Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
hello , I am using Pc cillin firewall and I have just recently come under attack from something I havent seen before and it was labelled as smurfs , could someone please tell me what these are oh and im also coming under NetBIOS browsing and ping attacks from one IP address that seems to be on an IP from my ISP (not the company but someone else that is using the same isp as me) , it got even weirder when my sygate firewall also started to receive some of the p[ort scans as well (usually the pc-cillin firewall takes care of them)
I do get these attacks often but already the attacks are numbering in the hundreds just over the last few minutes where as I would be lucky if I got 20 per day max
Any help MUCH appreciated
Still getting the ping attacks etc (has been doing so for last hour now)
oh and I did a scan with spybot search and destroy , it came up that I had 85 problems (eg one under MS wordpad that was some registry key" but then it said at the top that:
"no immediate threats found"sorry for asking so many questions , I did an adaware scan and got rid of 4 cookies
I have never encountered what I just did on the spybot search and destroy (just updated it before the scan)
0 
0
lol A Smurf is a DDOS attack tool.It stands for Distributed Denial Of Service.Theres two ways that they can attack by sending fragmented packets or by trying to make TCP connections with a large amount of numbers so your system will not respond or shutdown.In order for a DDOS attack to work though you need many many machines to be pinging one machine. There really isnt alot to stop these they seem to be the most powerful attack on the internet for now.
~White Hat~
0
ComputerNovice, you really shouldn't be using two firewalls together, not software ones anyway. They, as also in the case of Antivirus software, tend to conflict.
Your firewall should be blocking these attacks. Are you having any internet connection issues? Or, is the firewall just blinking like nuts and warning you about the attacks?
I had Sygate for awhile and got pinged half to death, lol. It will warn the crap out of you and scare you, but it will keep the attacker from getting further for the most part.
HOWEVER, they CAN get in, it just takes a smart hacker. Your best defense is to have a software AND hardware firewall. Double up the layer of protection and you will be much better off.
Now, report the IP address to your ISP. I had the exact same thing happen to me, and, they were able to tell me that yes, he was one of their customers and gave his city. They watched him and one day he just went poof and was gone.
Your guy is probably hiding behind a proxy, which makes things a bit harder, my problem child wasn't smart enough to do that. So, unless you are having actual service problems, or your computer is acting like it's no longer in your control, just report the IP address and relax.
0
ISP's can contact Proxies and ask for the logs which that have everyone that connected to them and everything that they do so if you report it they can find out who it is.
~White Hat~
0
That's true----unless they are using a proxy that is out of the country. They still can do it of course, but it gets difficult. It especially can be a mess if the proxy is coming from one of the, how do I put this, "undesirable nations".
Look at it this way, the friendlier the US is with them, the more likely they are to cooperate. Also, some of the so-called "anoymous" proxy servers, CLAIM they purge their logs at certain points. I highly doubt it, because what happens when the proxy is used for illegal activites?
Look, all you can really do is report the activity and let the ISP handle it from there. If you have yourself guarded as much as you can using firewalls and such, then that is about all you can really do. You could hack back, but then you'll be just as guilty.
If your ISP does not want to look into the matter, find another ISP.
0
many thanks guys for all your help!!! , it seems that the attacks have now stopped , certainly did freak me out a bit.
0
Attacks have just started again and I have informed my ISP about it , wonder if they will be able to do much...
0
Steve Gibson also had an excellent article on what he discovered about DDOS attacks when he was attacked: http://www.grc.com/files/grcdos.pdf
I thought it was hilarious - some kid starts DDOSing Steve because the thought that Steve called him and his friends script-kiddies (which he claims he didn't). So the kid DDOS's him, and Steve hacks his program only to find out the kid was a little script-kiddie.
Good stuff right there :D
0
Script Kiddie or not, these attacks can unnerve you if you haven't been there before. Given the right tools, even script kiddies can be hazardous. ComputerNovice, reporting them to your ISP is really all you can do for right now.
But, let me give you some advice based on past experience, don't just report them the one time they attack. Every time you get these attacks from this person, report it.
The problem is, some of these companies won't pay much attention to 1 incident that gets called in, and the person who called it in doesn't keep them updated on the situation. Bug them every time it happens and they will be more likely to take action.
Again, if they don't, find another ISP.
0
Just got this and have sent them my firewall logs
Abuse Team writes:
> Hi there
>
> without more informtaion we would be unable to track these attacks.
> We would need a copy of the firewall attacks with exact dates and times
> to be able to narrow this done and find the user who could possibly have a
> virus.
>
> we will
> look into
> this matter for you.
>
> Thanks
:)
0  |
 DVD burner
|
possible virus
|
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
