posted
I installed a firewall a few days ago, and was surprised to see that after 3 days I accumulated a list of no less than 20 different attackers. One of which was a person who was traced to my hometown. That person had tried to scan my PC upto 4 times within 2 1/2 hours.
The firewall had marked the attack as 'SubSeven port probe'. For those of you who don't know what this is, SubSeven is a so called trojan horse virus/program. When installed on your computer it allows people to get on your computer and do anything they want. The install files are are usually disguised as a small game or something like that.
Anyway, about 1/2 an hour after that one of my friends wanted to show me a program. I logged onto his FTP server, only to find that his IP address was identical to the 'SubSeven port probe' person above. On his FTP server I found just one file, which was called Sub7.zip
...
------------------ "Look! I'm quoting myself." - me
(-=\V/=-)
[This message has been edited by Altair (edited April 22, 2000).]
posted
I talked to him, and he told me he knew all about it right away. No denial, nothing! Just, "Yes I know what it is capable of, and I intended to use it." So I asked what exactly he was planning to do with my PC. He said he wanted to look what programs I have, and then try to crash them and to 'break down' (that's the closest translation I could think of) my whole PC.
I tried to talk him out of doing it all together. But he said it is to much fun to do... When he said that he was just not the guy I have known for years. It is really odd to explain this. It was like a reset button, all of a sudden he was someone I met for the first time...
I went away, and I am ignoring him as much as possible. I even told other friend about this, and they were VERY suprised to hear this. Some of them are now also ignoring him, one of which after I installed the firewall on his PC, and let him see that why his programs were chrasing all the time.
Which brings me to two things: 1: Am I doing the right thing to ignore him, and to convince others to ignore him as well? 2: Where can I find a program or somthing to remove the Sub7 trojan horse virus/program?
------------------ "Look! I'm quoting myself." - me
(-=\V/=-)
[This message has been edited by Altair (edited April 22, 2000).]
posted
Heh. SubSeven. Bah. Just so you know, I had Server2 on my old computer for a while. My hacker friend went and put a very large password on that system so that no one could hack it. It was something like 12000 characters.....
posted
Yup. He's an idiot. And if he says "I can't help it." then he's a complete tit. Ignore him. And if he tries anything again, whack him upside the head.
------------------ *Amusing quote not available, please call back later*
posted
Are computers on a dail-in network vulnerable as well? I presume my ISP uses a fairly effective firewall, so should this vulnerability be a concern to me? If so, what countermeasures should I take (if any)?
--Baloo
------------------ "The most beautiful woman is not the unattainable goddess. It's the attainable goddess who's unattainable to everyone else but you." -- Me http://www.geocities.com/cyrano_jones.geo/
posted
I use BlackICE Defender, takes under 4 megs of space, is easy to use and traces back attempted attacks. It has 4 levels of 'shielding'. It has earned a price for best product in a magazine.
Anyway, I have actally payed for only 2 shareware programs because they are worth it, and this is one of them. There is a lot of great information on their websites: www.networkice.com advice.networkice.com/Advice/default.htm ------------------ "Look! I'm quoting myself." - me
(-=\V/=-)
[The links in this message have been fixed about four times by Altair (edited April 23, 2000).]
[This message has been edited by Altair (edited April 23, 2000).]
[This message has been edited by Altair (edited April 23, 2000).]
posted
Altair I sorry man that your friend is script kiddie (and not a good one at that).
Baloo about dialup connects well dialups aren't vunable as folks on always on connections, because generally you get a new ip when you boot. However if you stay on long enough you can have the same problem.
Also there isn't any ISP right now (to my knowledge) that actually uses a firewall to filter packets.
The best thing to do to protect your self is to unbind file and print sharing from tcp/ip, which isn't complex to do but instead I point you to a site that will show how to do that (with the added bonus that it will show you exactly how vulenable your computer is to being hacked)[Of course the fact that it's 3:30 where I am makes any thinking hard). The site is www.grc.com
Second thing you can do is to get a firewall, while blackice defender is a good program, it seems to be a little sensitive "to attacks" even considering normal dhcp requests as an attack along with other background activity that is normal to the internet.
A firewall that I use, and really enjoy is Zonealarm, is available at no cost, at www.zonelabs.com this a really slick firewall mostly because you don't have to set filters, it blocks programs from connecting out, and best of all it has lock down feature that will block all internet traffic from your computer, best of all it's free! .
------------------ Somehow you were linked to this page, which doesn't really exist. Well, this one does, but the one you were trying to get to doesn't. Actually, that's not really true either, because it probably does, but either you mistyped it or our webmaster is asleep at the wheel. If the later is the case (you were linked here from a page within **********.net) then please let us know.
If you were linked here from an external site, which is most often the case, it would be nice of you to let them know.
[This message has been edited by HMS White Star (edited April 24, 2000).]
posted
Well, the FBI probably wouldn't care, since Altair is in the Netherlands...
------------------ Frank's Home Page John Linnell: "You know, we actually know the next song we're going to play. We're talking about some personal stuff that concerns just me and John. I realize that this probably isn't the time or the place." John Flansburgh: "We can finish this conversation in the car."