Thanks shnOriginally posted by shn@1 February 2004 - 18:52
The Art of Port Scanning doc is already probably on your system.
file:///usr/share/doc/nmap-3.48/nmap_doc.html you can paste that into a browser and it will come up.
Your version might be different if so you can alter that.
And no its not the -sS. Its going to be more than just one option passed to it for an undetectable scan. The decoy option works as well.
What happended here in my absence, holly like 1000 ppl posted
btw: go HERE to download the program and disable any thing related to ur prob.
if u already disabled it, then try to block svhost.exe ( Generic Host Proccess for win32 services) in sygate personal firewall and it SHOULD stop, because it is the only way that M#### F#### harcker can make the attack work. You should not be SCARED at all, because ur firewall is doing it's job. I c that u could track the person and even know his/her name, so that means it is some inexperienced moron who is trying to launch the attack.
Click the longhorn icon to visit my website.
<span style='color:blue'><span style='font-size:8pt;line-height:100%'> You try Everything in my/our post(s) at YOUR own risk. I/we do not take responsibily for damages, caused by the post(s). Clicking on/or modifying anything in here is not permitted. Whoever edits my sig is a pussy.</span></span>
::::::::::::::::::::::::::::::::::::::::
alright, sorry about the wait was out. can you get the guys name so i can go light his house on fire? j/kOriginally posted by supersonic@1 February 2004 - 22:40
What happended here in my absence, holly like 1000 ppl posted
btw: go HERE to download the program and disable any thing related to ur prob.
if u already disabled it, then try to block svhost.exe ( Generic Host Proccess for win32 services) in sygate personal firewall and it SHOULD stop, because it is the only way that M#### F#### harcker can make the attack work. You should not be SCARED at all, because ur firewall is doing it's job. I c that u could track the person and even know his/her name, so that means it is some inexperienced moron who is trying to launch the attack.
i got safe xp did what i could... i don't know much about firewalls as you can tell.. how do i block svhost.exe?
thanks sooo much
you said "and the weather box says its in 'kentville, ns'" does that mean i live in kentville or does the hacker? because i do live very near kentville, 5 min drive. it could be a friend?Originally posted by LSA@1 February 2004 - 19:58
I scanned the punk ass and here are some interesting ports that came up open:
1025/tcp open NFS-or-IIS
5000/tcp open UPnP
I tried to connect to it on http since IIS was open but 'connection refuesed'
this is also wierd
Interesting ports on dhcp-0-2-3f-8a-fb-4d.cpe.xcountry.tv (24.222.28.234):
(The 985 ports scanned but not shown below are in state: filtered)
huh...dhcp server?
go to http://www.xcountry.tv/ and the weather box says its in 'kentville, ns'
Open the main window in the firewall>Under Running applications>you will see a list or icons or thumbnails whatsoever>choose "Generic host process for win32 services>right click and selct BLOCK
it is so easy u should identify the name so easily. If u can do that, then tell me so we try another way.
no problem
<span style='color:blue'><span style='font-size:8pt;line-height:100%'> You try Everything in my/our post(s) at YOUR own risk. I/we do not take responsibily for damages, caused by the post(s). Clicking on/or modifying anything in here is not permitted. Whoever edits my sig is a pussy.</span></span>
::::::::::::::::::::::::::::::::::::::::
sorry about all the screen shots, but i want to make sure i'm doing this right. is this right?
thanks again
Excelent!!
you could've dont it in easier way, but u actually did it anyway.
Now the sucker can do his/her evil d33ds
the block might affect some sites where u recieve P cannot b display, but u can unblock the service whenever u like. The attacker is unprotected himself, not even with a firewall, because u could backtrace him and findout his name
u can report him to his ISP if u like.
no problemo.
<span style='color:blue'><span style='font-size:8pt;line-height:100%'> You try Everything in my/our post(s) at YOUR own risk. I/we do not take responsibily for damages, caused by the post(s). Clicking on/or modifying anything in here is not permitted. Whoever edits my sig is a pussy.</span></span>
::::::::::::::::::::::::::::::::::::::::
so i'm good and safe? i hope that f*ucker is having fun now
thanks alot boys don't know what i would do with out you!!
<span style='color:blue'><span style='font-size:8pt;line-height:100%'> You try Everything in my/our post(s) at YOUR own risk. I/we do not take responsibily for damages, caused by the post(s). Clicking on/or modifying anything in here is not permitted. Whoever edits my sig is a pussy.</span></span>
::::::::::::::::::::::::::::::::::::::::
you said "and the weather box says its in 'kentville, ns'" does that mean i live in kentville or does the hacker? because i do live very near kentville, 5 min drive. it could be a friend? [/b][/quote]Originally posted by scottwile+1 February 2004 - 20:54--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (scottwile @ 1 February 2004 - 20:54)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin-LSA@1 February 2004 - 19:58
I scanned the punk ass and here are some interesting ports that came up open:
1025/tcp open NFS-or-IIS
5000/tcp open UPnP
I tried to connect to it on http since IIS was open but 'connection refuesed'
this is also wierd
Interesting ports on dhcp-0-2-3f-8a-fb-4d.cpe.xcountry.tv (24.222.28.234):
(The 985 ports scanned but not shown below are in state: filtered)
huh...dhcp server?
go to http://www.xcountry.tv/ and the weather box says its in 'kentville, ns'
no thats just something i saw from his isp's site...i dont know
and i see that you are blocking svchost.exe
http://www.blackviper.com/WinXP/servicecfg.htm
I don't think you should
Posting Permissions
Reply With Quote
Bookmarks