monitor file activity
+ Reply to Thread
Results 1 to 7 of 7

Thread: I located intruder, Now what?

  1. #1
    Join Date
    Nov 2001
    Posts
    2

    Cool I located intruder, Now what?

    Hello All, 'nother Newbie here.

    Using ZoneAlarm freebee, IE, OE, Yahoo and Hotmail on substantial Me system and DSL.

    Just found net-Tools and easily identified the intruder. The intruder appears to be my service provider Verizon.net (GTE.net).

    They use various addresses but all start out as 4.6*.*.* and various ports. They have hit on about every port on my machine.

    The report shown by Net-Tools whosis shows: "SmartWhois tamqfl*-ar7-4-6*-056-248.vz.dsl.gtei.net (4.6*.56.248)"

    Also shown is the e-mail address of a person which appears to be the same one each time.

    I installed ZA yesterday and already have 50+ hits. I am recieveing mail and newsgroup entries just fine on all accounts and even the transfers to OE are working great.

    Tell me: Do I contact the e-mail address? Does any part of the "SmartWhois tamqfl*-ar7-4-6*-056-248.vz.dsl.gtei.net (4.6*.56.248)" indicate a web page?

    Not new to computing at all but this Sneaky Pete thing is a bit different for me.

    Thank you for listening and will be very appreciative of any advice/guidance.

    Thanx

    Clunk

  2. #2
    Join Date
    Jun 2001
    Posts
    398
    hi,
    Tell me: Do I contact the e-mail address? Does any part of the "SmartWhois tamqfl*-ar7-4-6*-056-248.vz.dsl.gtei.net (4.6*.56.248)" indicate a web page

    re:it doesnt indicate a web page.try mailing.how r u sure it is an attack?right to port scan is a universal rite-lol

  3. #3
    Join Date
    May 2001
    Posts
    218

    I located intruder, Now what?

    Howdy Old Clunker:

    "Hello All, 'nother Newbie here."

    We were all newbies once.;-)

    "Using ZoneAlarm freebee, IE, OE, Yahoo and Hotmail on substantial Me system and DSL.

    Just found net-Tools and easily identified the intruder. The intruder appears to be my service provider Verizon.net (GTE.net).

    They use various addresses but all start out as 4.6*.*.* and various ports. They have hit on about every port on my machine."

    4.6*.*.* covers a lot of territory. Unlikely all hits were from your service provider (ISP). Probably some hits from other ********s of your ISP.

    "The report shown by Net-Tools whosis shows: "SmartWhois tamqfl*-ar7-4-6*-056-248.vz.dsl.gtei.net (4.6*.56.248)"

    For more specific info run domain name tamqfl*-ar7-4-6*-056-248.vz.dsl.gtei.net thru this: [url]http://www.geektools.com/cgi-bin/proxy.cgi[/url]

    "Also shown is the e-mail address of a person which appears to be the same one each time.

    I installed ZA yesterday and already have 50+ hits."

    DSL and cable connected comps are prime targets for hackers/crackers/script kiddies because of high bandwidth and usually static IPs. A good firewall is a must.

    "I am recieveing mail and newsgroup entries just fine on all accounts and even the transfers to OE are working great."

    So, what's OE?

    "Tell me: Do I contact the e-mail address?"

    Probably a waste of time. For first time firewall users this is fun: [url]http://www.neotrace.com/[/url]

    "Does any part of the "SmartWhois tamqfl*-ar7-4-6*-056-248.vz.dsl.gtei.net (4.6*.56.248)" indicate a web page?"

    No.

    "Not new to computing at all but this Sneaky Pete thing is a bit different for me."

    Was for me too. Spies, evil doers everywhere. "Ignorance is bliss.";-)

    "Thank you for listening and will be very appreciative of any advice/guidance."

    Good luck on your Internet privacy/security adventure.;-)
    Blacksheep

  4. #4
    Join Date
    Nov 2001
    Posts
    2

    Cool

    Thanks, Blacksheep, you have set my concerns on hold. Actually by now I have contacted my esteemed server and they have acknowledged that contact and all is well in the world. Hmmmm, well, in their world I guess.

    Scary, eh?

    But if you ain't worried, I guess I can follow that lead.

    Take care

    Clunk

  5. #5
    Join Date
    May 2001
    Posts
    218

    Whoa!

    Clunk:

    "Thanks, Blacksheep, you have set my concerns on hold."

    I certainly didn't intend to do that. If you want to protect your computer and everything in it, vigilance and knowledge of Internet privacy/security issues are keys.

    "Actually by now I have contacted my esteemed server and they have acknowledged that contact and all is well in the world. Hmmmm, well, in their world I guess.

    Scary, eh?"

    Rather worrisome and irritating, like footsteps behind you in a dark alley and rocks in your shoes.

    "But if you ain't worried, I guess I can follow that lead."

    I wasn't worried when I was unaware of port scans, NetBIOS connections, viruses, backdoors, trojans, spyware, Web bugs, cookie *****ing, remote controls etc.. Thats what I meant by "Ignorance is bliss"

    If you don't know about grc [url]http://grc.com/default.htm[/url] click Shields Up!!, test your shields and probe your ports (*2 of 65,5*5)
    Blacksheep

  6. #6
    Join Date
    Dec 2001
    Posts
    1

    Exclamation That's not an intrusion

    What you saw is not an intrusion. Your machine was not intruded. You're seeing a lot of incoming port scans. To my experience, it's the script kiddies from your ISP doing local scans. I s***est you send all logs to [email]abuse@yourisp.net[/email].

  7. #7
    Unregistered Guest
    Originally posted by Old Clunker
    Thanks, Blacksheep, you have set my concerns on hold. Actually by now I have contacted my esteemed server and they have acknowledged that contact and all is well in the world. Hmmmm, well, in their world I guess.

    Scary, eh?

    But if you ain't worried, I guess I can follow that lead.

    Take care

    Clunk

+ Reply to Thread

Similar Threads

  1. *****ing intruder...?
    By jackyl in forum Internet Privacy
    Replies: 2
    Last Post: 09-12-2006, 11:14 AM
  2. how can i kick an intruder?
    By tuglan in forum Internet Privacy
    Replies: 2
    Last Post: 04-08-2005, 09:28 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts