-
August 2nd, 2001, 09:42 PM
#1
Junior Member
Trojan Sub7 / BO
Hiya,
I have recently been scanned several times Trojan SubSeven
and BO
Firewall logs:
======
Rule "Default Block SubSeven 2.1/2.2 Trojan" blocked
(213.108.25.88,27374).
Details:
Inbound TCP connection
Local address,service is (213.108.25.88,27374)
Remote address,service is (213.108.21.129,1860)
Process name is "N/A"
Rule "Default Block SubSeven 2.1/2.2 Trojan" blocked
(win98,27374).
Details:
Inbound TCP connection
Local address,service is (win98,27374)
Remote address,service is (213.108.21.128,1349)
Process name is "N/A"
Rule "Default Block SubSeven 2.1/2.2 Trojan" blocked
(win98,27374).
Details:
Inbound TCP connection
Local address,service is (win98,27374)
Remote address,service is (213.108.21.86,2875)
Process name is "N/A"
=======
Rule "Default Block Back Orifice 2000 Trojan" blocked (win98,Back-Orifice).
Details:
Inbound UDP packet
Local address,service is (win98,Back-Orifice)
Remote address,service is (213.78.42.78,nsvt)
Process name is "N/A"
===
Rule "Default Block Back Orifice 2000 Trojan" blocked (win98,Back-Orifice).
Details:
Inbound UDP packet
Local address,service is (win98,Back-Orifice)
Remote address,service is (213.78.42.78,nsvt)
Process name is "N/A"
Am wondering besides doing a tracert (i even used neotrace)
and report it to the abuse@ISP, how can i properly trace this hacker? and start learning to give him a hard time? :-)
Thanks
-Superdude-
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|