Report a Hacker
Home Page

About Viruses

Firewalls

Trojan List

Port Scanning

Report a Hacker

Favorite Links

Contact Page

What to do if one of your ports is under attack.
If you have read the information on this site, you should hopefuly have a clearer understanding about how your computer is linked to the Internet.

If your firewall gives you an alert (one of your computer ports being sniffed), then there are several things that you can do.

The first step is to ascertain your own IP Address:
You can do this by clicking on START....RUN....then type: winipcfg. When you click the OK Button, a dialogue box will display your IP Address. Write this down on a piece of paper.

The next step is to open up your firewall program and it should hopefully (not always) give you the IP Address of the attacker.
It should also give you the port number which was being sniffed (usually after your own IP Address).

EXAMPLE: This information was taken from Norton Internet Security.

Date: 05/06/01 Time: 16:41:41
Rule "Default Block SubSeven Trojan" blocked (213.48.40.204,27374). Details:
Inbound TCP connection
Local address,service is (213.48.40.204,27374)
Remote address,service is (62.137.147.104,2999)

From the example above, the Local Address is my IP (213.48.40.204). The number (27374) after my IP Address is the port which was being probed.
The Remote Address (62.137.147.104) is the hacker's IP Address.

Now, write down this information:

Date
Exact time of attack
Your IP Address
The Attacker's IP Address
Your Port Number
What to do with this information.

The first thing you can do, is look at the Trojan list (on this site) and compare the port number against the well known list of Trojans. If the number matches up, then you may wish to take the next step.

REPORTING THE HACKER.

Using all the information that you now have, it is time to report the hacker to his ISP.

Click on the following link and input the hacker's IP Address (where it says Whois).

Whois Proxy

Click the Whois Button and you may get a list of results (remember, the hacker may be in Stealth Mode, or may have gone offline).

Within those results, you should see an Email Address, where you can complain about abuse.

Give them all the information that you have. EVERYTHING HAS TO BE EXACT.

Time Zone
Exact Time (including seconds)
Your IP Address
Their IP Address
The Port that was probed.

This is basically all you have to do and you will have played a part in getting your own back on a hacker.

What has been attempted here is to give the reader a quick run down of how a hacker attacks our systems. It is not meant to be exhaustive as the subject matter is very broad. In short the best cure for any kind of attack is a good prevention plan coupled with knowledge, caution and good anti-virus software!



Click here to go to My Favourite Links Page

 


Return to HomePage