|
|
|
|
Lisa
SFN Regular
USA
1223 Posts |
 Posted - 09/12/2001 : 09:43:27
|
I've only been sitting at the computer for about 40 minutes, and three times someone has tried to hack in. ZoneAlarm informs me when this happens. Anyone else out there with a firewall having this problem?
Lisa
|
|
|
@tomic
Administrator
USA
4607 Posts |
 Posted - 09/12/2001 : 10:14:30 [Permalink]
|
Did ZoneAlarm inform you that it had blocked the access? We get hundreds of such attempts daily where I work but as long as they are blocked I could care less.
@tomic
Gravity, not just a good idea...it's the law! |
 |
|
|
Lisa
SFN Regular
USA
1223 Posts |
Posted - 09/12/2001 : 11:40:49 [Permalink]
|
Yes, it blocked access. Ed showed me "geektools" and how to trace it back. Why is someone named "Pearl Lynn" in China interested in what I'm doing on my computer?
Maybe I should just write to her and give her the addresses of the astronomy and science sites I go to. Ed thinks they're boring as hell, I can spread the joy around a little more.
Lisa
|
|
|
|
@tomic
Administrator
USA
4607 Posts |
Posted - 09/12/2001 : 11:45:49 [Permalink]
|
quote:
Ed showed me "geektools" and how to trace it back. Why is someone named "Pearl Lynn" in China interested in what I'm doing on my computer?
I never heard of being able to get an actual name unless you know someone that works for an ISP. Did you just get a computer name possibly? Most likely this person could care less what your browsing habits are but were more interested in using your computer for something or stealing passwords or data.
@tomic
Gravity, not just a good idea...it's the law! |
|
|
|
Lisa
SFN Regular
USA
1223 Posts |
Posted - 09/12/2001 : 12:00:18 [Permalink]
|
quote:
I never heard of being able to get an actual name unless you know someone that works for an ISP. Did you just get a computer name possibly?
It's called "geektools.com"
Click on "whois"
quote:
Most likely this person could care less what your browsing habits are but were more interested in using your computer for something or stealing passwords or data.
I know that, I was being a smart-ass.
Lisa
|
|
|
|
ktesibios
SFN Regular
USA
505 Posts |
Posted - 09/12/2001 : 19:26:26 [Permalink]
|
Not every communication that Zonealarm blocks is a hack attempt. Some are normal network traffic, e.g, if you've been visiting a Web site and then go to another one it's not uncommon for the first site to try to ping you to see if you're still there.
A lot of the other alerts (particularly any involving ports 137 & 139) are port scanners-programs which attempt to make a connection to vulnerable NetBios ports on a whole bunch of different IP addresses and then note the results for later- basically a form of scouting for insecure computers. These are, in a sense, hack attempts.
Some are looking for computers infected by specific Trojans, such as SubSeven- the object here is usually to use the infected computer to run "bots" in a DOS attack against some third party.
The thing about port scans is that they're not actually targeting your specific computer- they're scanning a whole range of addresses in the hope of finding something exploitable.
Anyway, as long as ZoneAlarm blocked the incoming messages, you don't have anything to worry about.
What you describe is pretty congruent with my own experience online with ZA running. I've actually seen as many as 15 blocked contacts, from the same source, directed at different ports, in less than 5 minutes.
Boris Karloff died for your sins. |
|
|
|
Snake
SFN Addict
USA
2511 Posts |
Posted - 09/13/2001 : 00:53:11 [Permalink]
|
quote:
Not every communication that Zonealarm blocks is a hack attempt. Some are normal network traffic, e.g, if you've been visiting a Web site and then go to another one it's not uncommon for the first site to try to ping you to see if you're still there.
A lot of the other alerts (particularly any involving ports 137 & 139) are port scanners-programs which attempt to make a connection to vulnerable NetBios ports on a whole bunch of different IP addresses and then note the results for later- basically a form of scouting for insecure computers. These are, in a sense, hack attempts.
Some are looking for computers infected by specific Trojans, such as SubSeven- the object here is usually to use the infected computer to run "bots" in a DOS attack against some third party.
The thing about port scans is that they're not actually targeting your specific computer- they're scanning a whole range of addresses in the hope of finding something exploitable.
Anyway, as long as ZoneAlarm blocked the incoming messages, you don't have anything to worry about.
What you describe is pretty congruent with my own experience online with ZA running. I've actually seen as many as 15 blocked contacts, from the same source, directed at different ports, in less than 5 minutes.
Boris Karloff died for your sins.
I don't understand any of that. WHY is it a worry if someone 'gets into' your computer?
The only confidential info on mine is my stock portfoilo and gee, I don't mind sharing what stocks I have. LOL, wish someone would buy into the companies.
So unless these people want to talk about Cockers and animal rescue, What Me Worry!
Care to explain what you are talking about?
I don't get it!
nlm
Rap Crap is to music what Paint by Numbers is to art. |
|
|
|
Lisa
SFN Regular
USA
1223 Posts |
Posted - 09/13/2001 : 08:46:44 [Permalink]
|
That's what I was being a smart-ass about. Anyone hacking in here had better have a love for Diablo II. What a savvy person could do however, is attempt to grab stuff like passwords and credit card numbers. Hello identity theft. While they're in there, and just for fun, why not go ahead and plant a virus, what the hell.
Go to www.zonelabs.com
It's free for home use, and might save you some grief in the long run.
Lisa
|
|
|
|
@tomic
Administrator
USA
4607 Posts |
Posted - 09/13/2001 : 09:13:22 [Permalink]
|
Even if you don't have any informnation worth stealing your computer could be taken over and used in a Denial pf Service attack or you could even find the Secret Service at your door because someone used your computer to send threatening email to public officials.
@tomic
Gravity, not just a good idea...it's the law! |
|
|
|
Snake
SFN Addict
USA
2511 Posts |
Posted - 09/13/2001 : 19:28:44 [Permalink]
|
quote:
Even if you don't have any informnation worth stealing your computer could be taken over and used in a Denial pf Service attack or you could even find the Secret Service at your door because someone used your computer to send threatening email to public officials.
@tomic
Way cool! LOL. @, you've been in my house, it's even messier now then when you were here. I dare the Secret Service to search through it. LOL, it might even look more straightened up when they are done.
Rap Crap is to music what Paint by Numbers is to art. |
|
|
|
 |
|
Topic Locked
