How ya'll doing? I'm Dr. Phil. :p


No seriously, yesterday there were 1241 attempts to hack my PC. A further 630 today and counting. This is the message i havent received to all of those attacks.

Attempted Intrusion "MS_Windows_LSASS_RPC_DS_Request" against your machine was detected and blocked

I have Win XP professional SP 1 + all updates and Norton Firewall 2003.

Most of these shifty bastards are from Korea and USA. Norton tells me they didn't get through and i believe it, but how on earth do so many people know my ip? Am i on some "leet hacker" list?

I want them to go away, someone help. :(

Oh btw, if you can teach me how break into their PCs so i can delete all their pr0n i will elevate you to 1337 status.

Check this out:

http://securityresponse.symantec.com/avcenter/nis_ids/sigs/MS_Windows_LSASS_RPC_DS_Request.html

Then install the critical security updates. ;)

N

Ye i got that update today, but they are still flowing in.

Cmon Nid teach me how to get 'em back. :D

How ya'll doing? I'm Dr. Phil.

:lol:

yes the l33t hackers think your worthy of hacking

daaamn, you musta pissed someone off :lol: o_O

For some reason noone tryes to hack my computer, dunno why o.0

Odds are your bein scanned by PC's that have a virus and are just looking for more systems to infect. your firewall is chucking up the message that its happening and is blocking it so there is no need to worry.

That sort of message I dont get though, my ISP blocks any external attacks on certain ports (like blaster) so I can only get them messages from people who use the same ISP that I do.

I use ZoneAlarm and i have it set to block my intrusions so i don't have these messages pop up. But i have had loads of attampts, it just blocks them.

ZoneAlarm > Norton
AVG > Norton
Win2k > WinXP

:p

Sygate > Norton
AVG > Norton
WinXP > Win2k
Weeeeell, one out of three ain't bad... ;)

If i could give you bad rep i would :p

Go munch a stam booster :)

Worms like blaster doesn't target a specific IP address. They usually scan through whole subnets... one after the other :)

Oh and btw... F-Secure > *

sygate firewall > * :p

gives traceback so i can find out who to send "oi, ur god damn scanning my ports you bitch" emails to :p

get yourself a hardware firewall (router)

and a large axe :)

and clean socks :mad:

get yourself a hardware firewall (router)*Ding ding ding* That's what you should do. Get a router with NAT and firewall and set it up then a lot of those scans won't even reach your PC.

Oh and sorry... ZoneAlarm 5 > Norton, Sygate, etc.

--Stryfe

zone alarm smells :p

zone alarm smells :p
less than norton. :p

--Stryfe

I like Norton best because of this tracking feature. It counts upwards, like 25%.... 50%... 100%. It makes me feel like I'm working at the CIA. :D

Now onto routers then. Which is a good one? I get the fealing we are going to see alot more of this greater than crap. :p

EDIT
This is any good? (http://www.centrecom.com.au/catalog/product_info.php?cPath=67&products_id=531&osCsid=36a0753123a039bbd6072880a4d119e6)

I like Norton best because of this tracking feature. It counts upwards, like 25%.... 50%... 100%. It makes me feel like I'm working at the CIA. :D

Now onto routers then. Which is a good one? I get the fealing we are going to see alot more of this greater than crap. :p

EDIT
This is any good? (http://www.centrecom.com.au/catalog/product_info.php?cPath=67&products_id=531&osCsid=36a0753123a039bbd6072880a4d119e6)Should serve you well. I have the original DI-704 and that thing's been rock solid for approaching 3 years now. Or was it the 604 that i have.... hmm. Bastard memory is having I/O errors out the wazoo. :p

If you use wireless, I'd also recommend the Linksys WRT54G, but *only* if you put the 3rd party firmware made by Sveasoft on it. The default firmware that Linksys has been coming out with lately is a bit naff. (I use the Sveasoft firmware myself. It kicks a *lot* of ass.)

--Stryfe

It looks like all you're getting are info requests... it could be one person that's trying to spam your computer with packets or something, or it could be someone else repeatedly trying to talk to your machine. Hell it could even be spyware on your machine or on a website you visit often trying to send/recive info from windows in a way your firewall doesn't like

Not being online capable = safe.

Ergo No modem > *

I use ZoneAlarm and i have it set to block my intrusions so i don't have these messages pop up. But i have had loads of attampts, it just blocks them.

ZoneAlarm > Norton
AVG > Norton
Win2k > WinXP

:p

OMG Zonealarm that has more holes than swiss cheese O_O

I'd change firewall if i were you :)

OMG Zonealarm that has more holes than swiss cheese O_O

I'd change firewall if i were you :)Got any info to back that claim up?

IMO, it falls down more to user preference more than anything. And I like the fact that Zone Alarm Pro is so incredibly flexible once you know how to work with it.

--Stryfe

IMO, it falls down more to user preference more than anything. And I like the fact that Zone Alarm Pro is so incredibly flexible once you know how to work with it
Agreed. I also use ZAP and Win2k

it works best with my system. it kicks up a fuss like nothing ive even seen if someone just tries to put an XP disk near it.

Not that i would want XP on my machine.

Ever.

Agreed. I also use ZAP and Win2k

it works best with my system. it kicks up a fuss like nothing ive even seen if someone just tries to put an XP disk near it.

Not that i would want XP on my machine.

Ever.I'm running XP SP1 and ZAP 5 on my home machine right now and the thing runs beautifully. Well, aside from some hardware issues with one of my HD's. But that's not ZAP's or Windows' fault, so meh. :p

--Stryfe

Just had to pitch in.

a person with knowhow and iptables/ipfwadm will probably own whatever of theese firewalls.

and you are probably not targeted as mentioned. Worms and the likes sends out reqests to *.* one after another to see who is dumb and havent updated yet.

PIX 501U > * in a SOHO environment.

otherwise typically any hardware based NAT/PAT capable device will give you more base protection than firewall software on a PC running public IP's. $40-$100 US Netgear/Linksys/etc.

btw Zonealarm has exploits just like any other network software package. Google it. Found a couple within the first page (not impling ZoneAlarm doesn't patch).

hehe use black ice fire walls that sht pwnzzzz, block twice as much sht as zone alarm and 3 time more then norton lol....and what u got there seems like port scaner looking for open ports (but a shtyone at that lol, whats the point if even norton can stop it :wtf: )....just do all teh wndows update and get BLACK ICE and er safe :D

hehe use black ice fire walls that sht pwnzzzz, block twice as much sht as zone alarm and 3 time more then norton lol....and what u got there seems like port scaner looking for open ports (but a shtyone at that lol, whats the point if even norton can stop it :wtf: )....just do all teh wndows update and get BLACK ICE and er safe :DHush now. Black Ice is probably the worst of them all. They had some issues a while back where their software had an exploit that would allow the attacker full control over the PC, iirc. The worst part was that in order to get the update to fix it you had to have a subscription which meant paying for one if you didn't have one.

--Stryfe

You get a gazillion hack attempts a day because it's not a PERSON hacking, it's viruses and Bots hacking away on your computer.

Retaliating against an attacker is plain and simply STUPID - learn what IP spoofing is and you will know the reason why.

The only thing to do is to remove all services as much as possible from your box, then close down everything that u need with a firewall. Example: If you surf the web and play games then you dont need Microsofts shitty insecure networkclient. Remove it and you can ignore 100% of the RPC attacks on your system.

It's like walking down a dark alley every night. Either u can get Kevlar and/or get a gun and/or practice martial arts - or you dont and reduce your chanses of survival.

Pro active = the way to do security, The rest is just sales bullshit.

Also consider NOT useing Microsoft crap email client and browser to increase security on your system. Attackers practically have a field day with IE and Outlook since the retards at redmond love to add "features" (aka security vulnerabilities) *caugh* frontpage *caugh* and fuck themselves by rewriting standards (like PPTP).

Zonealarm sucks, their support is crap and Zonealarm has always had the fuck-all-applications-and-kill-windows bug when it receives to much packets at once. Zonealarm doesnt let users watch the webserver even if the webserver has full access in zonealarm's settings. Zonealarm even made Windows 2000 run like it was running on a 66mhz machine (I got dual 3.0ghz) at random occasions at windows start up. No, Zonealarm is far from good, it's a working firewall but to much packets simply screw up your computer completely. Zonealarm support didnt even gave me a reply of why zonealarm locks up users computers, they simply ignored me. Im going to try that sygate firewall, I've heard it's better and doesnt lock up computers.

big rottweiler > all :p