Announcement

Collapse
No announcement yet.

Dsl Hack Attack :(

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • #1

    Dsl Hack Attack :(

    Okay i have gotten sick and tired of this ! I am on 384k ADSL and for the past 2 weeks i have been getting a ridiculous amount of hack attack warnings... i am using a simple shield program called Intruder Alert 99 [i know itis old but it is the only that does not interfere with my web activity ! others restrict and slow down and crash my PC] It has been getting so bad that i am getting warnings every 2 mins that someone was trying to get into my PC ! Surely this annoys the hell out of me, now what i need is a solution ! What do u guys think ? Hactracer, Jammer or any other solution that will help me stop this annoyance. I would luv toi find out the pest who is doing this... but the search facility of Intruder alert says it cannot find such an IP address ! They have obviously masked it using some hack ware... Could there be a virus/bug that is planted on my PC that is provoking the hack attempt ? I mean it has to be that [HOW CAN I DETECT & REMOVE it ???] or the guy has nothing better to do than try to hack into my PC 24hrs a day, seriuously everytime i am on day or night i get the alert !?

    This was long but i would appreciate your help...

    thanx,

    Dizzynoodle
    Asus P2B @ 100Mhz
    PIII 800 / 133Mhz running @100MHZ = 600MHZ!!! VIA Asus Slotkey
    SimpleTECH 128MB X 3/ 100Mhz
    IBM 9.GB Ultrawide Scsi LVD
    IBM 18gb secondary drive @ 7200
    Maxtor 37GB storage drive @ 5400
    Marvel G200 TV
    Microtek E6 scanner via scsi card {adaptec 1502}
    HP CD12ri CDRW 12X10X32 BurnProof!
    Creative Infra48 CD ROM
    Creative AWE64 Gold [ISA]
    Realtek Chip NIC 10/100
    21' Samsung Syncmaster 1000p
    Firewire card
    Mini USB hub
    8 port Compex 10/100 hub
    Sandisk Reader - USB
    Cordless Logitec Mouse
    Iomega Zip100 [the old ugly one!]
    HP 1220 C - A3 printer
    Tags: None
  • #2
    Do you have an up to day virus scanner?
    AMD Phenom 9650, 8GB, 4x1TB, 2x22 DVD-RW, 2x9600GT, 23.6' ASUS, Vista Ultimate
    AMD X2 7750, 4GB, 1x1TB 2x500, 1x22 DVD-RW, 1x8500GT, 22" Acer, OS X 10.5.8
    Acer 6930G, T6400, 4GB, 500GB, 16", Vista Premium
    Lenovo Ideapad S10e, 2GB, 500GB, 10", OS X 10.5.8

    Comment

    • #3
      DizzyNoodle, is that an HTTP port probe (port 80)? If it is then your seeing hits caused by those infected by the Code Red virus (worm).

      Nothing is wrong with your machine... just alot of pansies out there who haven't applied the patch to their server yet (mostly Win2K server morons)
      "Be who you are and say what you feel, because those who mind don't matter, and those who matter don't mind." -- Dr. Seuss

      "Always do good. It will gratify some and astonish the rest." ~Mark Twain

      Comment

      • #4
        most likely a result of CodeRed on other peoples pcs!

        Comment

        • #5
          oops, Greebe got there first!

          Comment

          • #6
            PLS EXPLAIN !

            Thanx for your propmpt responses !

            1. I do have the latest Virus Definitions for Norton Antivirus 2001

            2. How is the Hack Attack a result of others being infected by CODE RED ? Pls explain... Do i need to do anything ? Are the infected PCs going to effect my PC in my Intruder Alert does not stop them ?

            dizzynoodle
            Asus P2B @ 100Mhz
            PIII 800 / 133Mhz running @100MHZ = 600MHZ!!! VIA Asus Slotkey
            SimpleTECH 128MB X 3/ 100Mhz
            IBM 9.GB Ultrawide Scsi LVD
            IBM 18gb secondary drive @ 7200
            Maxtor 37GB storage drive @ 5400
            Marvel G200 TV
            Microtek E6 scanner via scsi card {adaptec 1502}
            HP CD12ri CDRW 12X10X32 BurnProof!
            Creative Infra48 CD ROM
            Creative AWE64 Gold [ISA]
            Realtek Chip NIC 10/100
            21' Samsung Syncmaster 1000p
            Firewire card
            Mini USB hub
            8 port Compex 10/100 hub
            Sandisk Reader - USB
            Cordless Logitec Mouse
            Iomega Zip100 [the old ugly one!]
            HP 1220 C - A3 printer

            Comment

            • #7
              Code Red attempts to access unsecured web servers running Win2K/NT. If the "hack attempts" are directed to port 80 most likely it is just the Code Red worm so I wouldn't be too worried.

              Comment

              • #8
                Have you tried ZoneAlarm ? It's free and one of the best Personal FireWalls you can get !

                You can always check out http://www.robertgraham.com/pubs/firewall-seen.html to get info on the ports and their meaning.
                Fear, Makes Wise Men Foolish !
                incentivize transparent paradigms

                Comment

                • #9
                  The link posted above is sort of a FireWall Forensic giving information on almost all know ports that exist on a windoze platform and their use.
                  Fear, Makes Wise Men Foolish !
                  incentivize transparent paradigms

                  Comment

                  • #10
                    Can someone explain this to me please?
                    I am, as most of us, under CodeRed attack through my ADSL connection. No problem as I use ZoneAlarm for a long time now. Moreover, I never installed ISS (IIS?).
                    OK, now for the funny part and the question:
                    I have a removable HD bay and several disks with the various Win versions installed. My working version is W2K. The other ones are for testing purposes (I am a programmer in the computer telephony at night). When I use W2K, I get something like 3 or 4 attacks per evening (usually 8pm ->3am).
                    However, when booting WXP, I get something like 1 or 2 attacks per minute.
                    ZoneAlarm is configured the same under both OS.
                    What makes the difference?
                    Michka
                    I am watching the TV and it's worthless.
                    If I switch it on it is even worse.

                    Comment

                    • #11
                      it has to be in the way you measure the attack frequency, as the code red virus doesn't 'know' on beforehand which os you are using, neither does it use feedback to increase scan frequency.

                      Comment

                      • #12
                        I'm using a Linksys Cable/DSL router/switch.

                        It has a built-in hardware NAT firewall that uses zero system resources and requires zero maintenance. It does log intrusion attempts though. Whenever I test the firewall using the various online security testing services (ex: ShieldsUP!) they can't even see the systems on my network, much less penetrate them

                        You can get it in various switch configurations: <$100 for a 1 port, $140 for a 4 port and $180 for an 8 port (US$). A 3 port device with USB is new to the product line. A similar device with wireless AP capability runs about $100 more.

                        It also serves as the networks DNS server and can provide up to 253 computers with net access.

                        Sites-LINKUS-Site
                        http://www.linksys.com/products/group.asp?grid=5
                        Commerce Cloud Storefront Reference Architecture


                        Dr. Mordrid
                        Last edited by Dr Mordrid; 14 August 2001, 14:30.
                        Dr. Mordrid
                        ----------------------------
                        An elephant is a mouse built to government specifications.

                        I carry a gun because I can't throw a rock 1,250 fps

                        Comment

                        • #13
                          Thanks, DZeus.
                          I agree with you, it shouldn't make a difference, but...
                          Actually, I don't really measure the number of attacks, I just leave the ZoneAlarm popup message on.
                          And as I said, it only pops up 3 or 4 times per evening under W2K, but several times a minute under WXP.
                          Very strange indeed, as I am logging to the net with the same account and through the same line.
                          Now, of course, ZoneAlarm was not written for WXP.
                          Michka
                          I am watching the TV and it's worthless.
                          If I switch it on it is even worse.

                          Comment

                          • #14
                            I've said it before and I'll say it again.

                            If your machine is configured correctly (not necessarily the EASIEST of tasks) you don't need a firewall - hardware, software, or vapourware.

                            I mean c'mon - there was a patch for the code red worm DAYS before it activated. Jumping Jesus on a pogo stick, people!

                            I have WinXP. No firewall. No software firewall. No NAT. No spoofing. And yet when I visit Shields Up! or any other site of that nature, it can't even SEE my machine. Why? Because I didn't open a shitload of ports up. Simple.

                            *shrug* Hey, use what you want. But really, all you're gonna do is worry yourself needlessly.

                            - Gurm
                            The Internet - where men are men, women are men, and teenage girls are FBI agents!

                            I'm the least you could do
                            If only life were as easy as you
                            I'm the least you could do, oh yeah
                            If only life were as easy as you
                            I would still get screwed

                            Comment

                            • #15
                              Not paranoid !

                              Listen man, i not trying to be a pain... not over paranoid ! But when i have hack attack warnings every 2 minutes... i want to know what the heck is happening and how to solve it ! I don't claim to be a wizz-hack-crack-programmer... but i can kick ass in creative graphic design! Having said that [running to win2k] i wanted to know how NOT to have have my PC hacked into ! I still did not understand the Code Red issue... is it false warnings... or they are hacks attempted automatically by infected servers ?!!?
                              Asus P2B @ 100Mhz
                              PIII 800 / 133Mhz running @100MHZ = 600MHZ!!! VIA Asus Slotkey
                              SimpleTECH 128MB X 3/ 100Mhz
                              IBM 9.GB Ultrawide Scsi LVD
                              IBM 18gb secondary drive @ 7200
                              Maxtor 37GB storage drive @ 5400
                              Marvel G200 TV
                              Microtek E6 scanner via scsi card {adaptec 1502}
                              HP CD12ri CDRW 12X10X32 BurnProof!
                              Creative Infra48 CD ROM
                              Creative AWE64 Gold [ISA]
                              Realtek Chip NIC 10/100
                              21' Samsung Syncmaster 1000p
                              Firewire card
                              Mini USB hub
                              8 port Compex 10/100 hub
                              Sandisk Reader - USB
                              Cordless Logitec Mouse
                              Iomega Zip100 [the old ugly one!]
                              HP 1220 C - A3 printer

                              Comment

                              Previous 1 2 3 template Next
                              Working...
                              X