trojan's

[Matthew Carpenter]

If you prefer the more active, yet still netizen-kosher approach:

www.hexillion.com

Type in the IP Address at the bottom and the resulting information should list one or more email addresses of individuals responsible for that NetBlock.  Complain to them.  Either they will ignore you, or they will investigate.  "whois" also does this but since there are several registries and hexillion does a nice job.  I have had scripts run to identify naughties in firewall logs and trigger an email to the people responsible.  Some ignored me, but many called or emailed back and it generated a lot of good.  Some hacking attempts are actually zombies and administrators are interested in how to track down and kill them.  I met a lot of people this way, most of whom didn't have a clue but were willing to learn.  If you are polite and helpful, this does a lot for the Internet community, as well as your reputation, and that of Linux since Linux will most likely find its way into the conversation.

There have been many times that retaliation sounded great, but unfortunately you never know what innocent victim you may be killing since most naughties are done from previously compromised systems.  


On Sat, 12 Jul 2003 22:45:50 -0700 (PDT)
Ines Quinonez <vlsk420 at yahoo.com> wrote:

> Are trojans just a program i got this message i was gonna try to see who this persoon is but then again it might just be some one hacking someone then frome that station hacking me......
>  
> FIRE WALL MESSAGE::64.166.42.210 blocked for 30 minutes
>    Security Alert!
> "default block Backdoor /Sub seven ...."
>  
>  
> What do u suggest to do when i get these type of messages frome my firewall?
>  
> Should i go @ it and show em what im made of ..or just IGNORE IT?
>  
>  
>  
>  
> Sincerely ......J.M.A.    
> 


-- 
Matthew Carpenter
matt at eisgr.com                          http://www.eisgr.com/

Enterprise Information Systems
*Network Consulting, Integration & Support
*Web Development and E-Business