-
Hi Guest - Come check out all of the new CP Merch Shop! Now you can support CigarPass buy purchasing hats, apparel, and more...
Click here to visit! here...
Virus
- Thread starter emodx
- Start date
hbooker
Cigar DJ
djm,
Sounds like you might have a trojan virus. In other words, there's a small program (virus) which will tell the hacker when you're online, and your IP address. Update Norton and see if you can clean it up.
Sounds like you might have a trojan virus. In other words, there's a small program (virus) which will tell the hacker when you're online, and your IP address. Update Norton and see if you can clean it up.
Smokin'Tone
I just might be your huckleberry
- Joined
- May 22, 2002
- Messages
- 1,193
There are a few ways you could track it. If you go to a dos prompt and type tracert <insert ip> and hit enter, you'll have a better idea what ISP that person is using. Then you contact the ISP and report it. Print your log, and send it to them also, but make sure you use a return reciept.
Unfortunatly, there may not be much you can do, because if the hacker knew what he was doing, he was 'spoofing' the IP address anyways, which means that you'd be pretty much SOL. Also, be ready to be treated as less than dirt. Most ISP's view people that have hack attempts as little more than whiners. Unless your a corporate giant, you may not get any respect towards your problem. Typical response we were told when I worked for an ISP was to tell the user that there were plenty of anti virus and firewall programs out there, and that you should have had it installed before you downloaded the virus (how they get away with this I have no idea)
Best advice is to make sure you've got Norton up to date and get a decent firewall software, or router. Zone Labs makes an excellent piece of software, and Norton has one as well.
Unfortunatly, there may not be much you can do, because if the hacker knew what he was doing, he was 'spoofing' the IP address anyways, which means that you'd be pretty much SOL. Also, be ready to be treated as less than dirt. Most ISP's view people that have hack attempts as little more than whiners. Unless your a corporate giant, you may not get any respect towards your problem. Typical response we were told when I worked for an ISP was to tell the user that there were plenty of anti virus and firewall programs out there, and that you should have had it installed before you downloaded the virus (how they get away with this I have no idea)
Best advice is to make sure you've got Norton up to date and get a decent firewall software, or router. Zone Labs makes an excellent piece of software, and Norton has one as well.
djm - Here's his information. Call his isp and tell them what's happening, they'll remove his account.djm said:
----------------------
Comcast Cable Communications, Inc. (NETBLK-JUMPSTART-1)
3 Executive Campus, 5th Floor
Cherry Hill, NJ 08002
US
Netname: JUMPSTART-1
Netblock: 68.32.0.0 - 68.63.255.255
Maintainer: CMCS
Coordinator:
Comcast Cable Communications, Inc. (IC161-ARIN) cips-ip-registration@cable.comcast.com
856-317-7300
Domain System inverse mapping provided by:
NS01.JDC01.PA.COMCAST.NET 66.45.25.71
NS02.JDC01.PA.COMCAST.NET 66.45.25.72
ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
Record last updated on 12-Jun-2002.
Database last updated on 7-Jul-2002 20:00:15 EDT.
Looks like he is with the same cable company you are djm. :sneaky:
Smokin'Tone
I just might be your huckleberry
- Joined
- May 22, 2002
- Messages
- 1,193
A virus can be anywhere, any partition.
I used to have Comcast when I lived in NJ, and I would sit and watch Zone Alarm going off constantly. most aren't really hack attempts, most are just 'port sniffing', to see if a port is open. THEN the attack comes.
Anyway, here's something else for you guys. It's the virus myth website. www.vmyths.com
It's a great site if your not too sure if you have a virus or not
I used to have Comcast when I lived in NJ, and I would sit and watch Zone Alarm going off constantly. most aren't really hack attempts, most are just 'port sniffing', to see if a port is open. THEN the attack comes.
Anyway, here's something else for you guys. It's the virus myth website. www.vmyths.com
It's a great site if your not too sure if you have a virus or not
FatherTiresius
Watcher of the Skies
- Joined
- May 4, 2002
- Messages
- 1,364
djm,
What Rod and the others have said is true. Just wanna add my 2 pennies in case you aren't confused enough. What you likely have is not really a true cracker (aka hacker), or even a script kiddie, but an automated worm like nimda or code red. Chances are, the guy at that IP addy isn't even aware that his machine is trying to break into yours. This doesn't make him any less to blame, imo. If you are going to play on the 'net, you should know how to lock down your boxen.
Once one of these worms infects a machine, it automatically searches out others in nearby internet space and tries to infect them. Since all of your break-in attempts have come from 68.37/16 I suspect that this is what's happening. Definately notify Comcast and they'll block outgoing packets from those machines until they get their poo together.
What Rod and the others have said is true. Just wanna add my 2 pennies in case you aren't confused enough. What you likely have is not really a true cracker (aka hacker), or even a script kiddie, but an automated worm like nimda or code red. Chances are, the guy at that IP addy isn't even aware that his machine is trying to break into yours. This doesn't make him any less to blame, imo. If you are going to play on the 'net, you should know how to lock down your boxen.
Once one of these worms infects a machine, it automatically searches out others in nearby internet space and tries to infect them. Since all of your break-in attempts have come from 68.37/16 I suspect that this is what's happening. Definately notify Comcast and they'll block outgoing packets from those machines until they get their poo together.
Smokin'Tone
I just might be your huckleberry
- Joined
- May 22, 2002
- Messages
- 1,193
I think I know what's happening.. Don't quote me on this tho, educated guess.
Comcast had changed their EULA just before I moved to Brooklyn. They basically were saying that THEY would scan the network on a regular basis to make sure users weren't using their serivce to host servers and the like. So what COULD be happening is Comcast is basically scanning all ports to see what your up to.
Also, you really should turn off javascripting, because that's what most of the viruses hit on Windows. Because Outlook doesn't ask first, it'll open a HTML email, and if there's a virus embedded, BAM. You got it and unless Norton or whatever your using is up to date, it may not even see it.
DJm, I used to live in Carteret. You'll probably go , 'Where?" LOL... If you know where Woodbridge Center is, and Rahway prison, you'd be about 5 mins from Carteret
Exit 12 on the Turnpike. If you ever go, it is mandatory to go to Burger Express and order a chicken sandwhich, cheese fries, and a large pepsi with no ice. Your stomach will thank you for it ;p Well, unless your a veggieterrian, then I guess it wouldn't.
Comcast had changed their EULA just before I moved to Brooklyn. They basically were saying that THEY would scan the network on a regular basis to make sure users weren't using their serivce to host servers and the like. So what COULD be happening is Comcast is basically scanning all ports to see what your up to.
Also, you really should turn off javascripting, because that's what most of the viruses hit on Windows. Because Outlook doesn't ask first, it'll open a HTML email, and if there's a virus embedded, BAM. You got it and unless Norton or whatever your using is up to date, it may not even see it.
DJm, I used to live in Carteret. You'll probably go , 'Where?" LOL... If you know where Woodbridge Center is, and Rahway prison, you'd be about 5 mins from Carteret
Exit 12 on the Turnpike. If you ever go, it is mandatory to go to Burger Express and order a chicken sandwhich, cheese fries, and a large pepsi with no ice. Your stomach will thank you for it ;p Well, unless your a veggieterrian, then I guess it wouldn't. FatherTiresius
Watcher of the Skies
- Joined
- May 4, 2002
- Messages
- 1,364
Hmmmm, interesting idea Tony. You could very well be right. Broadband providers tightened up quite a bit after Code Red, nimda, etc. I use Adelphia and I found out the hard way that they block incoming port 80. So on my personal web server I have to use 8080 then port forward to 80 at my router.
In any case if it's just port scanning, it shouldn't cause you any worries. I get port scanned constantly (and do a good bit of it myself too :sneaky: ), it's a normal fact of life on the internet and isn't necessarily a Bad Thing (tm). My networking philosophy is that when I set up a network, I pretend that it doesn't have a firewall, then I install the biggest, baddest firewall I can build. That way, if somebody does get in, they can only do minimal damage. I'm also thinking about going to IPsec internally when I add a wireless subnet. I'm concerned about some guy out in the alley with a laptop being able to sniff my 802.11b traffic.
In any case if it's just port scanning, it shouldn't cause you any worries. I get port scanned constantly (and do a good bit of it myself too :sneaky: ), it's a normal fact of life on the internet and isn't necessarily a Bad Thing (tm). My networking philosophy is that when I set up a network, I pretend that it doesn't have a firewall, then I install the biggest, baddest firewall I can build. That way, if somebody does get in, they can only do minimal damage. I'm also thinking about going to IPsec internally when I add a wireless subnet. I'm concerned about some guy out in the alley with a laptop being able to sniff my 802.11b traffic.
Smokin'Tone
I just might be your huckleberry
- Joined
- May 22, 2002
- Messages
- 1,193
Of course! I had a friend that used to live in Avenel/Colonia. And that Ice Cream place on St Georges Ave... Mmmmm, ice cream (Not Carvel, the one where all the high school kids hang out)
LOL
LOL
Smokin'Tone
I just might be your huckleberry
- Joined
- May 22, 2002
- Messages
- 1,193
Hmmm, maybe about 2 1/2 years now. I left, went to CA, then came back to Carteret, then left for Brooklyn.