Hackers

Yes, be careful

I had experience those attacks several times. I think is the same IP address from where the attacks to my computer came. I?ve tracked the source down and those attacks came from someone located in California. Once I got the Name, The Address and email of the hacker. :angry:

Tht, if you have DSL, the person who has your password is still able to connect via dial up. Anyway, if he isn`t interested in connecting to the net for free, he can check your e-mail. I recommend you to download zonealarm from www.download.com .It`s a great firewall.

Sorry guys,

According to http://ww1.arin.net/whois/ this IP is a Codetel IP in Santo Domingo; but I admit I may be a bit inexperienced at interpreting the generated data when I plug in an IP. If anyone else has a better insight please let us all know.

Gregg

P.S. - For the Americas use http://ww1.arin.net/whois/ ; for the Pacific use http://www.apnic.net/apnic-bin/whois.pl ; for Europe use http://www.ripe.net/perl/whois and for Korea use http://whois.nic.or.kr/english/index.html

Greg

Is correct. That is a Santo Domingo registered IP address.

Tom (aka XR)

IP

Here is some info, someone has obviously complained about a hostile act performed with your user Id. The ISP address is definitely Codetel but I assum that is your provider what was the other unknown ISP?

The person who said zomealarm was great has a lot to learn, the free issue of ZA does stop some malicious traffic but is only a shell of the real thing and lots of stuff can get through. If you try to uninstall ZA it will keep popping back to a ZoneAlarm webpage telling you some files are missing, it will not totally unistall, they want you to buy their Pro version.

Norton Internet Security is the best on the market.

Even if you are on all the time as you say, someone did a port scan got into your computer and worked in the background as you surfed the net and used your ISP and ID.

One problem you have is that Codetel uses direct allocation to their servers and you are always assigned the same net range, tracing your hacker even further can be done but with great difficulty. You say you are behind a firewall, which one?
Changing passwords will not help if you are online when hacked.

Was it MATSON_D? I had that all over here last week. Infected things about the times you mentioned. Came from Kazaa I think from a computer my wife and her sisters use but spread all over the network. Sent e-mails back to the hacker with passwords, etc. and also created admin priveleges for itself on the netwrok. Big mess.

Tom (aka XR)

Kazaa

Kazaa has to be one of the top virus sources in the world just now. Hackers favor it because it is a highly efficient distribution vehicle. I would never use a machine I own to connect to Kazaa. I occasionally pull Kazaa content, but I use a public machine and scan the content before using it. I rarely use any Kazaa content on machines I own.

Kazaa Crapzaa

A virus breeding ground, if you want files that are good use winMx, no virus' there downloads are scanned by Norton or Mc Afee when they come in and no spyware either.

Hey!

I have Norton Firewall installed in my computer, and as I stated in my prior post, I have had several attacks. Norton Firewall has a tracking feature and every time I have run it , has pinpointed a town in California as the source of the attacks....

The IP address that Norton Firewall blocked was very alike to the one posted here...so now I`m confused

The attacks being felt here in the DR from California should gradually decrease now that the Schwarzenegger-Davis fight is over. However watch out for more malicious worm slinging with each passing huelga as the Dominican Leonel-Bald Hippo hack attack heats up.

Tom (aka XR)

So instead of "I`ll be back" virus we are going to have the "excusame de nuevo" virus?:devious:

Re: Hey!

calamardoazul said:

I have Norton Firewall installed in my computer, and as I stated in my prior post, I have had several attacks. Norton Firewall has a tracking feature and every time I have run it , has pinpointed a town in California as the source of the attacks....

The IP address that Norton Firewall blocked was very alike to the one posted here...so now I`m confused

Click to expand...

Re: Hey!

calamardoazul said:

I have Norton Firewall installed in my computer, and as I stated in my prior post, I have had several attacks. Norton Firewall has a tracking feature and every time I have run it , has pinpointed a town in California as the source of the attacks....

The IP address that Norton Firewall blocked was very alike to the one posted here...so now I`m confused

Click to expand...

I tracked the IP address given it does refer to an origin in California, the hacker starts in California on a fake DNS, highjacks a computer connects down the line with Codetel and then highjacks the original poster computer. Hackers may go through multiple networks until they can highjack someone. Here is the information on the tracking. It may be greek to a lot of people.

3 130.152.180.21 5.317 ms isi-1-lngw2-atm.ln.net [AS226] Los Nettos origin AS
4 4.24.4.249 8.869 ms gigabitethernet5-0.lsanca1-cr3.bbnplanet.net [AS1/AS3356] GTE Internetworking / Level 3 Communications North America
5 4.24.4.2 9.733 ms p6-0.lsanca1-cr6.bbnplanet.net [AS1/AS3356] GTE Internetworking / Level 3 Communications North America
6 4.24.5.49 9.440 ms p6-0.lsanca2-br1.bbnplanet.net [AS1/AS3356] GTE Internetworking / Level 3 Communications North America
7 64.159.4.25 8.774 ms so-5-2-0.bbr1.LosAngeles1.level3.net [AS3356] Level 3 Communications North America
8 209.247.10.198 9.929 ms pos8-0.core2.LosAngeles1.Level3.net [AS3356] Level 3 Communications North America
9 64.152.193.82 7.440 ms att-level3-oc48.LosAngeles1.Level3.net [AS3356] Level 3 Communications North America
10 12.123.28.197 6.331 ms gbr6-p90.la2ca.ip.att.net (DNS error)
11 12.122.11.141 8.762 ms tbr1-p013601.la2ca.ip.att.net (DNS error)
12 12.122.10.49 36.867 ms tbr1-p012101.n54ny.ip.att.net (DNS error)
13 12.122.2.90 66.457 ms tbr2-cl1.attga.ip.att.net (DNS error)
14 12.122.9.157 65.353 ms tbr1-p012501.attga.ip.att.net (DNS error)
15 12.122.12.122 73.403 ms gbr4-p10.ormfl.ip.att.net (DNS error)
16 12.123.200.237 81.937 ms gar1-p360.miufl.ip.att.net (DNS error)
17 12.118.175.14 82.042 ms DNS error
18 196.3.74.1 116.937 ms DNS error [AS6400] CODETEL
19 196.3.74.46 118.460 ms DNS error [AS6400] CODETEL
20 196.3.74.29 118.841 ms DNS error [AS6400] CODETEL
21 172.22.192.131 119.093 ms DNS error
22 172.22.192.131 119.138 ms DNS error

Confusing to say the least

I'm so happy I use a Mac and I'm slowly moving our complete business to Apple. None of this virus and trojan BS!

If you haven't used OSX 10.3 on an Apple, I suggest you take a look, it's a killer OS.

I have been a PC person for 20 years and hated Macs, but in the last year, Apple has changed all that for me.