Re: Event Viewer Security Logs: Intruder Detected

From: Roger Abell [MVP] (mvpNoSpam_at_asu.edu)
Date: 07/09/03 

Date: Tue, 8 Jul 2003 23:49:23 -0700

You know, before they get in they do not know that you
have "nothing anyone would want". At that point you are
just an IP. It is possible with the tools to make the account
and SAM (domain) appear to be whatever one wants.
Whether your machine has now one IP, and later a
different IP really makes no difference. As long as
it has an IP they will find it in a scan if it responds.

I reread your post an note that, as you say, at the end
you mention that you "have since turned on the firewall"
but you did not really say that the events continue to be
logged after that.

And, BTW, real cracks do go after home user machines.
There were recently reports by Sans and others of concern
that large numbers of home machines have been penetrated
and implanted, awaiting a trigger. 

-- 
Roger
"T-Rex" <Virii_Man@hotmail.com> wrote in message
news:048701c34377$69e6d2d0$a101280a@phx.gbl...
> Well... I thank you for your help, Roger Abell, though I
> fail to see how you interpretted that I think me and my
> machine are "special". As a matter of fact, I noted how
> UNspecial my machine was when I said that real hackers DO
> NOT bother with home users. My machine is by no means an
> inticing target for I have nothing anyone would want. And
> as for a firewall... which seems to have been suggested
> by everyone in reply to my post... I noted at the end of
> my post that I HAVE enabled my firewall and it HAS
> thwarted these attempts. I do appreciate your advice and
> information, and thanks. And yes, to those that believe
> it's one person doing this even though the attempts are
> coming from 22 different domains, I know this... and even
> stated that in my post. Sorry for the attitude, but
> please concider the replies I received.

Relevant Pages

  • Re: Putting server on the internet or not
    ... If you are a home user, ... >> on the internet trying to access my machine via SSH. ... > firewall can be good but you will need to spend more time researching ... >> I'll bet Scot has a generator though. ...
    (Fedora)
  • Re: The importance of Securing Your Home Computer
    ... are a lot of people who just aren't computer security experts. ... I'd start with an external firewall box. ... A cheap NAT box is much better than nothing for a home user. ... You can do the same thing with an external firewall box and teaching the user ...
    (comp.security.firewalls)
  • Re: Windows firewall GPO
    ... kj [SBS MVP] wrote: ... You'd have to exclude their computer from that policy. ... have two firewall products active ... It's a home user with SBS, ...
    (microsoft.public.windows.server.sbs)
  • Re: is this practicel- separate puter for int access?
    ... > I am quickly coming to the conclusion that cable access for a home user is ... > never going to be 'safe' regarding privacy and malicious subversion. ... > cheaper webbox could run a simple firewall and AV background scanning. ... > available to the network connection. ...
    (comp.security.firewalls)