what to do if someone is hacking in your comp?

Discussion in 'Windows Desktop Systems' started by _DM_, Mar 4, 2003.

  1. _DM_

    _DM_ OSNN Senior Addict

    Messages:
    475
    Ok my norton firewall deteced that somevody was connecting to me with a trojan backdoor sub7 and my firewall blocked it. I dunno what to do what should i do? his ip is... IP and information removed as this guy/girl is probably a victim his/herself ...xsivforce
     
  2. _DM_

    _DM_ OSNN Senior Addict

    Messages:
    475
    ok i printed out a screenshot and u can look at it here.

    screenshot removed to remove the ip from view ...xsivforce
     
  3. rettahc

    rettahc Guest

    Well; you could treport him, but it looks like whoever that is may be a victyem too. hes got a netbus port open on his system.

    screenshot removed to remove the ip from view ...xsivforce
     
  4. _DM_

    _DM_ OSNN Senior Addict

    Messages:
    475
    what does that do? Do i return the favor? how do i report him?
     
  5. Duke Zootin

    Duke Zootin Guest

    I'd suggest doing nothing at this point.

    Two possibilities:

    First, the hacker isn't actually at the address shown, he's working thru another infected/compromised computer.

    Second, it's nothing more than a script kiddie scanning for PC's infected with sub7.

    If it's just a scan for sub7, then he'll move on, since your PC isn't compromised, and continue searching elsewhere.

    DON'T attempt to scan/ping back at them unless you know exactly what you are doing. If you try that you are doing two things, first you are showing that your PC is present (your firewall blocked/ignored the scan I assume) at it's a valid IP address, AND you run the risk of pissing somebody off which could in return bring you a denial of service attack or constant probing.

    If you continue getting scanned/probed from that IP multiple times over a couple of days, gather up your logs and forward them to your ISP and his. If you are on cable/DSL ask your ISP to change your IP address, or force a change yourself if you can.


    Good luck!
    Duke
     
  6. Burpster

    Burpster Guest

    this is why i think its wrong to post people's IP# ...usually the ip port scanning is some shmo to stupid to realize he is infected !!


    warez boards seem to have more ethics than this board it seems!!
     
  7. Duke Zootin

    Duke Zootin Guest


    Errr... where did that comment come from ?? :rolleyes:



    Dukey
    :D
     
  8. Lighter

    Lighter . . . . . . . . .

    Messages:
    229
    Location:
    NYC
     
  9. Duke Zootin

    Duke Zootin Guest

    Oh no, I fully agree with the thoughts of not posting IP numbers, just didn't see what 'warez boards' has to do with it.
     
  10. Lighter

    Lighter . . . . . . . . .

    Messages:
    229
    Location:
    NYC
    Oh. Err... Heh. The warez community is a bit fanatical about that type of info being made public. Wonder why? :rolleyes:
     
  11. xsivforce

    xsivforce Prodigal Son Folding Team

    Messages:
    8,547
    Location:
    Texas, USA
    I agree, the info and screenshots have been removed. That individual is probably a victim as well. I would have removed it sooner but, I hadn't seen it yet. :confused:
     
  12. Burpster

    Burpster Guest

    Thanks X :)