Some1 Is Trying

**toco004** · 03-20-2004, 08:40 PM

im using norton

**leftism** · 03-20-2004, 08:42 PM

@toco004

The best thing to do is send an email to his ISP giving them all the relevant details concerning the attacks and ask them to look into it.

Originally posted by LSA
Someone stomp this mother fucker!!

With all due respect dude use a little common sense.

This guys box could have been hacked and could be being used by someone else as a platform to carry out further attacks.

The fact that the guy is infected with netbus shows that this could be the case.

Fair enough... it could be some clueless Brazilian script kiddie who's infected himself but you don't know that for sure so you shouldn't encourage aggressive action.

**baccyman** · 03-20-2004, 08:43 PM

sometimes i get scans when i am using a p2p app other times i get scanned when the comp has been idle . it can happen anytime . i use sygate with the ip blocks from peer guardian as special rules updated a few days ago . and if i use kazaa i dont show my files . i share files but dont show them that way i hope the riaa and others dont get any screenshots of what i am sharing.

**toco004** · 03-20-2004, 08:44 PM

Originally posted by leftism@20 March 2004 - 20:42
@toco004

The best thing to do is send an email to his ISP giving them all the relevant details concerning the attacks and ask them to look into it.

ok ill do that

**Marius24** · 03-20-2004, 08:45 PM

Originally posted by toco004@20 March 2004 - 19:39
now to think of it Kazaa

try closing kazaa and see if u get the errors

**shn** · 03-20-2004, 08:45 PM

Originally posted by LSA@20 March 2004 - 14:34
He's trying to 0wn you with netbus....

Stupid scriptkiddies

Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-03-20 13:35 CST
Interesting ports on 200-193-090-179.fnsce7001.dsl.brasiltelecom.net.br (200.193.90.179):
(The 1646 ports scanned but not shown below are in state: closed)
PORT      STATE    SERVICE
21/tcp    filtered ftp
25/tcp    filtered smtp
80/tcp    filtered http
135/tcp  filtered msrpc
137/tcp  filtered netbios-ns
138/tcp  filtered netbios-dgm
139/tcp  filtered netbios-ssn
1080/tcp  filtered socks
3128/tcp  filtered squid-http
12345/tcp filtered NetBus
12346/tcp filtered NetBus

"filtered"

That's more than likely an isp or proxy server your scanning.

**LSA** · 03-20-2004, 08:45 PM

Originally posted by leftism@20 March 2004 - 14:42
@LSA

With all due respect dude use a little common sense.

This guys box could have been hacked and could be being used by someone else as a platform to carry out further attacks.

The fact that the guy is infected with netbus shows that this could be the case.

Fair enough... it could be some clueless Brazilian script kiddie who's infected himself but you don't know that for sure so you shouldn't encourage aggressive action.

Guess your right

I edited out my encouragement for aggresive action a while ago, that was dumb to say.

So please take that out of your post.

@shn: When am I going to learn!?!?

**toco004** · 03-20-2004, 08:48 PM

Originally posted by Marius24+20 March 2004 - 20:45--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (Marius24 @ 20 March 2004 - 20:45)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin-toco004@20 March 2004 - 19:39
now to think of it Kazaa

try closing kazaa and see if u get the errors [/b][/quote]
ok