1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Networks hack the hacker

Discussion in 'Hardware' started by batsman, 8 Mar 2002.

  1. batsman

    batsman the quiet one

    Joined:
    14 Nov 2001
    Posts:
    1,088
    Likes Received:
    0
    any one know any programs that will let you get back at the hacker trying to get though your firewall?
     
  2. eddie_dane

    eddie_dane Used to mod pc's now I mod houses

    Joined:
    31 Jan 2002
    Posts:
    5,547
    Likes Received:
    65
    I had a friend that was going back and forth with a hacker and he was playing some nasty games... turns out the hacker was using a third, unknowing/innocent, person's system as a go between and my friend was doing signifigant damage to that innocent's person's system and network (it was a small business). Long story short, FBI involvement... I know it sounds corny, but the best thing to do in hindsight would be to collect as much info as possible and notify your ISP to avoid your own legal woes
     
  3. dakar

    dakar What's a Dremel?

    Joined:
    6 Mar 2002
    Posts:
    460
    Likes Received:
    0
    Just make his day miserable instead.

    If you are using Linux for a firewall... try something like PortSentry (www.psionic.com)... she'll set and listen to any and all TCP/UDP ports on whatever interfaces you'd like watched... with a few added bonuses, anyone hitting a monitored port up to X times (the tripwire) can be sent a message of your choosing, followed with thier IP immediately being routed to the bit bucket...
    he'll never recieve any replies from your firewall/network again. (meanwhile you can still monitor his sorry incoming attempts via the logging facility). Great way to spoil a skript kiddy's day, and even shut down the more serious crackers too!
     
  4. Koolvin

    Koolvin The Modfather

    Joined:
    12 Mar 2001
    Posts:
    1,656
    Likes Received:
    1
    Re: Just make his day miserable instead.

    sounds like a great innovative product! but I guess most firewalls do this. The thing is you don't want to give the person a snmp response because it will only make them try harder - best thing is to remain hidden and drop all the udp/etc.....

    for Home I swear by Nat and a personal firewall on each machine although thats a bit extreme - well maybe not ;) even though I can probably aslo keep my IP address assigned by my ISP by not re-booting the cable modem - which I have no need as I have a router spoofing the mac address of the modem - I still reboot it and force a renew of my IP address once in a while - well when I can remmebr to LOL
     
  5. relix

    relix Minimodder

    Joined:
    14 Nov 2001
    Posts:
    5,948
    Likes Received:
    41
    yeah, firewalls rock, and I'm still figuring out a way on how to program my own starting from zero and some networking libraries...
     
  6. batsman

    batsman the quiet one

    Joined:
    14 Nov 2001
    Posts:
    1,088
    Likes Received:
    0
    smoothwall

    yeah i will be setting up my smoothwall tommorow ready for the adsl installation on tuesday.
     
  7. neuro

    neuro What's a Dremel?

    Joined:
    9 Jan 2002
    Posts:
    317
    Likes Received:
    0
    Re: Re: Just make his day miserable instead.

    a hardware router? if so which one do you have? i could do with something like that for my cable. So far ive only managed to find my self a nice little IRC bouncer which is doing its job great :)
     
  8. pszaro

    pszaro What's a Dremel?

    Joined:
    11 Mar 2002
    Posts:
    206
    Likes Received:
    0
    At Home, I am using an Netgear Cable/DSL Router RT311 [ http://www.netgear.com/product_view.asp?xrp=4&yrp=12&zrp=54 ]

    Then on every workstation, I run either Tiny Personal Firewall or ZoneAlarm Pro.

    I'm constantly monitoring the logs, and I am very satisfied with the Netgear Router. It even allows you to open and close certain ports for external access to your network.
     
  9. dakar

    dakar What's a Dremel?

    Joined:
    6 Mar 2002
    Posts:
    460
    Likes Received:
    0
    I'll have to look into that smoothwal package...could prove useful someday.. for the mean time I just use IPTABLES to do my NAT and forward in whatever ports i need, but have the Zebra router package running one the firewall talking another Zebra router box (IPTABLES again to make double certain no spoofed packets make it through) that splits my home networks into three individual switched subnets for workstations and file/print servers, and public servers... the software routers will only route TCP/IP packets, this helps make sure that IPX packets from the Netware boxes and the NetBios packets from the wife and kids' windoze boxes that say NetBios is disabled (but still broadcast packets on ports 135-139...) but their packets can't find the public networks no matter what... perhaps a little overkill for my home network..but extremely effective and saves having to burn precious clock cycles for firewalls on each already taxed windoze box.
     
  10. Phil

    Phil What's a Dremel?

    Joined:
    19 Jul 2001
    Posts:
    1,005
    Likes Received:
    0
    Re: Re: Re: Just make his day miserable instead.

    what has Koolvin's router got to do with an IRC bouncer ?

    that makes no sense
     
  11. Yo-DUH_87

    Yo-DUH_87 Who you calling tiny?

    Joined:
    6 Mar 2002
    Posts:
    3,712
    Likes Received:
    1
    I heard of one where the hacker sued the person he was hacking, because the person that wa being hacked totaled the hackers computer!! Probibly not true, but an example!

    I use McAfee, it sometimes let me online :D
     
  12. aurigus

    aurigus What's a Dremel?

    Joined:
    22 Mar 2002
    Posts:
    6
    Likes Received:
    0
    I love tiny personal firewall. Did you see there's another company called Kerio taking it over? I downloaded their beta but it bluescreens XP, I guess thats why it's a 'BETA'

    Plus, How do you know he's trying to get through your firewall? Every IP on the internet is currently being bombarded with IIS exploits, was it just that?

    -Dave
     
Tags:

Share This Page