I think someone Tried hacking me..

First just so you know , i used to have over 2000 points but from what i hear the DB crashed and i have to re do them…

Last night I was doing some research, mostly on wikipedia and made a stop at the cia world fact book…

Then it got interesting..

My Norton's Internet Security alerted me to a hacking attempt on my computer, i was intrigued so i looked at the history. Apparently someone was running a Nmap xmas scan on my open ports..

I was curious as to who was trying to scan my ports and did a whois search on the attacking ip… then this where the plot picks up

the who is search yielded some results and the general location came from Herndon, VA.. if you don't know.. that is about 10 miles away from DC.

Still intrigued, i ran a trace route to see the server hops and right after the hop from Bloomfield CO.. to VA all my requests were timed out..

wait.. there's more..

Puzzled, i took a moment to think and noticed my computer was doing something heavy in the background. Upon investigating I discovered multiple Ip's from different locations trying to connect thru a few ports i had forwarded to my computer. I logged into my router and shut that down.

After searching my norton's activity log i found that during that time there were multiple attempts to alter my nortons definitions by a network service.. luckily they were all stopped before they could..

it may be a hunch but i think someone tried hacking me… I'm still trying to get information as to who it was, if anyone can offer some advice that would be great.

haven't logged on in awhile so i don't know the rules about posting ip's here, but i can post my logs if it is ok

Cracker_Jax wrote: First just so you know , i used to have over 2000 points but from what i hear the DB crashed and i have to re do them…

What the fuck does that have to do with the price of tea in China?

My advice:

1. Nmap yourself and see what ports are still open. If any, close them.
2. Put your logs on a separate CD in case something happens to your computer.
3. Remove any programs on your computer that seem suspicious or can cause security risks (Ex: Cain and Abel (Abel is actually a Trojan)
4. Remove any financial information from your computer like credit card numbers, bank accounts etc…
5. If you want to be creative, you can create "honeypots" (harmful viruses in this case) on your computer and give them names like "paypal account.txt" or "financial data". If you still do get hacked somehow, the attacker will most likely see that (if put in an obvious place) and will download it from your computer. When they open them ….. well, you know.

well i felt the need to say it.. not so happy about it

My advice:

1. Nmap yourself and see what ports are still open. If any, close them.
2. Put your logs on a separate CD in case something happens to your computer.
3. Remove any programs on your computer that seem suspicious or can cause security risks (Ex: Cain and Abel (Abel is actually a Trojan)
4. Remove any financial information from your computer like credit card numbers, bank accounts etc…

that's good advice, i already backed up the logs and i actually wasn't running any security risky stuff like cain and able..

I just re-checked my logs and it seems that they are still trying to access my computer.. nortons is still blocking them so..

sounds to me like you have the case of Skid Work here.

You have a Script Kiddie trying to gain access by shitty tools that get them no where.

Just my thoughts. Nothing much to worry about. Just log their IP, report it to their ISP and sit back :)

The Tree Bird Knows All Do As The Tree Bird Says.

already did :D

Of course you could always attempt to hit the person back…but then they could do the same to you. :evil::matey:

haha you could just leave a message on their computer saying "If you try and hack me again I'll report you to the cops" or something like that. Haha scare him away with your uber skills :P

also I doubt e would report that to the cops :P

well i think they are still trying… so maybe the game isn't over just yet

would it be a little much if.. well say I…

-S <www.fbi.gov>?

:D:D:D

You would not notice a government intrusion. You probably have a trogen or rootkit installed by default, and this would be a very resiliant battle program (multiple layers of encryption, cleverly hidden, small, etc).

Because hacking trends show that hackers now try to be more subtle, I suggest you follow good practice and conduct a full partition on your HD if you care at all about what is on it. (EDIT: that would be good practice anyways)

That being said, you are on your own if someone fucking hacks you. There is no need at all to talk about it. In fact, It can be very damaging if you talk about it.

Just assume that anything you have exposed is "hacked". and half the stuff that isnt.

PS, me think you SKid :D. But don't worry, we all are here.

Dex Poet I believe Jax meant report them to the FBI not saying the FBI is "hacking" him because if the FBI was trying to access your computer I don't think Norton is the racehorse to bet on winning if you get my drift.

Dex Poet I believe Jax meant report them to the FBI not saying the FBI is "hacking" him because if the FBI was trying to access your computer I don't think Norton is the racehorse to bet on winning if you get my drift.

oh. Well, it's not up to me then. But again again, talking about it could hurt.

i think if they keep going at it in a loud way then they are obviously skid and just want to get in. i don't know how the ports thing works so don't quote me on this but could you make it so that anything they might try to send you loops back at them

fallingmidget wrote: i think if they keep going at it in a loud way then they are obviously skid and just want to get in. i don't know how the ports thing works so don't quote me on this but could you make it so that anything they might try to send you loops back at them

quotes

But eh? I guess he could set up an extra box then ARP poison his normal pc and redirect all unapproved traffic right back. But yeah..

There really are a few options here. If his ISP is doing nothing then please contact me via MSN or AIM and I will talk to you about some of your other options.

I think you should install an IDS on your computer, the best one would be snort, but you have to do some editing yourself for it to work efficiently.

There are tutorials about how to do it, and I have a book about IDSs and configuring either SNORT or tcpdump (depends on what you use).

B) i dont think it was something like hacking what i think is theres some kinda worm in ur pc :ninja::ninja:

Sounds like a Skid. If I were you, I would be safe, but dont over do it, cause their just trying to have some fun, and will probably quit once they figure out you need to have actual knowledge to "hack"

Yeah, it was a skid.. though I'm not too worried about him.

i think he learned the lesson of never enabling the remote management on his router.

lmao