Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Blocked a hacker through norton firewall,they are sending a trojon horse. But they keep tryin to send it and was wondering what i should do?

Posted on 2004-04-14
6
Medium Priority
?
226 Views
Last Modified: 2013-11-16
Hi, my internet firewall has blocked a particular ip several times from the same location. But they continue to persist in trying to send me a trojon horse, what should i do? is there anything i can do?
Is there anyway of sending a message to the ip telling him that i know what he is doing?
Many thanks Andrew
0
Comment
Question by:neo-deadconcept
  • 2
6 Comments
 
LVL 4

Expert Comment

by:hawgpig
ID: 10838137
What OS???
Is your drive shared??
If it is unshare it and update your OS!!
Good Luck
0
 

Author Comment

by:neo-deadconcept
ID: 10840651
I am running windows xp and i have norton firewall running and the firewall has blocked the ip several times, really all i wanted to know was there some way of scaring off whoever is sending the trojon? and am i able to report them at all?
thanks Andrew
0
 
LVL 4

Accepted Solution

by:
hawgpig earned 500 total points
ID: 10843051
look up the owner of the IP address at
http://wwwdnsstuff.com
use the who is look up or who is search....
This will tell you who owns the IP address range that the attack is coming from....
you can then send a message to the ISP complaining about the attack...
They may or may not do anything about it.....I am getting attacks all day long on my hardware firewall...
I could spend all of my time just e-mailing ISPs all over the place....
But doesn't do any good...The attack is probably not targeted against you......
it is probably some schmo that has the worm on his computer and doesn't even know it.....
and it just keeps trying to send to random computers on the NET....
The firewall is doing it's job, just let it....telll the firewall to block the address all the time....
If the firewall is working don't worry about it......it is not going to get in....
make sure your patches are installed and forget it...
Many have tried and MOST have failed to catch up with these guys....
Good Luck
0
 
LVL 3

Expert Comment

by:alwayssmiling
ID: 11019649
Another site to check who the ISP is is http://www.arin.net Just put the IP in the box at the top, and click on Whois.

As for sending an e-mail or something to the person, don't.  More than likely as hawgpig pointed out, it's possibly someone with a worm on their computer.  But, if it is indeed someone with malicious intents, they will try harder..  By sending them an e-mail, you're confirming that one of the IP addresses they are scanning is valid.  

Symantec should have a reporting feature in their firewall (most do).  I know in free versions, it's disabled, but since you have their Personal Firewall, you paid for it.  I would go through their help menus and see if there is a reporting option somewhere.

Also like hawgpig said, as long as your firewall is blocking them, sleep easy.  But, keep everything updated (Firewall, antivirus, and Windows).  That's the best way to make sure the 'nasties' don't get to you.
Hope this helps you.
Patrick.
0

Featured Post

Ready for your healthcare security check-up?

In the past few years, healthcare organizations have become a prime target for advanced attacks. Does your organization have what it needs to defend itself? Schedule your healthcare security check-up today and download our free Healthcare Security Resource Kit today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question