudes, and dir.dirrrrrr.dirrrrr.duh is anyone who doesn't know this.
Then there is me:
138.138.DEAD.138 In hex of course.
I wish I could explain the whole situation but this goes further then anyone realizes. I know who this person is because of some business I've done in the past with her & her associates. I did not want to do what these people asked me to do. So far they have drained my bank account (but they did put it back with in 2 days), they have had me tailed, they have sent me treatening messages, & they have more or less stolen my identity. All my mail is going to Mo. I live in Ohio & the post office told me that I had filled out a change of address card (which I have not) & if I want to change the address again I have to go to Mo.
quote:
Originally posted here by oxygen
"Is there anyway to send back to her what she is sending to me?"
WoW... I didn't know you can find the sex of a person from IP address......
Pfft Of course you can, 127.0.0.1 is your little home maker Wife, 138.138.138.138 Is The Misfits network, And 133.7.0.0 is every script kiddie who is a girl, and 133.7.1.1 is all the dudes, and dir.dirrrrrr.dirrrrr.duh is anyone who doesn't know this.
Then there is me:
138.138.DEAD.138 In hex of course.
This maybe a joke to some of you but it is not to me. I just figured I could come here for a little bit of help but I guess not sorry for the inconvenience. I will not bother you again.
Respects
It's Nobdy,
Unfortunately some users have treated your post as one to ridicule but you really needed to be open and honest because from your post this goes way, way beyond re-sending someone a virus.
Bold annotations are my own.Quote:
I wish I could explain the whole situation but this goes further then anyone realizes. I know who this person is because of some business I've done in the past with her & her associates. I did not want to do what these people asked me to do. So far they have drained my bank account (but they did put it back with in 2 days), they have had me tailed, they have sent me treatening messages, & they have more or less stolen my identity. All my mail is going to Mo. I live in Ohio & the post office told me that I had filled out a change of address card (which I have not) & if I want to change the address again I have to go to Mo.
Correct me if I am wrong, but you have described a catalogue of criminal offences. Also, how did this mysterious woman and her associates "drain" your bank account without either your express permission (a shared account) or by using a key-logger, etc to obtain details to allow them to access any online accounts that you might have? Call me suspicious but if this happened to me then I wouldn't be posting about how to re-send a virus - I'd be notifying the authorities and/or taking my 'own' action.
Again, I suspect that any technical information provided will not help your situation because it is obvious the root cause goes way beyond a technical solution. If someone has access to your bank details, then sending them a virus is like spitting in the wind - compared to the ammunition that they are using against you.
From reading your posts again, I have the following impressions:
1. You have a trojan (RAT) on your box. Back up your files and re-format. Do it NOW!
2. Ensure you have a firewall properly configured, AV software and if on a Windows box, all of your non-essential services switched off.
3. Do not download or run any executables unless checked with AV and a Trojan detector - even then be 100% sure of the source (sounds like you've been sucker punched with a Trojan before - virii or trojans generally rely on the user to activate them, unlike worms)
4. Notify the police. Provide all and any evidence (log files, speak to your phone company, ISP, etc) to help them with their investigation.
I suspect, as you said yourself, that there is an awful lot of background information to this situation that has not been revealed. You sound like what you're really after is someone to provide you with either a step by step guide to hack (retaliate) or to offer their services to you. AP is not the place to be asking for such information, although if you want help in tracking down the source, or avenues then some users can perhaps provide some guidance. That said, from what you've told us I doubt if anyone will touch this with a 10 ft barge pole.
Hope that you resolve your problem.
Regards,
Riotgirl
The strange thing about this is I have no online accounts. I get paid every two weeks. I went to make a withdraw out of my checking account & the lady at the bank said that not even 5 minutes ago $$ was taken out electronically. She said that she did not know who took it out. I then went home recieved a phone call. They told me to call my bank. I did & they said that the $$ was back in there. He said next time it would not reappear.
I want to Thank you for your advice & I'll make sure all the suggestions you made are in place.
The whole thing about this is some of the people that are messing with me are what would you call them? "Dirty" they are well known the states public eye. It's more trouble then it's worth. Or should I say that if I say a word I might not be here tomorrow.
Thanks again for all your help. I'm glad you gave me a little bit of hope.
Respects
Uhh.. I'd be calling the cops period. It's called stalking, theft and tampering with banking procedures. The bank should also be notified and they should be investigating on their end. Regardless of the amount, this does amount to a crime that time should be done on. The bank would likely detect different IP addresses to access the bank and that will help deal with them.Quote:
I'd be notifying the authorities and/or taking my 'own' action.
The issue with reformatting in this case however is that evidence will possibly be destroyed and may leave them without a trail to follow (granted they may have resources to recover this). Ideally, and it's not a cheap option, get another hard drive and format that with a new install. If at all possible, keep the other drive for evidence for the police and don't alter anything on it. 1s and 0s can be difficult in court but it might help lead to more concrete evidence down the road.
So you'll let them get away with it again and again against you or others?Quote:
The whole thing about this is some of the people that are messing with me are what would you call them? "Dirty" they are well known the states public eye. It's more trouble then it's worth. Or should I say that if I say a word I might not be here tomorrow.
And you'll just reformat without knowing how they installed the trojan (if that's what they used)?
You might want to see about investigating this no matter how scary it is. They are relying on your fear of the unknown and who they claim they are (how do you know?) In the worst case (and perhaps a tad paranoid), look physically around the machine to see if any unusual devices are attached and check to see if any indications that someone has been in.
And if these people are as "dirty" as you claim, then you need to ask why they would be targetting you. What have you done to get their attention?
Thanks for your thoughts.
I will look around my computer at home & I will take into consideration the other things you said. Thanks a million!
Respects
OK you don't want to mess with them?.................I won't even speculate how you got involved in the first place :eek:
That's your answer..................Banks are discrete, especially when someone has penetrated their systems.................give them a hard time..............like:Quote:
The bank should also be notified and they should be investigating on their end
"You have 48 hours in which to resolve this issue, or I shall go public on your pathetically inadequate security"..........you did say you did't use online banking...............neither do I............I have absolute confidence (zero) in its security.
The bank will do the "dirty work" for you.................it is in their interests to preserve their reputation. And they certainly don't like the idea of loopholes in their systems.
You should also report the incident to the appropriate law enforcement agencies.
:umph:
Thank you very much I had no clue. I will work this out starting this way!
Thanks a million!