Firewall blocked an intrusion attempt and provides me with all the pertanent info on the attacker.:D

http://www.imageshack.us/files1/ip.jpg

Yeah MacAfee does that too, along with every other good Virus Protection/Firewall.

The fact that it gives you the street address is cool...

Call him up and tell him "Stop trying to break into my computer."

That'll freak him out.

Originally posted by Dayspring
The fact that it gives you the street address is cool...

Call him up and tell him "Stop trying to break into my computer."

That'll freak him out.

Imagine someone showing up on his doorstep:p

Prolly some little 14 year old punk:mad: :o

I don't think it will give you the names of people though, Bell Sympatico isn't a person, its a company.

Originally posted by Dayspring
The fact that it gives you the street address is cool...

Call him up and tell him "Stop trying to break into my computer."

That'll freak him out.

that address is the owner of the ARIN netblock, not the actual user. you would have to contact the netblock owner, and have them determine who is assigned that IP address through their routers/switches and doodoo like that.

example:

http://ws.arin.net/cgi-bin/whois.pl?queryinput=!%20NET-67-70-84-0-1

(copy the entire thing, vBulletin doesnt parse it correctly)

Originally posted by xmetal2001
I don't think it will give you the names of people though, Bell Sympatico isn't a person, its a company.

Yeah, I figured that. Bell sympatico is a canadian telecommunication company. They do stuff like telemarketing, internet sales, etc.

Originally posted by Cryer
Yeah, I figured that. Bell sympatico is a canadian telecommunication company. They do stuff like telemarketing, internet sales, etc.

In otherwords... spam and popups.

Burn it to the ground says I. :D

Too bad they're In the great white north instead of somewhere closer like Oklahoma....

BEll Sympatico is an ISP and maybe a phone company, I'm not sure on that one.

It doesn't give you the persons address it gives you the address of his ISP.

You could call and complain, give them his Ip, and when the attack happened.

cool i would do as mcveighr stated

I've already dispatched an email;)

What kind of attack was it? More then likely whoever did it just has a trojan on their computer.

Originally posted by e mag
What kind of attack was it? More then likely whoever did it just has a trojan on their computer.
It was a netbus trojan.
I'm not sure of how those operate; if it was malicious, or the other party was unaware of the activity. Either way, I've notified sympatico of the event, and they can take the next step, whatever that may be.

I've had a couple intrusion attempts from Bel-Air, Cal. Next time I get one, any of you people out that way want to do me a favor? :D I'll supply the Nine-Iron and a Louisville Slugger complete with half inch nail.

Man that thing already has it's crosshairs on him. Just nuke the site from orbit, it's the only way to be sure :cool:

Lets hope it's not a false positive.

I've seen both Norton and McAfee detect a small set of pings (3-5) as a SYN attack. :rolleyes:

L-A-M-E.

good luck.

lol...one time it traced someone on campus as being in california...weird. yet it says that itwas from the "SUNY binghamton." lol...oh and it isn't that amazing (although i was once fascinated)..go here:

http://paulding.net/IPcheck.html

edit- it appears my router at home makes IP trackers think i'm in marina del rey, CA. muahahah.

Originally posted by impostal22
lol...one time it traced someone on campus as being in california...weird. yet it says that itwas from the "SUNY binghamton." lol...oh and it isn't that amazing (although i was once fascinated)..go here:

http://paulding.net/IPcheck.html

edit- it appears my router at home makes IP trackers think i'm in marina del rey, CA. muahahah.
Thats where your ISP is likely located. It gave me info for Bell canada/bell sympatico again when I looked for the IP Norton gave me.

Originally posted by impostal22
lol...one time it traced someone on campus as being in california...weird. yet it says that itwas from the "SUNY binghamton." lol...oh and it isn't that amazing (although i was once fascinated)..go here:

http://paulding.net/IPcheck.html

edit- it appears my router at home makes IP trackers think i'm in marina del rey, CA. muahahah.

Me too. I use Mediacom.

If youre going to report every attack to the isp youre probably going to be reporting a lot; when I had blackice I would get like 50 attacks per day. For most people firewall's aren't even worth having if you just update windows and are careful about what you download. If someone who knows what they are doing wants to actually hack you then norton isnt going to stop them.

Norton Blows!!! They selectively block out pro gun sites when you search. I won't use norton internet security ever!

You can customize what types of sites they block out. You can even specify what sites to allow...

They have taken the liberty of censoring it for you. The NRA won't come up but handguncontrol will. Its wrong!

...ok kids, what did we learn today?
1. Always use a proxy or a rooted account somewhere else. Make sure you have a nice rootkit installed and that you aren't being loged.
2. Using someone elses unencrypted wifi accesspoint/router is also a good idea. You can find a ton of these downtown.
3. Don't do this from home, unless you have a couple hops between you and the victim... and your sure the victim isn't that important.
3. Make sure, if passive traced, logs point to someone else.
4. War driving is a good idea. War chalking, not so much, the owner of the access point might secure it.
5. If your a script kiddie... you probably don't know what the hell your doing.

Odds are, thats a virus/netbus . IF its an actual person trying to compromise your system, thats most likely not their address but the address of a router/proxy/gateway/rooted-comp/shell-account

I'm just sharing commons sence :).


Originally posted by Mindflux
Lets hope it's not a false positive.

I've seen both Norton and McAfee detect a small set of pings (3-5) as a SYN attack. :rolleyes:

L-A-M-E.

good luck.

Interesting, the last time I checked pings where ICMP packets and not stream-based. It wouldn't initiate a SYN handshake.

IPTables is the best firewall ever.