single ip address attempts to connect to my comp 4 times an hour all day long...

baser5nature

baser5nature

OSNN Addict
Joined
13 Apr 2002
Messages
182
I know the IP address of someone who is attempting to connect with my computer... they must have it scheduled or something... it happens 4 times an hour all day long...

I have reported the IP to my service provider since the IP belongs to my service provider... but the attacks continue...

any hints or tips to get rid of this punk?
 
What did your ISP say? What port are they trying to connect on?
Are you using DHCP?
 
- ISP has only auto-replied so far...
- using DHCP...
- the IP tries to connect on ports, 80, 137, 1024, 1025, 1434, 1436, and others...

I just switched network cards in order to get a new IP cause i was getting about 700 connect attempts a day... i installed zonealarmpro this past thursday and i have accumulated 2961 blocked intrusions as of this message... since switching nic's yesterday (the 28th of jan) i've had about 300 blocked intrusions...

I tried the trick to switch IP addresses that was posted here in the last few days, but shortly didn't find an available IP for the few minutes I was playing around with it... I suppose i could try again...
 
Short question: is the "bad guy" on the same IP range as you or is it an entirely different range?
 
Originally posted by baser5nature
[B

I tried the trick to switch IP addresses that was posted here in the last few days, but shortly didn't find an available IP for the few minutes I was playing around with it... I suppose i could try again... [/B]
Click to expand...

Switching IP addresses could get you into more trouble than what it's worth.
 
good guy: xxx.xxx.xx8.28
bad guy : xxx.xxx.xx7.85


x's are common to both ip's... this guy is probably scanning a whole range of addresses, and that's more than likely why it seems scheduled... it takes about 40 minutes for his scanner to go through the range... my question now is: don't most scanning programs tag an ip as vulnerable, or protected and then either log it or not... if he keeps getting blocked as ZAPRO says he is, why do i keep getting scanned?
 
Maybe he's waiting for new holes? A stealthed port looks the same as a turned off computer so he may be waiting for people to turn on their computers. It's probably a script kiddie so he probably don't know what he's doing anyway. :)

When you mailed your ISP did you main abuse or customer service? Always mail abuse (often abuse@the.isp.com) and include:
1. Attackers IP.
2. Your IP.
3. Printouts from your firewall and/or screenshots.
4. Your info (customer number etc.) might help too.

If you mail customer service it can take forever.
 
yeah... i did all that... i probably just have to wait a few more days until my isp does something... they are one of only two broadband providers in my area so they probably have their hands full with this kind of stuff...
 
You must log in or register to reply here.

Members online

No members online now.
Total: 512 (members: 0, guests: 512)

Affiliates

lunarsoft.net techzonez.com

- Contact us to trade links -

OSNN OSNN NTFS XP-erience

Latest profile posts

Steevo
Steevo
Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
•••
Steevo
Steevo
Any of the SP crew still out there?
•••
Xie
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
•••
N
Nismo83
hello peeps... is been some time since i last came here.
•••
Electronic Punk
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
•••

Forum statistics

Threads
62,015
Messages
673,494
Members
5,623
Latest member
AndersonLo
Back