A Special Message for Common Ground Members

It has come to my attention that email address may be being harvested here for the purpose of distributing unsolicited pornography.  Please remove all references to your email address when visiting.  If you are currently receiving illegal pornographic unsolicited email, please send a PM (Personal Message) to the Administrator.  My apologies for this inconvenience.

 

Common Ground

 

Author Message
Common Ground / Security Blanket - Computer Questions / Interesting stuff
Lunarlady
Cast Member



Posts: 1629
Registered: Aug 2002
  Posted 08-30-02 02:46 AM                
I am SO glad I have a firewall! I just thought I'd publish this IP address since it's tried to do the following in a space of 40 minutes:

202.174.226.86

World Wide Web HTTP attempt 01:58:32am
Ring Zero attempt: 01:58:32am
HTTP Proxy scan: 01:58:32am
ICMP Ping: 02:35:35am
ICMP Ping: 02:36:35am
ICMP Ping: 02:36:38am
ICMP Ping: 02:36:41am
ICMP Ping: 02:36:44am

A trace puts this person/computer in the Chicago area. If the Mods or Admins have this IP address listed under someone whose posts have been inflamitory, please be aware that I will fully co-operate with any investigation and/or legal actions, including evidence I have stored with my Firewall company, to prosecute the intruder to the fullest extent of the law.

The Admins have my email address and are invited to contact me should they need my evidence.

Thank you.
A whole week of peaceful bliss, beginning with a giggle and ending with a kiss.
Coastalwader
Cast Member



Posts: 935
Registered: Aug 2002
  Posted 08-30-02 11:08 AM                
Thanks. There are hackers out there that have programs set to just scan any computer they can. Then, there all the other issues some of us seem to be dealing with.

I think posting ISP's that set off firealarms here is a good idea. Keep in mind, that if something suspicious is found, you could be asked to show proof that what you have is not fabricated.

Otherwise, let's see what happens.
King Unca Bubba Lord DisneyTex

Coastalwader
Cast Member



Posts: 935
Registered: Aug 2002
  Posted 08-30-02 11:13 AM                
Lunarlady, in doing a reverse ISP trace on that ISP, I find lots of names and contact info. It could be related to a program you are running on your computer.

http://www.amnesi.com/

You might go to the above link and do a reverse trace and see if anything looks familiar.
King Unca Bubba Lord DisneyTex

Lunarlady
Cast Member



Posts: 1629
Registered: Aug 2002
  Posted 08-30-02 01:18 PM                
Thanks for the link, Coastal. I've been pretty busy for the past 15 minutes watching my firewall light up because the same address is attempting to get in. This is what your link told me when I looked it up:

WHOIS Query Result for 209.202.218.129:

OrgName: Lycos, Inc.
OrgID: LYCOSI-1

NetRange: 209.202.192.0 - 209.202.255.255
CIDR: 209.202.192.0/18
NetName: NETBLK-LYCOS-1
NetHandle: NET-209-202-192-0-1
Parent: NET-209-0-0-0-0
NetType: Direct Assignment
NameServer: NS1.HOTWIRED.COM
NameServer: NS2.HOTWIRED.COM
NameServer: NS3.HOTWIRED.COM
NameServer: NS4.HOTWIRED.COM
Comment:
RegDate: 2000-05-22
Updated: 2002-06-10

TechHandle: VY7-ARIN
TechName: Yelsangikar, Vish
TechPhone: +1-781-370-2700
TechEmail: nic-tech@lycos-inc.com

# ARIN Whois database, last updated 2002-08-29 17:07
# Enter ? for additional hints on searching ARIN's Whois database.

I'm not sure I understand much of this, but it would make sense that someone doing a Lycos search wouldn't attempt the same search 10 times in 15 minutes, therefore I must presume that they're "hitting" my IP address for the fun of it.

Thank goodness McAfee has a reporting feature. Every time they hit, they get reported. I'll be sure to bookmark that link, though, and use it when multiple attempts are made from the same IP address!
A whole week of peaceful bliss, beginning with a giggle and ending with a kiss.
Lunarlady
Cast Member



Posts: 1629
Registered: Aug 2002
  Posted 08-30-02 01:20 PM                
quote:
Coastalwader wrote:
Lunarlady, in doing a reverse ISP trace on that ISP, I find lots of names and contact info. It could be related to a program you are running on your computer.

http://www.amnesi.com/

You might go to the above link and do a reverse trace and see if anything looks familiar.
No, none of that looks familiar, but I might be paranoid and wonder if the Melbourne, Australia moniker isn't some reference to the "outback" or our Out Back?

Wow. I'd better get off now. Too much paranoia isn't a good think for LL!
A whole week of peaceful bliss, beginning with a giggle and ending with a kiss.
Common Ground / Security Blanket - Computer Questions / Interesting stuff