44 users online (0 members and 44 guests)  


  Results 1 to 7 of 7
  1. #1
    benzden's Avatar
    Senior Member

    Status
    Offline
    Join Date
    Feb 2002
    Location
    San Antonio, Texas
    Posts
    652

    IP attackers - what gives?!

    Someone from:

    rgName: Academic Computing Department/Elon College
    OrgID: ACDC-3
    Address: Academic Computing Department
    Address: Elon College
    City: ElonCollege
    StateProv: NC
    PostalCode: 27244
    Country: US

    NetRange: 152.33.0.0 - 152.33.255.255
    CIDR: 152.33.0.0/16
    NetName: ELON-LAN
    NetHandle: NET-152-33-0-0-1
    Parent: NET-152-0-0-0-0
    NetType: Direct Assignment
    NameServer: PEREVOD.ELON.EDU
    NameServer: LUMEN.ELON.EDU
    NameServer: NS.CW.NET
    Comment:
    RegDate: 1992-01-10
    Updated: 1997-03-26

    TechHandle: JM7175-ARIN
    TechName: Murphy, Jim
    TechPhone: +1-910-584-2528
    TechEmail: murphy@numen.elon.edu

    # ARIN WHOIS database, last updated 2003-04-26 20:10
    # Enter ? for additional hints on searching ARIN's WHOIS database.


    has been trying to get into my computer all morning. What gives? What to do about it?

  2. #2
    sonofmidi's Avatar

    Status
    Offline
    Join Date
    Jan 2001
    Location
    NC, USA
    Posts
    75
    Hmm, that college is only an hour or so from me. You might try contacting the tech.

  3. #3
    QuietDean's Avatar
    Administrator

    Status
    Offline
    Join Date
    Oct 2000
    Location
    Bournemouth, UK
    Posts
    2,662
    you have all the information you need to pursue this. However, be aware that if a college has low security they may be being used as a relay or proxy.
    If one of our members helps you, please click the icon to add to their reputation!
    No support via email or private message - use the forums!
    Before you ask, have you Searched?

  4. #4
    benzden's Avatar
    Senior Member

    Status
    Offline
    Join Date
    Feb 2002
    Location
    San Antonio, Texas
    Posts
    652
    Just sent an email out with:

    Are you attacking my computer or is it someone using your ID and IP?


    Also included the URL to this thread.


    Attacks are also coming from Chile, Brazil, Spain and who knows where else - even with my ZoneAlarm firewall set to turn all internet activity off!!! The only way I could stop the constant attempts was to pull the cable modem plug. The log file fills up each hour when plugged in.

    I fear this may be the beginning of what everyone is going to see in the way of Al Queda or other attempts to interrupt the daily flow of the internet. My ISP, RoadRunner, should be doing something about this at their end - will have to see in a couple days what they've done.
    Last edited by benzden; 04-27-2003 at 08:05 PM.

  5. #5
    benzden's Avatar
    Senior Member

    Status
    Offline
    Join Date
    Feb 2002
    Location
    San Antonio, Texas
    Posts
    652
    Surprise, surprise! Finally got the bounce back this morning.

    ------Transcript of session follows -------
    Connection to numen.elon.edu with Ip Address 152.33.3.1 failed from (private)
    murphy@numen.elon.edu
    Server received Winsock error Connection timed out.


    So, what's the point of being able to identify an IP if it doesn't apply to the person actually using it?!

  6. #6
    QuietDean's Avatar
    Administrator

    Status
    Offline
    Join Date
    Oct 2000
    Location
    Bournemouth, UK
    Posts
    2,662
    sadly true.

    Try forwarding your complaint to the ISP registrar for the domain.
    If one of our members helps you, please click the icon to add to their reputation!
    No support via email or private message - use the forums!
    Before you ask, have you Searched?

  7. #7
    benzden's Avatar
    Senior Member

    Status
    Offline
    Join Date
    Feb 2002
    Location
    San Antonio, Texas
    Posts
    652
    This is just one among a dozen IPs that are reflected in my ZoneAlarm log file. Am not about to go chasing after them - know enough about doing that within our insane judicial system.

    My strategy is to just pull the plug on my cable modem when I'm done with these forums, emailing and browsing.

    Some of the 'attacks' this morning were from the "abuse" department of my ISP - or that's what the email address seems to indicate. If it ain't one thing, it's another.



Tags for this Thread