Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: I want to "surprise" this hacker...

  1. #1
    Junior Member
    Join Date
    Dec 2001
    Posts
    8

    Angry I want to "surprise" this hacker...

    This hacker 62.21.5.89 (who has a broadband connection) has tried to anoy me for sometime now.
    I have used NeoTrace and Retina 4.7.1 to get information about his internet supervisor and about his system (OS, open ports etc.)
    But although I mailed the traceroute AND the Log file from my firewall to the abuse-section at the network his using nothing has happend and I still get intrusion attempts from him/her.
    What I want to do now is to my self contact the so called hacker (e-mail or maybe send a message directly to his computer ) and I was wondering if this can be done???!?!?!
    I REALLY appreciate any help! :
    Pi.[2]=
    11. 00100100 00111111 01101010 10001000 10000101 10100011 00001000 11010011 00010011 00011001 10001010 00101110 00000011 01110000 01110011 01000100 10100100 00001001 00111000 00100010 00101001 10011111 00110001 11010000 00001000 00101110 11111010 10011000 11101100 01001110 01101100 10001001........

  2. #2
    I ran a trace myself. I think it's Negative!


    rofl

  3. #3
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    If I were you I'd load LaBrea and let it deal with your little problem. it'll slow his connection until there isn't anything left, but it'll use a limited amount of your bandwidth(whatever you specify).


    www.hackbusters.net


    It works perfectly, I have about 45 machines tarpitted right now, and I'm using .05% of my total bandwidth. not bad. Plus it reduces the effect of heavily infected networks by about 80%.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  4. #4
    Senior Member
    Join Date
    Jan 2002
    Posts
    218
    Before you go ahead and do anything illegal in retaliation, I would suggest simply contacting the fellows ISP, preferably vie telephone and demand they do something about it. If you are persistent, something will be done about it. They can either terminate this users account because chances are he is doing other questionable actions, or other options, such as simply block his traffic to you, etc.

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    218
    Also, I forgot to mention that you own ISP can take care of the problem as well. Contacting his ISP may not even be necessary. I would definitely not suggest trying to "surpirse" this individual however. Chances are, you will only provoke and encourage him to pester you with his "lameness" even more. Or just make yourself liable for legal action or termination of your own internet access.

  6. #6
    Senior Member Ouroboros's Avatar
    Join Date
    Nov 2001
    Location
    Superior, WI USA
    Posts
    636
    McAfee Visual Trace Version 3.25 Results
    Target: 62.21.5.89
    Date: 1/7/02 (Monday), 9:17:31 PM
    Nodes: 23


    Node Data
    Node Net Reg IP Address Location Node Name
    23 1 - 62.21.5.89 WARSZAWA c5-89.icpnet.pl


    Packet Data
    Node High Low Avg Tot Lost
    23 3677 3677 3677 1 0


    Network Data
    Network id#: 1
    This is the RIPE Whois server.
    The objects are in RPSL format.
    Please visit http://www.ripe.net/rpsl for more information.
    Rights restricted by copyright.
    See http://www.ripe.net/ripencc/pub-serv...copyright.html

    inetnum: 62.21.0.0 - 62.21.99.255
    netname: ICPNET-1
    descr: Internet Cable Provider
    descr: Multisiec Poznan
    country: PL
    admin-c: WS4912-RIPE
    tech-c: WS4912-RIPE
    tech-c: PW2853-RIPE
    status: ASSIGNED PA
    notify: hostmaster@icpnet.pl
    mnt-by: ICP-MNT
    changed: hostmaster@ripe.net 20000321
    source: RIPE

    route: 62.21.0.0/17
    descr: PL-ICP-1
    descr: Poznan
    origin: AS13110
    mnt-by: ICP-MNT
    changed: hostmaster@icpnet.pl 20000322
    changed: hostmaster@icpnet.pl 20000418
    changed: hostmaster@icpnet.pl 20000427
    source: RIPE

    person: Wojciech Strzelecki
    address: ICP
    address: ul. Owsiana 17
    address: 61-666 Poznan
    address: Poland
    phone: +48 61 8280132
    fax-no: +48 61 8280152
    e-mail: hostmaster@icpnet.pl
    nic-hdl: WS4912-RIPE
    remarks: admin-c of pl.icp
    notify: hostmaster@icpnet.pl
    mnt-by: ICP-MNT
    changed: hostmaster@icpnet.pl 20000201
    changed: hostmaster@icpnet.pl 20010826
    changed: hostmaster@icpnet.pl 20010827
    source: RIPE

    person: Piotr Wierzejewski
    address: ICP
    address: ul. Owsiana 17
    address: 61-666 Poznan
    address: Poland
    phone: +48 61 8280132
    phone: +48 61 8280152
    fax-no: +48 61 8687363
    e-mail: wierzej@icpnet.pl
    nic-hdl: PW2853-RIPE
    remarks: tech-c of pl.icp
    notify: hostmaster@icpnet.pl
    changed: hostmaster@icpnet.pl 20000201


    Registrant Data
    _____
    Visual Trace Copyright ©1997-2001 NeoWorx Inc


    There ya go...

    Ouroboros
    "entia non sunt multiplicanda praeter necessitatem"

    "entities should not be multiplied beyond necessity."

    -Occam's Razor


  7. #7
    Junior Member
    Join Date
    Dec 2001
    Posts
    8

    Thumbs up Thanx guys!

    Thanx everyone , I really appreciate all your help!!
    Specially VanEck for your suggestion of thinking before acting; i.e. taking contact with my own ISP.
    I e-mailed
    wierzej@icpnet.pl
    and got this answer:

    Thank your for your report.
    We will take the appropriate action.

    W.S.


    On Mon, 7 Jan 2002, Babak Rasolzadeh wrote:

    > I received an attempted hack from your user 62.21.5.89 Please discipline the individual(s)
    > Thank you for your attention in this matter.
    > Sincerely: Protected user
    >
    > TRACE ROUTE:
    >
    > Target: 62.21.5.89
    > Date: 2002-01-07 (Monday), 17:48:19
    > Nodes: 11
    >
    >
    > Node Data
    > Node Net Reg IP Address Location Node Name
    > 1 1 - 62.5.50.246 56.133N, 13.417E babak-khan
    > 2 1 - 62.5.48.1 Unknown
    > 3 1 1 62.5.0.76 Unknown bb-62-5-0-76.bb.tninet.se
    > 4 1 2 62.5.0.17 STOCKHOLM sto-int-cust-k33274-e0.telenordia.se
    > 5 2 - 195.163.111.197 Unknown
    > 6 2 2 194.213.69.106 STOCKHOLM tni-sto1-ri01-ge01-00.telenordia.se
    > 7 3 3 195.219.88.1 Unknown if-3-0-0.bb1.stockholm.teleglobe.net
    > 8 4 3 195.219.14.99 Unknown if-3-0.core1.stockholm.teleglobe.net
    > 9 4 3 195.219.14.226 Frankfurt am Main if-0-0-0.bb1.frankfurt2.teleglobe.net
    > 10 5 3 195.219.64.62 Frankfurt am Main ix-4-1-0.bb1.frankfurt2.teleglobe.net
    > 11 6 - 62.21.5.89 WARSZAWA c5-89.icpnet.pl
    >
    >
    > Packet Data
    > Node High Low Avg Tot Lost
    > 1 0 0 0 1 0
    > 2 0 0 0 1 0
    > 3 56 56 56 1 0
    > 4 9 9 9 1 0
    > 5 45 45 45 1 0
    > 6 32 32 32 1 0
    > 7 37 37 37 1 0
    > 8 29 29 29 1 0
    > 9 62 62 62 1 0
    > 10 93 93 93 1 0
    > 11 ---- ---- ---- 2 2
    >
    >
    > Network Data
    > Network id#: 1
    > BT Ignite Nordics
    > Norra Stationsgatan 69
    > SE-113 84 STOCKHOLM
    > SWEDEN
    >
    > Network id#: 2
    > Telenordia AB
    > Box 6681
    > 11384 STOCKHOLM
    > SWEDEN
    >
    > Network id#: 3
    > 3900 Skyhawk Drive
    > Chantilly Virginia 20151
    > USA
    >
    > Network id#: 4
    > 3900 Skyhawk Drive
    > Chantilly Virginia 20151
    > USA
    >
    > Network id#: 5
    > 3900 Skyhawk Drive
    > Chantilly Virginia 20151
    > USA
    >
    > Network id#: 6
    > ICP
    > ul. Owsiana 17
    > 61-666 Poznan
    > Poland
    >
    >
    >
    > Registrant Data
    > Registrant id#: 1
    > See Registrant Pane for registrant contact information.
    >
    > Registrant id#: 2
    > See Registrant Pane for registrant contact information.
    >
    > Registrant id#: 3
    > Registrant:
    > Teleglobe Inc. (TELEGLOBE2-DOM)
    > 3900 Skyhawk Drive
    > Chantilly, VA 20151
    > US
    >
    >
    >
    >
    > Log File:
    >
    > Date: 1/7/2002 Time: 17:41:21
    > Rule "Default Block NetBus Trojan horse" blocked (62.5.50.246,NetBus(12345)). Details:
    > Inbound TCP connection
    > Local address,service is (62.5.50.246,NetBus(12345))
    > Remote address,service is (62.21.5.89,1475)
    > Process name is "N/A"
    >

    --

    -------------------------------------------------------------------
    Wojciech Strzelecki
    Administrator sieci komputerowej
    ICP Poznan



    Once again: I really appreciate it
    I will post news about this matter a.s.a.p.
    Take care
    Pi.[2]=
    11. 00100100 00111111 01101010 10001000 10000101 10100011 00001000 11010011 00010011 00011001 10001010 00101110 00000011 01110000 01110011 01000100 10100100 00001001 00111000 00100010 00101001 10011111 00110001 11010000 00001000 00101110 11111010 10011000 11101100 01001110 01101100 10001001........

  8. #8
    This hacker is come from Borland. The machine name is "c-89.icpnet.pl"

  9. #9
    Originally posted by Ouroboros
    McAfee Visual Trace Version 3.25 Results
    Target: 62.21.5.89
    Date: 1/7/02 (Monday), 9:17:31 PM
    Nodes: 23

    ........

    Registrant Data
    _____
    Visual Trace Copyright ©1997-2001 NeoWorx Inc


    There ya go...

    Ouroboros
    you make it sound like you did something usefull...
    everybody can do this, and Babak-Khan allready did this.
    he wanted to email the man in personall!!!!!!


    GOD invented evolution \'cause he couldn\'t do it all by himself.

  10. #10
    Junior Member
    Join Date
    Dec 2001
    Posts
    8

    Talking Thnx Tomsan!

    I know u r absolutelu ringht LOL...but I guess Ouroboros only tried to help.. although it wasnt like hehe...
    Pi.[2]=
    11. 00100100 00111111 01101010 10001000 10000101 10100011 00001000 11010011 00010011 00011001 10001010 00101110 00000011 01110000 01110011 01000100 10100100 00001001 00111000 00100010 00101001 10011111 00110001 11010000 00001000 00101110 11111010 10011000 11101100 01001110 01101100 10001001........

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •