Trojans
#1
Hi Everybody!
I have Norton Internet Security (firewall and virus software)
I got it when I got ADSL. This seemed like a good idea. Previously I had no antivirus stuff at all but common sense and possibly some luck had allowed me to never have a virus problem.
The firewall runs in the background all the time.
About twice a day I get a message saying someone tried to attack me with the sub7 trojan.
Is it possible that the software could be genrating false alarms or are these all genuine attacks?
If I did not have the firewall software would they always be successful attacks?
This is an area I know very little about.
However, I have read that there is little point tracing the IP address back to the provider and complaining becuse the IP address is probably faked and the provider will just ignore you. I'd appreciate your comments on this.
There is nothing important on my computer but I take this kind of thing quite personally. I feel that often the best form of defence is attack. I would like to find out who the culprits are and encourage them to stop.
I have Norton Internet Security (firewall and virus software)
I got it when I got ADSL. This seemed like a good idea. Previously I had no antivirus stuff at all but common sense and possibly some luck had allowed me to never have a virus problem.
The firewall runs in the background all the time.
About twice a day I get a message saying someone tried to attack me with the sub7 trojan.
Is it possible that the software could be genrating false alarms or are these all genuine attacks?
If I did not have the firewall software would they always be successful attacks?
This is an area I know very little about.
However, I have read that there is little point tracing the IP address back to the provider and complaining becuse the IP address is probably faked and the provider will just ignore you. I'd appreciate your comments on this.
There is nothing important on my computer but I take this kind of thing quite personally. I feel that often the best form of defence is attack. I would like to find out who the culprits are and encourage them to stop.
#2
Scooby Regular
Join Date: Oct 1998
Location: London
Posts: 4,891
Likes: 0
Received 0 Likes
on
0 Posts
Don't take it personally. It's just script kiddies probing random IP addresses for vulnerabilities. It's not meant directly for you, any more than spam is.
Just make sure you've got a half-decent firewall running (Zonealarm does the job nicely) and ignore them.
Just make sure you've got a half-decent firewall running (Zonealarm does the job nicely) and ignore them.
#3
I have sometimes wondered if this is something I need worry about. I use a work laptop at home with a normal modem connection to freeserve. Should I run some sort of firewall?
#4
Scooby Regular
Join Date: Oct 1998
Location: London
Posts: 4,891
Likes: 0
Received 0 Likes
on
0 Posts
It's less important if you're on a dial-up connection like freeserve, since you'll be automatically disconnected every couple of hours and when you redial you'll get a new, different IP address.
Mind you, I still have the firewall turned on in XP, just in case.
If you're on a fixed/constant connection (e.g., ASDL) then a firewall is essential.
Mind you, I still have the firewall turned on in XP, just in case.
If you're on a fixed/constant connection (e.g., ASDL) then a firewall is essential.
#5
Why do ADSL connections get a fixed IP address?
My ADSL behaves just like a dial up. If I leave it alone after 30 mins idle (as set by me) it disconnects.
When I reconnect, will it be the same IP or a different one?
Cheers
My ADSL behaves just like a dial up. If I leave it alone after 30 mins idle (as set by me) it disconnects.
When I reconnect, will it be the same IP or a different one?
Cheers
#6
Scooby Regular
Join Date: Oct 1998
Location: London
Posts: 4,891
Likes: 0
Received 0 Likes
on
0 Posts
ASDL should be 'always-on'. Otherwise how would you be able to run, say, a webserver from it?
The IP will be constant per-session, and may even be constant inter-session, depending on the contract you paid for. A permanent fixed IP will usually cost more though.
Who is your ADSL with? Considering one of the raisons d'etre for having ADSL is to have an always-on connection which doesn't drop, it sounds like you're getting a raw deal?
The IP will be constant per-session, and may even be constant inter-session, depending on the contract you paid for. A permanent fixed IP will usually cost more though.
Who is your ADSL with? Considering one of the raisons d'etre for having ADSL is to have an always-on connection which doesn't drop, it sounds like you're getting a raw deal?
#7
When i get these buggers trying to probe my computer,as soon as it happens i use a little piece of software which sends something back to them."Ping"their ip addy with data and it slows their connection down
Trending Topics
#8
Scooby Senior
Join Date: Feb 2000
Location: West Midlands
Posts: 5,763
Likes: 0
Received 0 Likes
on
0 Posts
scooby nutter,
trubble is that if you ping 'em back, they know that your IP address is valid and may snoop some more.
You are better off being stealthy and ignoring it - that way they will get bored and go back to playing with themselves! Hopefully they will go blind before they actually cause any harm
mb
trubble is that if you ping 'em back, they know that your IP address is valid and may snoop some more.
You are better off being stealthy and ignoring it - that way they will get bored and go back to playing with themselves! Hopefully they will go blind before they actually cause any harm
mb
#10
Scooby Regular
The object of the exercise when it comes to port scans is to pretend to be a black hole....don't give them any information, just drop the packet.....All of the Firewall's that I've seen that are configured to reject rather than drop are the ones that are continually probed/attacked.
As Bruce Schneier says in Secrets & Lies,
When being chased by a Grizzly Bear the object of the exercise is not to out run the Bear.......you just need to out run the person your with !
If you don't give anything away they'll move on it a more tempting target.
Jeff
As Bruce Schneier says in Secrets & Lies,
When being chased by a Grizzly Bear the object of the exercise is not to out run the Bear.......you just need to out run the person your with !
If you don't give anything away they'll move on it a more tempting target.
Jeff
Thread
Thread Starter
Forum
Replies
Last Post
Shropshire-Guy
Computer & Technology Related
16
30 December 2004 01:25 PM