What can i do about a hacker?

Discussion in 'Windows Desktop Systems' started by KaDbUrY, Dec 7, 2002.

  1. KaDbUrY

    KaDbUrY Guest

    Its been a few days, and this one person is gettin really anyoying. Keeps trying to hack me. but my firewall stops this person, blocks the port for 30 mins, then after that he/she trys again. and agian...what can i do? can i trace this person, and do something back? i have been away from the seen, but i remember wayyy back when there was win-nuke. HA what can i do...thx!
  2. omgsoup

    omgsoup OSNN Senior Addict

    disconnect your computer from the internet/get a new IP address maybe?
  3. 93tbirdsc

    93tbirdsc Guest

    I am by no means an expert but there are trace programs out there and you can get a hold of his IP address and report him/her to there ISP.
  4. KaDbUrY

    KaDbUrY Guest

    yes, i actually have his ip...my firewall tells me. i just hope it isnt a mask or something. how do i find out his isp?
  5. Gus K

    Gus K NTFS abuser

    You should find more important things to worry about. The firewall is doing it's job, why be concerned? And how do you know it's a hacker. It's not illegal to scan ports, and many companies do so for the info they can farm. In the last hour my firewall shows 23 connection attempts, that it blocked.
  6. KaDbUrY

    KaDbUrY Guest

    Yeah im not to worried...But whoever it is, they are trying to find a backdoor/subseven....should i still not worry? are they just trying to scan to see if i have that trojan?
  7. Burpster

    Burpster Guest

    i wouldnt worry ....everyone gets scanned numerous times a day
  8. Kr0m

    Kr0m Moderator

    Turtle Island
    From what I've read, some infected users with these backdoors or subseven scan others without even knowing it. Thats part of the trojan's job is to spread itself. Even though this person may not be doing it intentionally, you should still report his IP with the Firewall logs to his ISP.
  9. Geffy

    Geffy Moderator Folding Team

    United Kingdom
    I think there is an online sort of Visual Trace Route proggie, or you can get NeoTrace
  10. SPeedY_B

    SPeedY_B I may actually be insane.

    Midlands, England
    Yup, true that.
    Fact is that script kiddies simply scan ip ranges for open ports, so most people end up getting scanned multiple times every day.
    If its definately just ONE ip, then report it, and then get yourself a virus scanner.
    Otherwise just set your firewall to completely block the port (as long as your not using it for anything else) and it shouldnt bother you again.
  11. Stircrazy

    Stircrazy Guest

    things you can do

    1.check for trojans
    2.keep logs on firewall
    3. if one ip constantly comes up goto www.geektools.com and do a whoisthis will tell you ISP name and contact info if no email try abuse@ispnam.com(send logs or offer them as in say you will give them)

    thats just 3 things for the above method of takin care of it(the perso9n that said report it)

    edit- this will also help the person scanning you if in fact they themselves are trojanized since thier isp should help them get rid of them..
  12. Freakzilla

    Freakzilla OSNN Addict

    Another half decent site to trace ip addys is www.dnsstuff.com

    I used to be the same as you KaDbUrY and get really wound up when I got a hack attempt. I just ignore them now. As the other users have said your firewall is doing it's job but I'd still report them to their isp.
  13. KLoWn

    KLoWn Guest

    Sounds Like a subseven to Me...

    If It Was A Real Hacker not a POSER then you wouldn't even know they were there anyway..

    Firewalls do not stop hackers just slow them down... (Bout 30seconds)
  14. Stircrazy

    Stircrazy Guest

    Right on the money there most real ones can get around anything
    and poser ones try and exploit vulnerabilities that they can just scan for wich is actually somethin any1 with some basic reading skills can acomplish. Pretty sad tho the ones that can do it ussually only attack for the fun of it and hit supposably un hackable things..not normal for a real one to go after a home user 1 reason is they dont have the connection power that would make it worth using unlike big buisness's and schools...


    Ok, for starters lets clear up a few things...

    Most Trojans have IP notification, meaning every time you dial up, a notification message (either ICQ/CGI/PHP/E-mail) is sent out to the trojan user displaying your IP address.

    That is false, Trojan's do NOT spread. Infected user's are at risk by other "trojanner's" especially if there IP is listed at a Public "victim" list that some trojan site's set-up for the public.

    Subseven is not a seperate program, Subseven is just a mere popular trojan as it still has the highest infectious rate of all trojans, it usually connects to port 27374. Also, I hate to burst your bubble, but even professional "hackers" use trojans to compromise system security, once they have access they upload and execute a trojan server to easily maintain the "victim".

    How can you prevent all this?? You already have! Your firewall is doing your job, don't accept any files from any untrusted source, as you could be given an AV/FW killer which is especially designed to kill Anti-Virus and Firewall programs and still make the user beleive that there AV/FW is running. If it was me, I'd do a whois on the IP as suggested before and report it to the ISP.
  16. TechSupport

    TechSupport Guest

    or you could make it your life ambition to find whoever it is - and trace him down and beat him with a stick??

    heh j/k

    id go with the others - send the logs to his/her/its ISP - thats what I've done in the past.

    When I was on BT 56k, my firewall would go ballistic - something like 300 scans in the 2hours I was connected many times - Its something that comes with being on the Internet... it'd be a full time job for half the world's population to be able to stop it from happening...

    also - as for a trojan not spreading - there are worms which link to trojans or something online - I dont know all the details or how it works 100% but I have heard of it happening like that - plus, theres nothing impossible when it comes to computers :/

    as me mum used to say... "theres no such word as cant" rofl


    @ TechSupport

    The only trojan i am aware of with that feature is Happy99 and thats really oldskool.
  18. Un4gIvEn1

    Un4gIvEn1 Moderator

    I hope when you talk "firewall" you do not mean a software firewall. If you want REAL protection you should invest in a hardware firewall of some sort. You could always just build your own as well. If you have an old Pentium box sitting around you could slap 2 NICs in it and put Linux on it (of course this requires some linux knowledge). You could even enable ICS on a windows box to do the trick. I have not found a software firewall that can't easily be hacked, hardware firewalls require quite a bit more work. Software firewalls just close ports, hardware firewalls create two networks, an outside and an inside and forward information to the proper place. Ok, if I haven't convinced you by now then I don't know what to do. Hope you make the decision to get a real firewall.


    Yeap, a "hardwall" is the way to go..
  20. Burpster

    Burpster Guest

    software firewalls are easily bypassed ...i used to hang in a hacker forum with some pretty talented fellows ...i wasnt one of them!! lol ...anyway used be one guy that would post garbage about us all being losers and what not ...somebody on the board took it to heart and put a picture of a reindeer with a woody as his desktop wallpaper ...the next day he was back begging to get it removed as this was a family PC ....after apologizin a number of times he was told how

    yes he had a firewall ....tho it did little to protect him

    hackers arent really interested in your box