Constant Hacking Attemps - Pacific Bell DSL customer
From: Neko (Neko@nospam.com)Date: 02/06/02
- Next message: Brian: "Re: Sygate, ICS & XP"
- Previous message: misase_kim: "Re: ZA Alerts, type DNS"
- Next in thread: Valdis Kletnieks: "Re: Constant Hacking Attemps - Pacific Bell DSL customer"
- Reply: Valdis Kletnieks: "Re: Constant Hacking Attemps - Pacific Bell DSL customer"
- Reply:(deleted message) L. Walker: "Re: Constant Hacking Attemps - Pacific Bell DSL customers"
- Reply:(deleted message) Tilman Schmidt: "Re: Constant Hacking Attemps - Pacific Bell DSL customer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Neko <Neko@nospam.com> Date: Wed, 06 Feb 2002 04:59:53 GMT
x-no-archive: yes
I have basic dsl service from Pacific Bell in California with a
dynamic IP address. I use ZoneAlarm Pro as a for Firewall and just
installed Zone Analyser to review my logs. I was recently reviewing
old ZoneAlarm logs with Zonelog as far back as 2000 (ok, I was bored
and I had new toy) and found I've been attacked at min.4 times a day
and up to 10 times daily.
The attacks are coming from China, Germany, France, Russian, Korea,
Taiwan + AOL, Pacbell and it's partners + other US sites (including
Petfood Direct!).
What can be expected from an ISP to keep hackers coming through their
Firewall? Can't they afford Checkpoint? <grin> I've been report these
attempts to the Network Admins of the offenders with good feedback and
several machines removed from networks (an .EDU in New Mexico).
Pacbell only sends an auto-reply to my report.
What is Zone Alarm NOT protecting? At one point I was running Black
Ice Defender + Zone Alarm.......Is Zone Alarm enough?
The firewall is stopping these hacking attempt::
Port: 1394 (GoFriller, Backdoor G-1
Porrt: 31337 (Back Orifice "elite")
Port: 28431 (Hack-a-tack)
Port: 137 (NetBIOS, name service, nbtstat)
Port: 139 (NetBIOS, File and Print Sharing)
Port 12345 (Netbus)
Port: 20034 (Netbus2pro)
Port: 1035 (Multidropper)
Port: 1807 (SpySender)
Port: 1097 (RAT)
Port:s 1080, 1082 (WinHole)
Port: 1966 (Fake FTP)
Port: 1969 (OpC BO)
Port: 21 (FTP)
Port: 53 (DNS)
Port: 1243 (Sub-7)
Port: 27374 (Sub-7
Scans:
Port: 111 (sunrpc, portmap, rpcbind)
Port: 23 (Telnet)
Port: 1049 (sbin/initd
Port: 5632 (pcAnywhere)
Port: 515 (Linux)
- Next message: Brian: "Re: Sygate, ICS & XP"
- Previous message: misase_kim: "Re: ZA Alerts, type DNS"
- Next in thread: Valdis Kletnieks: "Re: Constant Hacking Attemps - Pacific Bell DSL customer"
- Reply: Valdis Kletnieks: "Re: Constant Hacking Attemps - Pacific Bell DSL customer"
- Reply:(deleted message) L. Walker: "Re: Constant Hacking Attemps - Pacific Bell DSL customers"
- Reply:(deleted message) Tilman Schmidt: "Re: Constant Hacking Attemps - Pacific Bell DSL customer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
