OT: MS Tried to Hack My Computer???
 

The proof is in the trace. They have been hitting me constantly for over an hour now. Right our of Seatle. Does any one wanna take a crack as to why?

http://www.astmod.com/t1.PNG http://www.astmod.com/t2a.PNG

Re: OT: MS Tried to Hack My Computer???
 

Hitting you with what, exactly?

Odds are its a virus of some sort...

Re: OT: MS Tried to Hack My Computer???
 

The firewall detected it as a hostle inbound event and such. I am running spyware and anti virus software now to check my system, but when I ran a trace on the event, it clearly showed it coming out of seattle right into portland. Very odd. This is why I posted it.

Re: OT: MS Tried to Hack My Computer???
 

I mean, like what port, how often, size per packet, or whatever else you know.

Re: OT: MS Tried to Hack My Computer???
 

Need the port and proto that got bounced to say for sure. But it looks like you are blocking mail or IM traffic. Also MS is often the target of spoofing by script kiddies.

Re: OT: MS Tried to Hack My Computer???
 

You are assuming the Microsoft can keep control of its own machines!? What other OS would they be using except Wind'ohs? http://forum.shrapnelgames.com/images/smilies/wink.gif

(Ok, I have heard that they do run Free BSD on a lot of Hotmail servers.)

I think it's just as likely that a Microsoft server on MS' very own campus could be hijacked as a server anywhere else. It's also possible that someone could be spoofing packets from a completely different domain than Microsoft.

Re: OT: MS Tried to Hack My Computer???
 

Atrocities, can you post a sample of your firewall log here, or upload it to NASY with a link to it here for us to look at it? If we can see everything that your Firewall is reporting, then we might be able to nail down what's happening.

Re: OT: MS Tried to Hack My Computer???
 

Probably the lates Bagle variant. That's a busy one lately. What you're posting here tho looks like a reverse IP lookup.

Do you know what port(s) you're being attacked on? IMO that'll tell you a lot more than the "apparent" IP address. That's pretty easily spoofed nowadays. However, the ports and other items are a better fingerprint IMO.

Re: OT: MS Tried to Hack My Computer???
 

More likely it's an MSN user infected with a worm or two, or three. No need to worry, or blame MS. :P Blame the idiot Users who directly connect their NT-based machines to the internet.

Re: OT: MS Tried to Hack My Computer???
 

Directly connect them and don't properly configure them, you mean....

You have to set your machine up with the right permissions and restrictions or you get 0wned within minutes of going Online. Most people get their broadband and connect with NETBIOS active -- which is designed for LANs, not the Internet! A properly configured system is dramatically harder to infect, especially with third party enhancements like firewalls and anti-virus software.

I've just recently installed a firewall even though I'm on dialup and I get probes to port 445 (NETBIOS) every few minutes even though I'm on a rotating dialup connection! Since I was smart enough to disable my NETBIOS before I went Online this is not a problem for me. But if even dialup lines are under constant probes, imagine how bad it must be on DSL address blocks where the hackers and worms know you have a high-speed line.

Re: OT: MS Tried to Hack My Computer???
 

Baron, how would I go about disabling my NETBIOS? I'm not computer illiterate, just not an advanced user and could use some help :P

Another, connected question. What does NETBOIS do, what is its normal function?

Also, you mentioned "properly configuring" your internet connection. I have a dialup connection, and if you don't mind, could you give me some pointers on how to properly configure my connection for greater security?

By the way, sorry Atrocities for hijacking your thread http://forum.shrapnelgames.com/image...es/redface.gif

Re: OT: MS Tried to Hack My Computer???
 

I am far from an expert myself. Of course, where Wind'ohs is concerned I doubt that anyone is an expert. We learn this every few days when a new Wind'ohs exploit is published. http://forum.shrapnelgames.com/images/smilies/laugh.gif

The way Wind'ohs configures itself by 'default' -- or used to, it could be different now with Win 2000 and Win XP -- is for a LAN connection, meaning it installs a bunch of services for giving access to other computers to YOUR FILES. Not good for most people. That's what NETBIOS is about, sharing printers and files across a LAN.

It's not very difficult to fix, though. Anyone who can do the routine stuff you do to setup a dialup connection can fix this problem. Rather than type it all in myself I'll point you to the source at Gibson Research. He calls it 'Network Bondage' in a semi-humorous way because it's about protocol bindings...

http://www.grc.com/su-bondage.htm

You could find this same information from other sources, I'm sure, but that is the source I am familiar with. This is as good an explanation as any. All you need to do is follow the directions on clicking a few boxes, then reboot and you're much more secure than the default way that Wind'ohs is installed.

It wouldn't hurt to read the other pages in the 'Shields Up!' site, either.

Re: OT: MS Tried to Hack My Computer???
 

Thank you very much!

Re: OT: MS Tried to Hack My Computer???
 

spoofed maybe, I doubt a corporation would want to hack anyone for no apparent real reason

Re: OT: MS Tried to Hack My Computer???
 

Unless Atrocities has copied homer simpson and created a competing company with microsoft and is being ruffed up by Bill Gates and his goons as we speak http://forum.shrapnelgames.com/images/smilies/laugh.gif

It's probably some haxx0r l33t script kiddy trying to forget the fact his acne is now a contagious flesh diesease on the scale of ebola.

I Apolgise in advance for my Lack of fluency in l33t speak as i try and keep the english language somewhat preserved http://forum.shrapnelgames.com/images/smilies/laugh.gif

Re: OT: MS Tried to Hack My Computer???
 

w00t w00t j00 sp33k t3h l33t t4lk 0f h4x0rz

...
Stupid script kiddies...

Re: OT: MS Tried to Hack My Computer???
 

Quite, uh, descriptive imagery there RD http://forum.shrapnelgames.com/images/smilies/laugh.gif

Re: OT: MS Tried to Hack My Computer???
 

2004/08/10 09:44:51 207.68.177.126:80 (c.msn.com) 192.***.*.**:3590 Port 3590 (TCP)

Re: OT: MS Tried to Hack My Computer???
 

Yep those Creative Writing Courses have been paying off well Renegade http://forum.shrapnelgames.com/images/smilies/laugh.gif http://forum.shrapnelgames.com/image...ies/tongue.gif

Re: OT: MS Tried to Hack My Computer???
 

AT, I have a theory,.. agents of the 'Secret Government Agency responsible for 'UFO' monitoring and investigation' has found your web site. My guess is that one or more of your ships match the 'real' thing being held over at Area 51. They now believe you to be an alien and fear that the 'More to Come' message on your site is an actual message that more aliens will be visiting earth and all this is a prelude to a massive invasion. After visiting your site, they're also convinced that these aliens are part of a massive galactic alliance.

There is a solution, put up a notice on your site that you are a SE:IV Addict and, Wilbert Hunt, one of the junior investigators for the 'Secret Agency' will understand the situation and remove the red flags from your 'secret file'.

Cheers! http://forum.shrapnelgames.com/images/smilies/laugh.gif

P.S. aaaah, the beauty and wonders of creative writing, how I miss the good old days when I wrote short sci-fi stories. Maybe one day I'll scan one of my stories in and run it through an OCR then post it here.

Re: OT: MS Tried to Hack My Computer???
 

That's the SMS service port. Also, there are some peeps trying to use it to get past port 25 blocking by ISP's. If you don't need SMS, just refuse the proto and block the port for inbound packets.

Re: OT: MS Tried to Hack My Computer???
 

You got it backwards. Windows 9x machines come pre-configured for <i>nothing at all</i>, which means freshly-installed, a 9x box is actually plenty secure. You have to add networking once it's up, and even then, once File and Print sharing is installed you <i>then</i> have to explicitly share your directories/drives. Only then will port 139 open up and expose your file system.

By contrast 2k and XP set up networking <i>during</i> installation, which can lead to infection prior to even completing the install if connected without a router between the computer and the big, nasty, wan.

And finally, GRC is a lot of hype (just look at Gibson's credentials. He's a <i>marketting</i> guy!). You're no safer under stealth than you are with closed ports, and perhaps more vulnerable--when your system fails to respond it could be red-flagged as a "newbie GRC reader." http://forum.shrapnelgames.com/images/smilies/wink.gif Disabling netbios over TCP and installing NetBEUI is also unnecessary assuming you're behind a firewall or router, though it is another layer of security. Routers will block netbios connection attempts without any configuring. A software firewall will have to be configured to only allow netbios from the lan, assuming you HAVE a lan you want to share files on. If not just configure the firewall to block any traffic to and from ports 137-139 for 9x/Me and also 445 for 2k/XP.

Re: OT: MS Tried to Hack My Computer???
 

Since most people do not have firewalls and there's no way to use a hardware router with a dialup connection (unless you get the more expensive 'network modems' I guess) I think Gibson's instructions are quite useful for most people. Several 'big name' firewalls that have nothing to do with Steve Gibson default to stealth mode, so I doubt that he's completely alone in his opinion. And I really don't see why I should care what anyone probing ports on remote machines thinks of 'stealth' mode anyway.

Re: OT: MS Tried to Hack My Computer???
 

I do have two firewalls working. The crappy XP one, and the one that came with the Cable modem which is from McAfee.

And David, this weekend I saw a real life UFO. I was down in this cannon camping with friends, and we all looked up and saw the UFO. It was a bigg'in too. It had two yellowish lights in the front, and a whole mess of em on the top part. It made such a thunders sound we all though God himself was come back to Earth to exact his holly revenge upon whicked and unfaithful.

(About six minutes later God passed us in his 1978 Ford F150 Hiboy with his light bar on, and no exhougst pipes. We were in awe.)

It occured to us, as we all sat their drinking our beer, that we was in a canyon, and to get into the canyon, you have to drive down this long narrow windy *** gravel road. Duhrrrrrrrr. "Here's your sign." - Mine read: "Beer Makes You Stupid." http://forum.shrapnelgames.com/images/smilies/laugh.gif

Re: OT: MS Tried to Hack My Computer???
 

FYI, Service Pack 2 has just been released by Microsoft. It aparently addresses and fixes some 800+ bugs and loopholes. It might be worth installing.

Just thought you might like to know.

Cheers! http://forum.shrapnelgames.com/images/smilies/laugh.gif

Re: OT: MS Tried to Hack My Computer???
 

Look out for SP2, it has a few unexpected results. Home Users "should" be OK with it, but any one doing dev or cad work should make sure they don't need patches that are yet to be released.

Re: OT: MS Tried to Hack My Computer???
 

I wondered what made my choice not to drink alcohol so rational, now i know http://forum.shrapnelgames.com/images/smilies/laugh.gif That was great atrocities, i'm still laughing, Obviously it was the Old Testament God that visited you, only he would have omnipotent powers to drive one of them!

For the record i personally do not know what kind of veichle the new testament god drives, most likely a SUV http://forum.shrapnelgames.com/image...ies/tongue.gif

Re: OT: MS Tried to Hack My Computer???
 

If God drove a truck, it would most likely be a Toyota. http://forum.shrapnelgames.com/images/icons/icon9.gif Those things are darn near industructable.

If God rode Quads, it would be a Bombardier 650 DS