My firewall records all attempts to hack my computer, it gives me things like the type of attack and the ip it came from. But what do i do with this enformation? Should i send it to the isp of the ip address or the cops or what?

Hey Ryan,

I think you will find that you get scanned or pinged lots of times during the day. I look at them because I'm curious, but forward a copy of my logs to My Net Watchman and to DShield. These two organizations track thousands of submissions daily.

By the way, I have ZoneAlarm, but I believe they also work with BlackIce .I'm not sure about other firewalls.

Hope this helps.

yeah i have sygate which is pretty good too and i get these attacks some i know of like boomtown and my service provider. They're just pinging BUT i get others too like today i got one which was blocked and i backtraced to find this:

Latin American and Caribbean IP address Regional Registry (NET-LACNIC-200)
Chucarro 1110 ap. 5
Montevideo, 11300
UY

Netname: LACNIC-200
Netblock: 200.0.0.0 - 200.255.255.255
Maintainer: LNIC

Coordinator:
Latin American and Caribbean IP address Regional Registry (LACNIC-ARIN) hostmaster@lacnic.net
(+55) 11 5509-3525

Domain System inverse mapping provided by:

ARROWROOT.ARIN.NET 198.133.199.110
BUCHU.ARIN.NET 192.100.59.110
CHIA.ARIN.NET 192.5.6.32
DILL.ARIN.NET 192.35.51.32
NS.LACNIC.ORG 200.160.0.7
NS.DNS.BR 143.108.23.2
NS2.DNS.BR 200.19.119.99

Who the hell are they?!! can anyone tell me at least sygate successfully blocked the bitches...

When you backtrace, did you get their home address? I did. I got some pretty interesting information on some attempted attacks made against me. I just dunno what to do with the information.

yeah i did i got 200.125.97.160
but how do i use this information?

If you don't have any vulnerable open ports don't worry too much. Like BillCherryAtl said, there are sites that can help determine if they are malicious. For the case you quoted, you could email the "hostmaster" at lacnic and try working together with them to find the source and block it. Hope its nothing.

I just got portscanned by the same person(I guess)as octo.
I wrote a mail to the responsible man(woman) of the provider, wonder what they will do about it!!

Polo36

Latin American and Caribbean IP address Regional Registry (NET-LACNIC-200)
Chucarro 1110 ap. 5
Montevideo, 11300
UY

Netname: LACNIC-200
Netblock: 200.0.0.0 - 200.255.255.255
Maintainer: LNIC

Coordinator:
Latin American and Caribbean IP address Regional Registry (LACNIC-ARIN) hostmaster@lacnic.net
(+55) 11 5509-3525

Domain System inverse mapping provided by:

ARROWROOT.ARIN.NET 198.133.199.110
BUCHU.ARIN.NET 192.100.59.110
CHIA.ARIN.NET 192.5.6.32
DILL.ARIN.NET 192.35.51.32
NS.LACNIC.ORG 200.160.0.7
NS.DNS.BR 143.108.23.2
NS2.DNS.BR 200.19.119.99

This IP address range has been transferred to LACNIC for administrative
oversight. Please see http://www.lacnic.net/ for further details,
or check the WHOIS server located at whois.lacnic.net

Record last updated on 16-Aug-2002.
Database last updated on 23-Aug-2002 16:56:03 EDT.
The information in this WHOIS database is current as of August 23, 2002,
and has been retained for historical purposes only. For the most current
information, query whois.arin.net or visit http://whois.arin.net.