Solved

Blocked a hacker through norton firewall,they are sending a trojon horse. But they keep tryin to send it and was wondering what i should do?

Posted on 2004-04-14
6
217 Views
Last Modified: 2013-11-16
Hi, my internet firewall has blocked a particular ip several times from the same location. But they continue to persist in trying to send me a trojon horse, what should i do? is there anything i can do?
Is there anyway of sending a message to the ip telling him that i know what he is doing?
Many thanks Andrew
0
Comment
Question by:neo-deadconcept
  • 2
6 Comments
 
LVL 4

Expert Comment

by:hawgpig
ID: 10838137
What OS???
Is your drive shared??
If it is unshare it and update your OS!!
Good Luck
0
 

Author Comment

by:neo-deadconcept
ID: 10840651
I am running windows xp and i have norton firewall running and the firewall has blocked the ip several times, really all i wanted to know was there some way of scaring off whoever is sending the trojon? and am i able to report them at all?
thanks Andrew
0
 
LVL 4

Accepted Solution

by:
hawgpig earned 125 total points
ID: 10843051
look up the owner of the IP address at
http://wwwdnsstuff.com
use the who is look up or who is search....
This will tell you who owns the IP address range that the attack is coming from....
you can then send a message to the ISP complaining about the attack...
They may or may not do anything about it.....I am getting attacks all day long on my hardware firewall...
I could spend all of my time just e-mailing ISPs all over the place....
But doesn't do any good...The attack is probably not targeted against you......
it is probably some schmo that has the worm on his computer and doesn't even know it.....
and it just keeps trying to send to random computers on the NET....
The firewall is doing it's job, just let it....telll the firewall to block the address all the time....
If the firewall is working don't worry about it......it is not going to get in....
make sure your patches are installed and forget it...
Many have tried and MOST have failed to catch up with these guys....
Good Luck
0
 
LVL 3

Expert Comment

by:alwayssmiling
ID: 11019649
Another site to check who the ISP is is http://www.arin.net Just put the IP in the box at the top, and click on Whois.

As for sending an e-mail or something to the person, don't.  More than likely as hawgpig pointed out, it's possibly someone with a worm on their computer.  But, if it is indeed someone with malicious intents, they will try harder..  By sending them an e-mail, you're confirming that one of the IP addresses they are scanning is valid.  

Symantec should have a reporting feature in their firewall (most do).  I know in free versions, it's disabled, but since you have their Personal Firewall, you paid for it.  I would go through their help menus and see if there is a reporting option somewhere.

Also like hawgpig said, as long as your firewall is blocking them, sleep easy.  But, keep everything updated (Firewall, antivirus, and Windows).  That's the best way to make sure the 'nasties' don't get to you.
Hope this helps you.
Patrick.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Checkpoint books 3 73
PFsense box as firewall 5 61
Event 1040, MSExchange Active Sync - Setting ins my SonicWall firewall 16 94
Unblock a website in Cisco ASA 3 79
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now