-
January 7th, 2002, 11:03 PM
#1
Junior Member
-
January 7th, 2002, 11:33 PM
#2
I ran a trace myself. I think it's Negative!
rofl
-
January 7th, 2002, 11:58 PM
#3
If I were you I'd load LaBrea and let it deal with your little problem. it'll slow his connection until there isn't anything left, but it'll use a limited amount of your bandwidth(whatever you specify).
www.hackbusters.net
It works perfectly, I have about 45 machines tarpitted right now, and I'm using .05% of my total bandwidth. not bad. Plus it reduces the effect of heavily infected networks by about 80%.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
January 8th, 2002, 02:22 AM
#4
Before you go ahead and do anything illegal in retaliation, I would suggest simply contacting the fellows ISP, preferably vie telephone and demand they do something about it. If you are persistent, something will be done about it. They can either terminate this users account because chances are he is doing other questionable actions, or other options, such as simply block his traffic to you, etc.
-
January 8th, 2002, 02:29 AM
#5
Also, I forgot to mention that you own ISP can take care of the problem as well. Contacting his ISP may not even be necessary. I would definitely not suggest trying to "surpirse" this individual however. Chances are, you will only provoke and encourage him to pester you with his "lameness" even more. Or just make yourself liable for legal action or termination of your own internet access.
-
January 8th, 2002, 04:23 AM
#6
McAfee Visual Trace Version 3.25 Results
Target: 62.21.5.89
Date: 1/7/02 (Monday), 9:17:31 PM
Nodes: 23
Node Data
Node Net Reg IP Address Location Node Name
23 1 - 62.21.5.89 WARSZAWA c5-89.icpnet.pl
Packet Data
Node High Low Avg Tot Lost
23 3677 3677 3677 1 0
Network Data
Network id#: 1
This is the RIPE Whois server.
The objects are in RPSL format.
Please visit http://www.ripe.net/rpsl for more information.
Rights restricted by copyright.
See http://www.ripe.net/ripencc/pub-serv...copyright.html
inetnum: 62.21.0.0 - 62.21.99.255
netname: ICPNET-1
descr: Internet Cable Provider
descr: Multisiec Poznan
country: PL
admin-c: WS4912-RIPE
tech-c: WS4912-RIPE
tech-c: PW2853-RIPE
status: ASSIGNED PA
notify: hostmaster@icpnet.pl
mnt-by: ICP-MNT
changed: hostmaster@ripe.net 20000321
source: RIPE
route: 62.21.0.0/17
descr: PL-ICP-1
descr: Poznan
origin: AS13110
mnt-by: ICP-MNT
changed: hostmaster@icpnet.pl 20000322
changed: hostmaster@icpnet.pl 20000418
changed: hostmaster@icpnet.pl 20000427
source: RIPE
person: Wojciech Strzelecki
address: ICP
address: ul. Owsiana 17
address: 61-666 Poznan
address: Poland
phone: +48 61 8280132
fax-no: +48 61 8280152
e-mail: hostmaster@icpnet.pl
nic-hdl: WS4912-RIPE
remarks: admin-c of pl.icp
notify: hostmaster@icpnet.pl
mnt-by: ICP-MNT
changed: hostmaster@icpnet.pl 20000201
changed: hostmaster@icpnet.pl 20010826
changed: hostmaster@icpnet.pl 20010827
source: RIPE
person: Piotr Wierzejewski
address: ICP
address: ul. Owsiana 17
address: 61-666 Poznan
address: Poland
phone: +48 61 8280132
phone: +48 61 8280152
fax-no: +48 61 8687363
e-mail: wierzej@icpnet.pl
nic-hdl: PW2853-RIPE
remarks: tech-c of pl.icp
notify: hostmaster@icpnet.pl
changed: hostmaster@icpnet.pl 20000201
Registrant Data
_____
Visual Trace Copyright ©1997-2001 NeoWorx Inc
There ya go...
Ouroboros
"entia non sunt multiplicanda praeter necessitatem"
"entities should not be multiplied beyond necessity."
-Occam's Razor
-
January 8th, 2002, 12:07 PM
#7
Junior Member
Thanx guys!
Thanx everyone , I really appreciate all your help!!
Specially VanEck for your suggestion of thinking before acting; i.e. taking contact with my own ISP.
I e-mailed
wierzej@icpnet.pl
and got this answer:
Thank your for your report.
We will take the appropriate action.
W.S.
On Mon, 7 Jan 2002, Babak Rasolzadeh wrote:
> I received an attempted hack from your user 62.21.5.89 Please discipline the individual(s)
> Thank you for your attention in this matter.
> Sincerely: Protected user
>
> TRACE ROUTE:
>
> Target: 62.21.5.89
> Date: 2002-01-07 (Monday), 17:48:19
> Nodes: 11
>
>
> Node Data
> Node Net Reg IP Address Location Node Name
> 1 1 - 62.5.50.246 56.133N, 13.417E babak-khan
> 2 1 - 62.5.48.1 Unknown
> 3 1 1 62.5.0.76 Unknown bb-62-5-0-76.bb.tninet.se
> 4 1 2 62.5.0.17 STOCKHOLM sto-int-cust-k33274-e0.telenordia.se
> 5 2 - 195.163.111.197 Unknown
> 6 2 2 194.213.69.106 STOCKHOLM tni-sto1-ri01-ge01-00.telenordia.se
> 7 3 3 195.219.88.1 Unknown if-3-0-0.bb1.stockholm.teleglobe.net
> 8 4 3 195.219.14.99 Unknown if-3-0.core1.stockholm.teleglobe.net
> 9 4 3 195.219.14.226 Frankfurt am Main if-0-0-0.bb1.frankfurt2.teleglobe.net
> 10 5 3 195.219.64.62 Frankfurt am Main ix-4-1-0.bb1.frankfurt2.teleglobe.net
> 11 6 - 62.21.5.89 WARSZAWA c5-89.icpnet.pl
>
>
> Packet Data
> Node High Low Avg Tot Lost
> 1 0 0 0 1 0
> 2 0 0 0 1 0
> 3 56 56 56 1 0
> 4 9 9 9 1 0
> 5 45 45 45 1 0
> 6 32 32 32 1 0
> 7 37 37 37 1 0
> 8 29 29 29 1 0
> 9 62 62 62 1 0
> 10 93 93 93 1 0
> 11 ---- ---- ---- 2 2
>
>
> Network Data
> Network id#: 1
> BT Ignite Nordics
> Norra Stationsgatan 69
> SE-113 84 STOCKHOLM
> SWEDEN
>
> Network id#: 2
> Telenordia AB
> Box 6681
> 11384 STOCKHOLM
> SWEDEN
>
> Network id#: 3
> 3900 Skyhawk Drive
> Chantilly Virginia 20151
> USA
>
> Network id#: 4
> 3900 Skyhawk Drive
> Chantilly Virginia 20151
> USA
>
> Network id#: 5
> 3900 Skyhawk Drive
> Chantilly Virginia 20151
> USA
>
> Network id#: 6
> ICP
> ul. Owsiana 17
> 61-666 Poznan
> Poland
>
>
>
> Registrant Data
> Registrant id#: 1
> See Registrant Pane for registrant contact information.
>
> Registrant id#: 2
> See Registrant Pane for registrant contact information.
>
> Registrant id#: 3
> Registrant:
> Teleglobe Inc. (TELEGLOBE2-DOM)
> 3900 Skyhawk Drive
> Chantilly, VA 20151
> US
>
>
>
>
> Log File:
>
> Date: 1/7/2002 Time: 17:41:21
> Rule "Default Block NetBus Trojan horse" blocked (62.5.50.246,NetBus(12345)). Details:
> Inbound TCP connection
> Local address,service is (62.5.50.246,NetBus(12345))
> Remote address,service is (62.21.5.89,1475)
> Process name is "N/A"
>
--
-------------------------------------------------------------------
Wojciech Strzelecki
Administrator sieci komputerowej
ICP Poznan
Once again: I really appreciate it
I will post news about this matter a.s.a.p.
Take care
Pi.[2]=
11. 00100100 00111111 01101010 10001000 10000101 10100011 00001000 11010011 00010011 00011001 10001010 00101110 00000011 01110000 01110011 01000100 10100100 00001001 00111000 00100010 00101001 10011111 00110001 11010000 00001000 00101110 11111010 10011000 11101100 01001110 01101100 10001001........
-
January 8th, 2002, 01:32 PM
#8
This hacker is come from Borland. The machine name is "c-89.icpnet.pl"
-
January 8th, 2002, 01:48 PM
#9
Member
Originally posted by Ouroboros
McAfee Visual Trace Version 3.25 Results
Target: 62.21.5.89
Date: 1/7/02 (Monday), 9:17:31 PM
Nodes: 23
........
Registrant Data
_____
Visual Trace Copyright ©1997-2001 NeoWorx Inc
There ya go...
Ouroboros
you make it sound like you did something usefull...
everybody can do this, and Babak-Khan allready did this.
he wanted to email the man in personall!!!!!!
GOD invented evolution \'cause he couldn\'t do it all by himself.
-
January 8th, 2002, 02:15 PM
#10
Junior Member
Thnx Tomsan!
I know u r absolutelu ringht LOL...but I guess Ouroboros only tried to help.. although it wasnt like hehe...
Pi.[2]=
11. 00100100 00111111 01101010 10001000 10000101 10100011 00001000 11010011 00010011 00011001 10001010 00101110 00000011 01110000 01110011 01000100 10100100 00001001 00111000 00100010 00101001 10011111 00110001 11010000 00001000 00101110 11111010 10011000 11101100 01001110 01101100 10001001........
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|