« previous next »
Pages: [1]   Go Down

Author Topic: Internet question  (Read 424 times)

Offline Maverick

  • Plutonium Member
  • *******
  • Posts: 13958
Internet question
« on: November 04, 2000, 08:00:00 PM »
I have noted that someone hacked into my system last week. No damage was done as far as I can tell. I installed zone alarm this week as a precaution. Today I found an attempt to get into my system had occurred. I have the isp address for this attempt as it was logged and I copied it down.

Here is my question. How can I find out who made the attempt using this ISP address. I can ping it and it isn't very close by. I can't enter the "web page" if there is one. Can anyone advise me on this?

Thanks.
Mav
Logged
DEFINITION OF A VETERAN
A Veteran - whether active duty, retired, national guard or reserve - is someone who, at one point in their life, wrote a check made payable to "The United States of America", for an amount of "up to and including my life."
Author Unknown

Offline 214thCavalier

  • Silver Member
  • ****
  • Posts: 1929
Internet question
« Reply #1 on: November 04, 2000, 08:24:00 PM »
This should be able to explain a lot of what goes on,
 http://www.robertgraham.com/pubs/firewall-seen.html#10
Logged

Offline Spatula

  • Silver Member
  • ****
  • Posts: 1486
Internet question
« Reply #2 on: November 05, 2000, 07:17:00 PM »
Yes, you can, first do a nslookup (or traceroure) on the IP address, this should reveal the ISP domain name (you may see something like "dialup087.badassisp.com". then go to the ISPs web site (www.badassisp.com) and get some contact information for that company. Then ring them and explain what has happened stating the exact time the intrusion occured and the IP address of the offender. The ISP will have logs of who was using that ISP and at what time. From here its up to the ISP to do something (not sure about the laws in your country but you may be able to involve them as well). The ISP may suspend, remove, or take legal action against the person who used the IP address at that time.
Logged
Airborne Kitchen Utensil Assault Group

Offline Sparks

  • Silver Member
  • ****
  • Posts: 804
Internet question
« Reply #3 on: November 06, 2000, 05:42:00 AM »
214th

Thank you very much indeed for that link. I have often wondered what all the blocked activity was that I saw logged by ZoneAlarm. I have just done a quick analysis of my logs using the information at that site and seen at least 30 scans attempted looking for active Trojans !  

I'm going to sit down and go through the addresses and see what I can find out.

Thanks again
Logged

prz

  • Guest
Internet question
« Reply #4 on: November 07, 2000, 07:34:00 PM »
I wrote already on some other forum but whaqt I have is a linksys router (given you run DSL or cable) that does perfect firewalling and has great throughput. That allowed me to take down the PPPoE windows client and all the firewalling stuff. Much easier to maintain and much more reliable.
Logged

Offline Maverick

  • Plutonium Member
  • *******
  • Posts: 13958
Internet question
« Reply #5 on: November 08, 2000, 12:16:00 PM »
Hi all,

I did do a tracert on the logged attempt to enter my system. It came from an ISP in Grand Rapids Michigan. Unfortunately I didn't log the time of the attempt so telling the ISP about it was not an option. So far so good. there have been no further attempts.

Mav
Logged
DEFINITION OF A VETERAN
A Veteran - whether active duty, retired, national guard or reserve - is someone who, at one point in their life, wrote a check made payable to "The United States of America", for an amount of "up to and including my life."
Author Unknown
Pages: [1]   Go Up
« previous next »