I used Hack tracer 2 find that my isp has been hacking into my computer. as a result, whenever i visit a site and they dont like the contents, they block it off to all of its members. I now Use Norton Personal Firewall and want 2 know if i am safe now and if not how can i?
No firewall will prevent your ISP from *****ing where you go if it wants to. What you need is not a firewall but a proxy. A proxy is simply another person's computer that you hook into first, and surf from there. Then all your ISP sees is the IP of that computer, not where you go!
If you're surfing websites you want to put a proxy in your browser that has port 80 or 8080 open. If you're surfing newsgroups you want a SOCKS proxy, port *080 open, in your newsreader. For newgroups (Usenet) never use your ISP's. Subscribe to an independent news provider to bypass your ISP.
Here's a good site for all types of proxies:
[url]http://tools.rosinstrument.com/proxy/[/url]
Hope that helped.
Would you care to name this censoring ISP?
I had an ISP that tried hard to hack my PC:
*] Running port scans from IPs in ISP's netblock.
2] When that didn't work he tried running port scans from ISP DNS IPs thinking he could get thru my firewall and/or I wouldn't notice scan packets. That didn't work either.
*] Then he "accidentally" emailed me virus. That didn't work also.
I dumped the bastard and got another ISP. I'm not going to pay anyone to hack/*****/censor me.
I s***est you:
*] Get a good firewall that will block outbound traffic (trojans) from your PC. Personally I prefer ZoneAlarm Pro. GRC firewall score***rd:
[url]http://grc.com/lt/score***rd.htm[/url]
If this link doesn't work, try later. Steve has been getting DDoS attacks.
2] Get good anti-virus prog and keep virus database up to date. Kaspersky AVP is probably the best. I use Grisoft AVG because I like interface and am careful what I do.
*] Get a good packet sniffer and learn how to use it.
[url]http://www.tamos.com/products/commview/[/url]
That's the only way you'll know what's going in and out of your computer. Launch your firewall first, then sniffer. That way sniffer is outside firewall and will display/log hits (attacks/probes/etc.).
Packet sniffers are intimidating for newbies but is worth learning. Besides, everyone was once a newbie.
4] Dump that crappy ISP and get a new one.
Blacksheep
IMHO one must connect to proxy through ISP. ISP has access to all packets and can reconstruct Web pages. Therefore, it is impossible to prevent ISP *****ing unless all proxy traffic is encrypted. Maybe SafeWeb?By johnny:
No firewall will prevent your ISP from *****ing where you go if it wants to. What you need is not a firewall but a proxy. A proxy is simply another person's computer that you hook into first, and surf from there. Then all your ISP sees is the IP of that computer, not where you go!
Blacksheep
HELLO THERE,
ii have nt used hack tracer and has no idea how it detects attack.
i still feel sharon is still vulnerable because if any one use anonymous port scan or ftp bounce or similar methods it would be difficult to determine if any port scan has been done on ur comp.
to prevent attacks its ad****ble to close all ur unused open ports.
how to do that i dont know,i hope some expertise in this group will help u.
good luck sharon.
i will try yo find get u a little more details,but i have to go now.
DATA if u need 2 close open ports just
close the program opening them
if u use say WS_ftp it would open port
2* or the one u set it should open
but in my opinion u should get a good firewall because its one big mess if u manege it alone .
Nirvman
I'm not sure about that. Say you do a traceroute (tracert) from your computer to another IP address. Your real (ISP) IP doesn't show in any of the hops but your proxy does. That would seem to mean that your ISP is cut out of the loop, as far as detection goes, because it's not involved in the packet processing. All packet activity is passing through the proxy, not your ISP. For all anyone can tell your computing begins at the proxy machine, not yours.[i]Originally posted by Blacksheep
IMHO one must connect to proxy through ISP. ISP has access to all packets and can reconstruct Web pages. Therefore, it is impossible to prevent ISP *****ing unless all proxy traffic is encrypted. Maybe SafeWeb?
[/B]
If this is wrong let me hear about it.
[Edited by johnny on 06-25-200* at *2:54 PM]
HI again,
i think this is an exemption to what jhonny said.
our college is behind a class c proxy server.
however when i send emails frm behind the proxy,i tried sending a mail to myself.
i then went through the e-mail header and found that it was the ip address of the computer which was assigned to the college by our isp was displayed in the header and not the proxies ip address.
our proxy is not an anonymous proxy either.
so yes the isp ip addy is involved even when u sent through proxy.
hi,
some of other port scans which may not be easily detected are stealth port scanners,sys and fin attacks(half opening of ports),sending ip fragments and ftp bounce.
normal port scanners just scan the port,no data is sent through the port.
since the port was scanned for and no data was transmitted through it the server an error will be issued and the attempt logged.
some firewalls even help detect sys attacks,so do as black sheep says.get a firewall .then get sleath port scanners and a port scan detection tool.
run them on ur system and find out if attacks r logged by ur detection programme.why let a hacker hack u first?
when u can analyse the whole thing urself.
thanx to nirvman and every one else for the update
I believe you're thinking of it from the remote host side; *****ing by IPs. Think of it like this: Your ISP is your portal to the Internet. They connect you to the Internet. All your traffic flows through the ISP's servers. They can monitor all your packets regardless of IPs. The only way to prevent ISP *****ing you is: Use a SSL tunneling proxy (https) or possibly an anonymizer service. This will give the ISP only the proxy's IP and the ISP can't read your packets to determine what Web sites you visit because they are encrypted.By johnny:
I'm not sure about that. Say you do a traceroute (tracert) from your computer to another IP address. Your real (ISP) IP doesn't show in any of the hops but your proxy does. That would seem to mean that your ISP is cut out of the loop, as far as detection goes, because it's not involved in the packet processing. All packet activity is passing through the proxy, not your ISP. For all anyone can tell your computing begins at the proxy machine, not yours.
Blacksheep
Thanks DATA,
In ZA Pro firewall I can block all fragments. Maybe I should select this option?By DATA:
firewalls/port scan
hi,
some of other port scans which may not be easily detected are stealth port scanners,sys and fin attacks(half opening of ports),sending ip fragments and ftp bounce.
Blacksheep
Hack tracer is a program that scans all ur ports for any possible hack threats. Wow while im writing this, my isp is trying hard 2 hack in. But now blackice defender seems 2 b doing the job. the isp tried lots of different ports from different computers. the isp name is etisalat. i live in the united arab emirates(but im not arab). they try hacking from something like:
cwd20*.emirates.net.ae
nwa422.emirates.net.ae,etc
sometimes they try it from
alshamil.net.ae which is their dsl service. a friend told me they shoved a virus into his computer and he had 2 format. he doesnt use antivirus software cuz hes a dumbass. i used some link above and got this info about it.
Network Information
Name
EMIRNET-EMIRNET
Network Range
2**.42.**2.0 - 2**.42.206.255
Owner
Emirates Internet, Public Internet Service Provider
Location
Emirates Telecommunication Corporation, P O Box **50, Dubai, UAE
Contact Information
Abdulla Hashim, hashim@emirates.net.ae, +*7* 4 2*48222, +*7* 4 2*48*00, Mahir El Fadil, mahir@emirates.net.ae, +*7* 2 2084*00, Saleem Mohd Albalooshi, +*7* 2 20846*0, Sultan Al Shamsi, sultan@uaenic.ae, +*7* 4 2*48222, +*7* 4 2*48*00
im trying to provide all the details i can cuz they see if i go 2 any porno site, wank over it and finally block it off to all users! they even block of anonymous surfing sites like surfola.com and everythin cuz we can access the blocked sites from here. i tried all those free proxy servers but it doesnt work. unfortunately i cant dump this isp cuz it is the only one in the country(!)
btw hack tracer seems to be damajed cuz it keeps hanging whenever i restart the comp. i tried reinstalling but no use.i remember it saying it had bloccked some inbound or somethin but hey, im just a newbie so forgive me for not being able to provide more info. so, anyway i can get through?
hi sharon,
u seem stuck with * isp in uae.sorry to hear that.
will accepting mails also look out for the annakournikova virus,its a jpeg file with vb code hidden it.so see that u never open an email attachment of this file thinking that it is a jpg file and will cause no harm.
the internet rules are pretty strict in uae.
see what it bill is passed in uae?
get as many ppl to know about these attacks.
the internet was never meant to be any bodys rite...the govt..has no rite to take it in on us because of a few ppl who ruin everything for us.
the inter net should have been a self regulated body were the ppl themselves are able to take care of it.
the growth of the internet itself is the result of freedom of expression and thought and doing so will only hamper its growth.The rite to ur privacy to access using anonymous is an individual rite.what i feel is that ur isp got a new admin who thinks he is a ********* buff and try and regulate every thing what he thinks is rite because he has the power to do so since he is {admin) of ur isp.
we will let u know if we find something u can do about it.
thanx guyz, i appreciate that. im not afraid to post on the forum blacksheep.
I dont give a f_ck what those dicks in etisalat think they can do. frankly these arabs are big fucks and i think they r 2 dumb to run an isp. half of the uae does know aout these hack attacks. i use norton antivirus but i dont think it can protect me from everything. i am extremely careful about attatchments and norton does warn me when i open files in vbs. they sent me the mtx trojan but i got rid of that from the registry and by using tds*. is it against the international law or somethin? cuz i could f_ck them by filing a complaint. i guess they r more strict cuz they r muslims. if u were caught for doing something wrong i n saudi arabia, u would definitely have some part of ur body cut off. im still puzzled why none of those free public proxies dont work for me.
for some reason, they havent been able to block completely [url]http://www.surfola.com.[/url] when i try to login it blocks the first time but if i hit back and try again it works. any idea why(apart from those arabs being dimwits)
Posting Permissions
Reply With Quote
