|
|||||||
 |
|
|
Thread Tools | Display Modes |
|
#1
03-18-2007, 04:17 PM
|
|||
|
|||
|
I've checked Norton...
And this same IP address keeps wanting to attack me, is it a person who's trying to hack into my computer, is it a website, or what?
 212.139.132.4,53 And the risk is noted as "Medium" It's happened a lot this month, actually. Happened since the 11th March and before-hand, probably. Tried to attack me twice a day yesterday, wtf! 
|
|
#2
03-18-2007, 05:13 PM
|
||||
|
||||
|
Quote:
th-cache-0.ns.uk.tiscali.com It's a home connection in the UK. It's unlikely they can exploit your computer in any way unless you have not patched in a long time and your firewall is badly configured. So in other words, these attacks are probably harmless. If you're really concerned, buy yourself a router to hide your computer(s) from the Internet.
|
|
#4
03-19-2007, 12:08 PM
|
|||
|
|||
|
It says Tiscali!?
That's my internet service provider 
|
|
#5
03-19-2007, 06:28 PM
|
|||
|
|||
|
angel,it's like this
The person is running a port scan in your IP range. I use to be scanned by someone in france. People just leave the program running using a scanner on ip rages from blahh blahh to blah blah.
Heres a little info,including the ABUSE email adress  212.139.132.4 = [ th-cache-0.ns.uk.tiscali.com ] (Asked whois.ripe.net:43 about 212.139.132.4) inetnum: 212.139.132.0 - 212.139.132.15 netname: UK-AS9105 descr: Tiscali UK Ltd Telehouse DNS Network descr: ========================================================== descr: Concerning abuse and spam ... mailto: abuse@uk.tiscali.com descr: e-mail to other addresses will not be dealt with. descr: ========================================================== country: GB admin-c: TU935-RIPE tech-c: TU935-RIPE status: ASSIGNED PA mnt-by: TU935-RIPE-MNT mnt-lower: TU935-RIPE-MNT mnt-routes: TU935-RIPE-MNT remarks: INFRA-AW source: RIPE Filtered role: Tiscali UK address: Tiscali UK Limited address: 20 Broadwick Street address: London W1F 8HT phone: 44 207 087 2000 remarks: Information: http://www.tiscali.com <-- hmmm org: ORG-TUL3-RIPE admin-c: DC-RIPE admin-c: DG9105-RIPE admin-c: GD9105-RIPE tech-c: DC-RIPE nic-hdl: TU935-RIPE remarks: Hostmaster Role Account mnt-by: TU935-RIPE-MNT source: RIPE Filtered abuse-mailbox: abuse@uk.tiscali.com <--- Ta Taaa route: 212.139.0.0/16 descr: Tiscali UK Limited origin: AS9105 mnt-by: TU935-RIPE-MNT source: RIPE Filtered ------------------------------------------------------------------------ my 2 cents 
__________________
What's New in Politics? Washington Scandals! Sign My Guestbook! Internet security is as real as your Dreams!
|
|
#6
03-26-2007, 11:27 AM
|
|||
|
|||
|
How did you get that?
And why would Tiscali do it?
__________________
Hi  Tiscali is the worst ISP ever. 
|
|
#7
03-26-2007, 01:44 PM
|
||||
|
||||
|
Quote:
http://en.wikipedia.org/wiki/WHOIS
|
|
#8
03-26-2007, 03:28 PM
|
|||
|
|||
|
I bet $50 it's your own IP..
Norton is stupid like that.. just tell norton not to give you warnings about it in the future.. If it's not your IP address then don't worry about it, as Norton is successfully blocking the attack..
|
|
#9
03-27-2007, 10:28 AM
|
|||
|
|||
|
Port scanning is not attack.They are every day a lot port scanning on the internet where people randomly enter ip range and then scan it for proxies, trojans etc...
btw To retrieve information about ip address or domain name try this WhoIs domain tool from Ip Address Location Code:
Server Used: [ whois.ripe.net ] 212.139.132.4 = [ th-cache-0.ns.uk.tiscali.com ] inetnum: 212.139.132.0 - 212.139.132.15 netname: UK-AS9105 descr: Tiscali UK Ltd Telehouse DNS Network descr: ========================================================== descr: Concerning abuse and spam ... mailto: abuse@uk.tiscali.com descr: e-mail to other addresses will not be dealt with. descr: ========================================================== country: GB admin-c: TU935-RIPE tech-c: TU935-RIPE status: ASSIGNED PA mnt-by: TU935-RIPE-MNT mnt-lower: TU935-RIPE-MNT mnt-routes: TU935-RIPE-MNT remarks: INFRA-AW source: RIPE Filtered role: Tiscali UK address: Tiscali UK Limited address: 20 Broadwick Street address: London W1F 8HT phone: +44 207 087 2000 remarks: Information: http://www.tiscali.com org: ORG-TUL3-RIPE admin-c: DC-RIPE admin-c: DG9105-RIPE admin-c: GD9105-RIPE tech-c: DC-RIPE nic-hdl: TU935-RIPE remarks: Hostmaster Role Account mnt-by: TU935-RIPE-MNT source: RIPE Filtered abuse-mailbox: abuse@uk.tiscali.com route: 212.139.0.0/16 descr: Tiscali UK Limited origin: AS9105 mnt-by: TU935-RIPE-MNT source: RIPE Filtered
|
|
#11
04-20-2007, 07:32 PM
|
||||
|
||||
|
Quote:
If you mean they port-scan IP addresses to detect users hosting services from their boxes (against some terms of service of ISPs), I wouldn't doubt them doing this, but the bandwidth might be a problem for them. Most likely they would just block popular service ports (e.g. 80) to impose their 'unlimited' service rules on you; their definition of unlimited being you don't use your connection for anything other than passive Internet-use such as browsing, don't download at full speeds for longer than one minute, you don't upload at all apart from to request web pages (their crappy upload speeds take care of this), don't use BitTorrent at all, don't host anything, pretty much don't do anything interesting on the net apart from browse generic mainstream news sites, because to them unlimited is a marketing term. To them, all users downloading at max speeds 24/7 would cripple their network, because it was built under the assumption that only 1 in 10 users would actually be doing anything at any given time. Last edited by Ezekiel; 04-20-2007 at 07:35 PM.
|
|
#12
04-20-2007, 09:29 PM
|
|||
|
|||
|
Hi Mike, you are correct, sometimes it is forbidden under the conditions of your account to have *any* kind of server online. So each user is routinely scanned for ports like HTTP,
SMTP etc. After they discover an active server on your machine, you get nasty mail.
|
|
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
