port scanning

Discussion in 'Windows Desktop Systems' started by sumojockey, Jul 17, 2002.

  1. sumojockey

    sumojockey Guest

    I have someone scanning the ports on my server regularly. WHat should I do?

    Q:confused:
     
  2. Friend of Bill

    Friend of Bill What, me worry?

    Messages:
    1,572
    Find out who they are. If they are up to no good get their plug pulled.
     
  3. sumojockey

    sumojockey Guest

    I ran WHOIS on the IP. It is an ATT range. I reported it to ATT. I still get hits on the firewall from the same IP. I thought maybe it was a proxy so I scanned it. Nothing. There is NO legitimate use for proxy scanning. Is there? I figure this person must be up to no good. If they know what they are doing they will eventually get around my firewall. So the question remains... What to do?
     
  4. Cosmin

    Cosmin Graphic Designer

    Messages:
    1,633
    Location:
    Romania
    have you tried to control your ports [?] and play with some settings in firewall ..
     
  5. sumojockey

    sumojockey Guest

    Controlling my ports? I am not sure what you mean. There has been no penetration of the firewall. Only in examining the firewall log I see that a paricular IP has scanned every obvious port on my machine. Several times over.
     
  6. Kr0m

    Kr0m Moderator

    Messages:
    1,390
    Location:
    Turtle Island
    Only thing you can do is send your logs to your ISP and his.
     
  7. sumojockey

    sumojockey Guest

    Mr. Hyde was hoping for something more diabolical but Dr. Jekyll says thanks to you all for you input. I've notified the ISP's.

    Thanks again.
     
  8. MaDCeLL

    MaDCeLL Guest

    dude calm down... 99999 out of 100000 ppl running a portscan are simple scriptkiddies that use win32 based progs
    i get a portscan 20-30 times a day... thats simple normal... so if you have a firewall.... dont bother....
     
  9. Cosmin

    Cosmin Graphic Designer

    Messages:
    1,633
    Location:
    Romania
    Someone gave a file ( trojan maybe ) and with that file can access your pc . What can you do now :
    1) Scann your pc with an antivirus ( latest definitions )
    2) A new fresh reinstall will be a problem ?
     
  10. w0lv3rin3

    w0lv3rin3 The Source Political User

    Messages:
    465
    Location:
    Barrie, ON
    Best Thing

    Get his ip and Send Massive 2MB + packests on his ars
     
  11. Kr0m

    Kr0m Moderator

    Messages:
    1,390
    Location:
    Turtle Island
    Re: Best Thing

    That usually only leads to more 'kiddie' games.
     
  12. Friend of Bill

    Friend of Bill What, me worry?

    Messages:
    1,572
    Your ISP also scans your ports to "see" if your still in compliance with your service contract. Well, that's what I have been told. Stick a router infront of em.:D
     
  13. Friend of Bill

    Friend of Bill What, me worry?

    Messages:
    1,572
    I beginning to think that the only thing they care about is if the bill is paid - and on time.!:D
     
  14. Kr0m

    Kr0m Moderator

    Messages:
    1,390
    Location:
    Turtle Island
    Yes, in most cases thats true. Isp's receive reports everday about people doing portscans. I'm sure they let most of them slide by since they are usually harmless(but really annoying). If it persists over an extened period of time, then I'm sure an ISP will do something about it.
     
  15. Friend of Bill

    Friend of Bill What, me worry?

    Messages:
    1,572
    I don't know... I've seen many places that just stamp their reports and throw them in a file cabinet...:D Usually, the next guy hired throws them away.:D
     
  16. Mr.Budwieser

    Mr.Budwieser Guest

    ur isp or his wont even do anything unless he actually does somethign to u besides port scanning(At least i've never heard of em). There nothing illegal about it or nothing like that, just check what open ports you got and then make sure there's non outta the ordinary and then block his ip thru ur firewall.
     
  17. w0lv3rin3

    w0lv3rin3 The Source Political User

    Messages:
    465
    Location:
    Barrie, ON
    OK!!!!

    When some1 is portscanning you.

    try and get a Firewall like NIS NPF and stuff like dat, not tiny little firewall and BlackICE, cause they dont do Port Stealthing, NIS or NPF does.

    what that means is that it will hide your ports from on-line hackers to scann ports.

    what u can alos do is get your ISP to change your IP for you. if u have services like rogers or shaw, unplug your cable router totaly, and leave it unpluged for a few days, this will reset your IP and your ip will be new, therfore the hacker scanning your cant scan you for ports cause your IP has changed.

    like i said, before, i have connections dunno about u, but when some1 irrearting like that does it to me, i packet them with 2mb + lines, they wont like that, they will be goin big time slow!!!!!!!

    even if u have a firewall, the 2mb packeters will drop it cause the firewall is unable to handle so much information that big at 2mb packets a second
     
  18. leonlai

    leonlai Guest

    Re: OK!!!!

    so how do we do this 2mb packeting
     
  19. w0lv3rin3

    w0lv3rin3 The Source Political User

    Messages:
    465
    Location:
    Barrie, ON
    WELL

    This is what i call making friends on-line, i have alot of friends on-line, who will do this for me, they usualy have T-1 connections. and i know them personally.

    go on IRC and for ppl to packet you for them.

    if u have a fast line, put up ZOMBIES on IRC, each zombie will attack that computer if u want it to

    Kr0m: hey this is not kiddy gamez, this is called revenge. once you packet some1 turst me they wont want to do it again, cause they cant, ull hit em so hard that they cant do anything but change their IP.
     
  20. Mr.Budwieser

    Mr.Budwieser Guest

    hehheh, i need bb ....:p