Tom's Guide | Tom's Hardware | Tom's Games

Computing.Net > Forums > Windows 2000 > Hacker and Trojan

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

Hacker and Trojan

Reply to Message Icon

Name: Jim Bob
Date: September 13, 2001 at 02:09:12 Pacific
Comment:

I keep getting a security alert on Norton Personal Firewall 2000. The log shows the following message

Date: 9/10/2001 Time: 13:35:28
Rule "Default Block Hack 'A' Tack Trojan" blocked (172.188.142.72,31789). Details:
Inbound UDP packet
Local address,service is (172.188.142.72,31789)
Remote address,service is (172.188.102.202,31790)
Process name is "N/A"

The IP address is nearly always the same or very similar to the one shown above. Please could someone help explain the message and what else I can do about it. (I am running Win2000, NAV 2001 and NPFirewall 2000)

Thanx

Jim Bob



Sponsored Link
Ads by Google

Response Number 1
Name: Jim Bob
Date: September 13, 2001 at 06:04:22 Pacific
Reply:

Please also note that I only seem to get this messge when connected to Morpheus peer to peer software.

Jim Bob


0

Response Number 2
Name: Lucid
Date: September 13, 2001 at 08:20:18 Pacific
Reply:

Not sure if this helps or not, but the computer in your message, the 172.188.142.72 is "ACBC8E48.ipt.aol.com" so how do you connect to the Net? And I have NO idea what the Morpheus stuff even is.... Hopefully someone else can add a little more info or maybe shed some more light.....


0

Response Number 3
Name: Jim Bob
Date: September 13, 2001 at 08:50:07 Pacific
Reply:

I use AOL to connect to the web. Morpheus is a MP3 sharing device. Availible from download.com.

Please could you explain what ACBC8E48.ipt.aol.com is? Does anyone know the best way of reporting this sort of thing?


0

Response Number 4
Name: Jim Bob
Date: September 13, 2001 at 08:59:20 Pacific
Reply:

PS How did you work out what 172.188.142.72 is ?


0

Response Number 5
Name: Mike W
Date: September 13, 2001 at 09:29:30 Pacific
Reply:

That info could have been found using the following command from a command prompt:

"ping -a 172.188.142.72" (no quotes)

-MW


0

Related Posts

See More



Response Number 6
Name: Jim Bob
Date: September 13, 2001 at 10:42:26 Pacific
Reply:

Ok, I now understand a little more about what is going on, however could anyone recomend what I should do next ? Should I report it to someone and what infomation would they need ?

regards

Jim Bob


0

Response Number 7
Name: Mike
Date: September 13, 2001 at 12:14:50 Pacific
Reply:

Jim,

You need to send a copy of your log files to aol and be sure to include specific times and dates. They should be able to trace it back to the account that was using it at the time. It obviously is coming from an AOL ISP.

-Mike

contact aol to find out more info on what you can do about this.


0

Response Number 8
Name: Jim Bob
Date: September 14, 2001 at 02:18:36 Pacific
Reply:

Thanks for your advise Mike, I have sent all the deatils including the log files from Norton Personal Firewall 2000 to AOL. Hopefully something will be done about this user.

Thanks again for your advice

Jim Bob


0

Sponsored Link
Ads by Google
Reply to Message Icon

ASP or PHP with MS IIS ??... Fix for SPOOLSV.EXE Eatin...



Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Windows 2000 Forum Home


Sponsored links
Ads by Google


Results for: Hacker and Trojan
router + online gaming www.computing.net/answers/windows-2000/router-online-gaming/44805.html

Win 2K, NAV and Trojan/CodeRed II www.computing.net/answers/windows-2000/win-2k-nav-and-trojancodered-ii/45807.html

Virus's and Back-ups www.computing.net/answers/windows-2000/viruss-and-backups-/27856.html