Computer attacks

[INAZ]

What is the name of your state? AZ

My home computer has been under attack from a company in FL that poses as a "public service" website, but launches hundreds of Newtear attacks daily on computers. I have logged all of them, so the site has been identified and actions of whomever is responsible is not in debate. I have complained to the site and the ISP and have gotten no satisfaction from either. I am wondering what kind of action I can take to get this party to stop. I would guess they're attacking computers across the country in addition to mine, but the frequency of attacks is disruptive, harassing, and creates a great deal of angst within us.

 

[HomeGuru]

What is the name of your state? AZ

My home computer has been under attack from a company in FL that poses as a "public service" website, but launches hundreds of Newtear attacks daily on computers. I have logged all of them, so the site has been identified and actions of whomever is responsible is not in debate. I have complained to the site and the ISP and have gotten no satisfaction from either. I am wondering what kind of action I can take to get this party to stop. I would guess they're attacking computers across the country in addition to mine, but the frequency of attacks is disruptive, harassing, and creates a great deal of angst within us.

**A: change your ISP, email account etc.

 

[stephenk]

dont you have a firewall on your computer?

 

[HomeGuru]

No, only drywall.

 

[INAZ]

I do have a firewall and it intercepts and logs all the attacks. A warning message is posted on my screen with each attack -- hundreds per day disrupting whatever it is I'm doing. I've constantly changed my password; the attacking program finds the new password within minutes and re - launches attacks. I lock the IP of the attacking computer out, but according to my firewall it has about 30,000,000 ports from which it can launch. I don't feel that I should have to change ISP and genuflect to cyber - terrorism that illegally harasses, disrupts interstate commerce, and induces considerable emotional distress. I am doing nothing wrong or illegal; this business is.

 

[HomeGuru]

I do have a firewall and it intercepts and logs all the attacks. A warning message is posted on my screen with each attack -- hundreds per day disrupting whatever it is I'm doing. I've constantly changed my password; the attacking program finds the new password within minutes and re - launches attacks. I lock the IP of the attacking computer out, but according to my firewall it has about 30,000,000 ports from which it can launch. I don't feel that I should have to change ISP and genuflect to cyber - terrorism that illegally harasses, disrupts interstate commerce, and induces considerable emotional distress. I am doing nothing wrong or illegal; this business is.

**A: Ok, you are absolutely right. You should not have to change ISP etc. Good luck with the status quo.

 

[oberauerdorf]

Give me your I.P address and I'll stop them

 

[r14834]

The machine in question is most likely a zombie on a botnet "an ircd with hundreds of hacked computers doing what the hacker tells them to do". The owner probably has absolutely no idea what is happening. When their isp calls to say stop it, they're probably just as freaked as you, the isp then assumes they're a newbie and could never possibly concieve such attacks and leaves them alone.

My suggestion would be to tell them to change you to a dynamic ip instead of static. Dynamic IP's change everytime you reset you're modem. Static ip's never change. It's harder to hit a moving target. If they're targeting you specifically "which I doubt" keep logging the ip and keep reporting, otherwise you cant do anything.

Until you have guarenteed proof that the user caused damage to you're computer or files. You cant do anything. Under gov law the FBI can't persue any legal action until there has been 5,000 dollars worth of damages, and even then they may not want to waste the time or money persuing one of millions that are reported for such activity a year.

As for the dns response on the IP I doubt it's truely what it says it is, could be just a hop station.

Not really much you can do, sorry to say. Be sure to keep you're anti virii up to date "Nav 2k4 is my suggestion, Mcaffee is fine, anything else forget about it". Also check you're system services and processes list for anything funny. You may have been hacked already.

Private msg me for tools and instructions on how to do this if you need it. Some "kits" wont show up in you're processes list, but there are other ways to tell.

Good Luck.

 

[krispenstpeter]

Some "kits" wont show up in you're processes list, but there are other ways to tell.

Want to bet???

 

[Mi1]

If you say "it finds the new password within minutes" and you are using a "strong" password, then you are hacked. there must be a back door on your machine broadcasting it's existence. As suggested, I would take immediate steps to clean your computer, not just with McAfee, get the tools r14834 is offering ... let's hope he is not a hacker to! ...j/k R

 

[I AM ALWAYS LIABLE]

How about "SpySweeper" and "The Cleaner"?

IAAL

 

[krispenstpeter]

And make sure you check out the open ports, especially 65000 which a few of my friends utilize....

 

[Whyte Noise]

How about "SpySweeper" and "The Cleaner"?

IAAL

Spysweeper detects and removes sypware on your computer.

The Cleaner is a nifty little tool for detecting and removing trojans on your computer.

SpyBot and AdAware are also a good ones to detect and get rid of spyware.

If the "spammer" is detecting the new password like the OP says, then he would be well advised to download and run The Cleaner. One open port is all it takes for someone to get into your machine.

He also needs to get a good firewall. I personally run Zone Alarm Pro. If his firewall is "reporting all attacks" yet the person is still acessing his machine, then his firewall isn't worth crap. Any good firewall will make your open ports invisible to any potential attackers. If you don't have any "open ports" then, there's no avenue for someone to get into your comp. A decent firewall "cloaks" your ports to make you appear offline even when you aren't. If you get a ping to your machine and it shows an open port, guess where the other person is going to go to?

Someone pinging your machine won't let them in, but it will tell you which door is open and unlocked. After that, it's a free-for-all.

 

[INAZ]

Yikes!!!!!! Thanks to everyone. I thought I was fairly computer literate, but the technology apparently has passed me by. I've been researching some of the terms, systems, programs, etc., I've been reading as responses to my original post and I have a lot of homework to do. I've started with the an evaluation of the security of my system and installed anti - spyware and I have a lot of things to learn before I'm even on the same page as those of you who have responded in computereze. Many thanks.

 

[krispenstpeter]

He also needs to get a good firewall. I personally run Zone Alarm Pro.

Sorry MG but I had to laugh at that one. Want to know how long it took my "BUDDIES" to crack that program and bypass the firewall protection?

By the way, All firewall software sold in the U.S. have a maximum of 64 bit encryption of passwords. The last program I wrote for my ex employer had 256 bit encryption.

And anything over 128 bit encryption is illegal in the U.S. unless it gets NSA approval which it won't