[vox] [OT] Report Hackers?
Ryan
vox@lists.lugod.org
Wed, 28 Jan 2004 21:39:18 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 28 January 2004 09:18 pm, Robert G. Scofield=20
rscofield-at-afes.com |lugod| wrote:
> This evening my son was on the family computer (Win98) and in an hour and=
a
> half got two messages from Norton Firewall stating that someone at
> 130.161.43.249 was trying to connect to a port commonly used by a Trojan
> horse. The second time the IP address was 130.161.43.249: 3392.
>
> I assume that this is a dynamically assigned address and that it's not
> possible to figure out who the hacker is. But is one supposed to report
> these IP addresses somewhere? Or does one just forget about it?
You can punch an ip address in to samspade.org (or use whois) to find out w=
ho=20
the network administrator is, and send off a complaint, but it's not much=
=20
use. Most h4x0rs scan from zombies, so it's just a game of whack-a-mole.
That particular IP address is from a Ducth University.
Abuse contact is abuse@tudelft.nl
- --=20
PGP/GPG Fingerprint: 3B30 C6BE B1C6 9526 7A90 34E7 11DF 44F3 7217 7BC7
On pgp.mit.edu, import with `gpg --keyserver pgp.mit.edu --recv-key 72177BC=
7`
Also available at http://www.cal.net/~ryan/ryan_at_mother_dot_com.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQFAGJyOEd9E83IXe8cRAha3AJ0fqhKLxGIUdpxRwh2nnn7vBo7VFwCdHZsU
iEN6BdD6LSMMdc0DRu0DnPs=3D
=3DFI4T
-----END PGP SIGNATURE-----