Mark Forums Read
  #1  
Old 03-23-2009, 08:00 AM
ravish ravish is offline
Junior Member
  
Join Date: Mar 2009
Posts: 2
ravish is on a distinguished road
Default Identify and Report Abuse and Would Be Hackers - The IP Address
From years of experience in the IT security industry, most attacks I have seen through corporate firewalls attempting to hack into the company’s information are rarely directed from an actual individual. Most hacking attempts are written into scripts called Trojans and Bots which are slyly installed on the victims PC. These scripts unwittingly to the owner of the PC launch there attacks as background tasks and scan the internet for any other machine which is unprotected executing the contents of the hackers script on another poor victim. The majorities of these scripts are very basic and tend to attack TCP ports such as port 23 Telnet port. If the initial connection attempt is successful, the script will then run the next portion of the attack, which may attempt to run a brute force password dictionary attack. In the event that the password is guessed, another process may launch to directly notify the writer of the script that a device has succeeded to be unlocked this will leave the door unlocked for the hacker to return in person to delve further into the depths of the network and potentially the sensitive information from the organization.

If Web Programmers falls foul of this type of attack, it will be very difficult to track down the hacking attempt to the author of the script unless the script reveals information about the author such as an IP address which may be used to send information back to the author.

If you are lucky enough to be armed with this information there are several ways to identify the end hosts. The IP address will identify the individual even if the address is dynamic or has been NAT since service providers keep a log of user names associated with the IP address and a timestamp stating when these were assigned. Firstly you will need to go to the WHOIS database, there are many sites you can find just by tapping WHOIS into Google, and enter the IP address of the attack. This should reveal the ISP of the hacker and an email address to report the abuse. Most respectable ISPs such as BT will take action by either notifying the abuser of breaches to the T&CS or just by terminating the connection altogether.

The moral of the story is however that the passwords and usernames you use on your network or web server must not be easy to guess and that virus checkers are up to date and firewall ports locked down, especially inbound ports such as telnet, rdp, ssh and any other port which may allow the machine to be remotely administered.
Reply With Quote
 #Add to Ads's Reputation  
OldSponsored Ads
Ads AdsPromoter is online
Member
  
Join Date: LongTime
Posts: 1100
Ads is on a distinguished road
Default New Sponsored Ads


This message will go away once you are registered. Also, by registering, you will have access to all post topics, communicate privately with other members (PM), respond to polls, upload graphics, and access other special features! Registration is fast, simple and absolutely free so please Click Here to join our Web Hosting community today!
Reply With Quote
Reply

« Opera for Windows/Linux | Affordable Web Design & SEO »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 11:28 AM.

Web hosting forum - Contact Us - Web Design Forum - Site Map - Top

Dedicated Server Hosting - Unmetered Server Hosting
Powered by vBulletin Version 3.6.1
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
SEO by vBSEO 2.4.0