Prevent determined intrusion attacks ?
From: Sidhe (siduhe_at_netscape.net)
Date: 18 Nov 2003 04:38:21 -0800
Hi, bit of a newbie question, but I've had a good search on the groups
and can't find anything directly on point.
I run a personal computer, Windows XP, use Windows Update
(reluctantly) with Norton Internet Security 2003 installed and
updated. I have a broadband ADSL connection. As you will know, NIS
detects and records instrusion attempts and provides a record of the
IP address which probed your system.
In the last four or five days I been getting very frequent attacks
from one source. It's a dynamic IP, based in Israel (although the
address could be "borrowed") and keeps changing (to get around the
fact that NIS blocks any particular IP address which triggers an
alert). I believe it's actually targetting me, rather than being a
random sweep, because I get my first alert within 30 seconds of
logging on, and then consistent alerts every 5 minutes or so - similar
but not identical IP address.
NIS tells me it's blocking the attempts, but, of course, no system is
perfect. I also noticed when I logged onto my e:mail this morning,
that Outlook appeared to send an e:mail when I hadn't drafted one, and
when I checked Sent Items there was nothing there. I'm guessing this
means I may have already been hacked. There's nothing special on my
computer, just the usual amount of personal information which I would
prefer to keep to myself !
Does anyone have any ideas what a reasonably computer literate (but no
specialist) person can do to deal with this kind of determined attack
? I've resorted to unplugging my modem, but wondered if there is a