The UK Home Automation Archive

Archive Home
Group Home
Search Archive


Advanced Search

The UKHA-ARCHIVE IS CEASING OPERATIONS 31 DEC 2024

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: OT: IP Address & Frewall

  • To: <ukha_d@xxxxxxx>
  • Subject: RE: OT: IP Address & Frewall
  • From: "Keith Doxey" <ukha@xxxxxxx>
  • Date: Sat, 8 Dec 2001 13:30:19 -0000
  • Delivered-to: mailing list ukha_d@xxxxxxx
  • Mailing-list: list ukha_d@xxxxxxx; contact ukha_d-owner@xxxxxxx
  • Reply-to: ukha_d@xxxxxxx
Hi Ken,
 
That IP address is on or the ranges used by BTInternet. As such it only belongs to the attacker for the duration or his connection (2 hours if he is lucky). Unless revenge can be taken at the time of attack you are likely to be as guilty as he is if you try anything now as some totally innocent person could now be using that IP address, for instance at this point intime I am sitting behind 213.122.174.39 but by the time you read this I will have changed it.
 
People on ADSL and cable tend to hold the same IP address for longer and some people are fortunate* enough to have the same IP address permanently which makes accessing your PC remotely a doddle.
 
*Unfortunate if you dont want to access your PC remotely and you dont want someone to keep making sustained attcaks against you.
 
If an attacker concentrates solely on one IP address he will get different people at different time but what they tend to do is scan the range they themselves have been allocated. eg. If I was attempting to hack right now I would try all addresses in the range 213.122.xxx.xxx
 
Keith
-----Original Message-----
From: Kenneth Watt [mailto:kennwatt@xxxxxxx]
Sent: 08 December 2001 00:02
To: ukha_d@xxxxxxxSubject: [ukha_d] OT: IP Address & Frewall

Guys,

 

I only ask this in here because I know that somebody will know the answer and be able to explain what I should do about it.

 

My PC has been being snooped by some crafty little bugger but Norton Personal Firewall stopped the intrusion and has given me the IP address of the local address and the remote address. Now, more for my own curiosity rather than being nasty (…would I *best angelic look*) I would like to find out who it is but I don’t know how I would do this and I would like to learn how to resolve this and find this stuff out, plus this clown has now tried this two nights on the trot.

 

Really I just want to learn more about the way the net works with IP addresses and suchlike, like I said, I’m curious.

 

The log I got is this:

 

Date: 07/12/2001 Time: 21:21:13

Rule "Default Block Hack 'A' Tack Trojan horse" blocked (213.121.70.35,31789).  Details:

Inbound UDP packet

Local address,service is (213.121.70.35,31789)

Remote address,service is (213.1.166.88,31790)

Process name is "N/A"

 

Any pointers any of you can give would be great.

 

BTW, thank you all for the nice comments about the new arrival, much appreciated, so much so even Tracey says thanks and she thinks I spend far too much time reading e-mail! ;-)

 

K.



For more information: http://www.automatedhome.co.uk
Post message: ukha_d@xxxxxxx
Subscribe:  ukha_d-subscribe@xxxxxxx
Unsubscribe:  ukha_d-unsubscribe@xxxxxxx
List owner:  ukha_d-owner@xxxxxxx

Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.

Yahoo! Groups Sponsor
ADVERTISEMENT

For more information: http://www..automatedhome.co.uk
Post message: ukha_d@xxxxxxx
Subscribe:  ukha_d-subscribe@xxxxxxx
Unsubscribe:  ukha_d-unsubscribe@xxxxxxx
List owner:  ukha_d-owner@xxxxxxx

Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
Home | Main Index | Thread Index
Comments to the Webmaster are always welcomed, please use this contact form . Note that as this site is a mailing list archive, the Webmaster has no control over the contents of the messages. Comments about message content should be directed to the relevant mailing list.