Re: Wish list

On Wed, 30 Nov 2005, in the Usenet newsgroup comp.os.linux.security, in article
<4qGdnRaAdahI_hDenZ2dnUVZ_sOdnZ2d@xxxxxxxxxx>, Newsbox wrote:

>>> I would like to be able to parse my firewall listings of all the
>>> unsolicited traffic I receive, and be able to easily determine just what
>>> supposed or possible vulnerability some criminal creep was trying to find
>>> or exploit when each was sent.

Keep that last part in mind

>>> I would then like to know exactly what trojan, virus, worm or other
>>> malware on a zombie host would be sending those packets,

windoze malware du jour

>> how (if possible) to directly contact the host

man whois but it's HIGHLY unlikely you'll contact the responsible party.

>>> how to exploit any such known vulnerability to stop the zombied host from
>>> further attacking me and others.

Get your dictionary out, and look up the word "vigilante", then contact your
lawyer and see how you would be considered differently from the "criminal
creep" you referred to above. Got any kids? Does the younger one saying
that the older one started it (or vice versa) make any difference when you
are disciplining them for doing something st00pid? Watch NFL football?
Ever notice how often it's the idiot who retaliates who draws the flag, not
the instigator?

>What for example are these:?
>port 2 udp
>port 1026 udp

RFC0768 User Datagram Protocol. J. Postel. Aug-28-1980. (Format: TXT=5896
bytes) (Also STD0006) (Status: STANDARD)

Short and sweet - then do a little research on Messenger spam at google,
and discover how the spammers are spoofing source IP addresses. Your
counter-attack would probably be aimed at an innocent party, who might NOT
be as foolish as you, and complain directly to your ISP.

>Sorry, but I don't think you got the "gist" of my request.

We do. Your firewall is blocking this *** - IGNORE IT. You are not the
mighty avenger who is going to clean up the world.

Old guy
.