.com.unity Forums
  The Official e-Store of Shrapnel Games

This Month's Specials

Raging Tiger- Save $9.00
winSPMBT: Main Battle Tank- Save $6.00

   







Go Back   .com.unity Forums > Shrapnel Community > Space Empires: IV & V

Reply
 
Thread Tools Display Modes
  #1  
Old August 10th, 2004, 06:16 PM
Atrocities's Avatar

Atrocities Atrocities is offline
Shrapnel Fanatic
 
Join Date: Dec 2000
Location: USA
Posts: 15,630
Thanks: 0
Thanked 30 Times in 18 Posts
Atrocities is on a distinguished road
Default OT: MS Tried to Hack My Computer???

The proof is in the trace. They have been hitting me constantly for over an hour now. Right our of Seatle. Does any one wanna take a crack as to why?

__________________
Creator of the Star Trek Mod - AST Mod - 78 Ship Sets - Conquest Mod - Atrocities Star Wars Mod - Galaxy Reborn Mod - and Subterfuge Mod.
Reply With Quote
  #2  
Old August 10th, 2004, 06:21 PM
Suicide Junkie's Avatar
Suicide Junkie Suicide Junkie is offline
Shrapnel Fanatic
 
Join Date: Feb 2001
Location: Waterloo, Ontario, Canada
Posts: 11,451
Thanks: 1
Thanked 4 Times in 4 Posts
Suicide Junkie is on a distinguished road
Default Re: OT: MS Tried to Hack My Computer???

Hitting you with what, exactly?

Odds are its a virus of some sort...
Reply With Quote
  #3  
Old August 10th, 2004, 06:23 PM
Atrocities's Avatar

Atrocities Atrocities is offline
Shrapnel Fanatic
 
Join Date: Dec 2000
Location: USA
Posts: 15,630
Thanks: 0
Thanked 30 Times in 18 Posts
Atrocities is on a distinguished road
Default Re: OT: MS Tried to Hack My Computer???

The firewall detected it as a hostle inbound event and such. I am running spyware and anti virus software now to check my system, but when I ran a trace on the event, it clearly showed it coming out of seattle right into portland. Very odd. This is why I posted it.
__________________
Creator of the Star Trek Mod - AST Mod - 78 Ship Sets - Conquest Mod - Atrocities Star Wars Mod - Galaxy Reborn Mod - and Subterfuge Mod.
Reply With Quote
  #4  
Old August 10th, 2004, 06:39 PM
Suicide Junkie's Avatar
Suicide Junkie Suicide Junkie is offline
Shrapnel Fanatic
 
Join Date: Feb 2001
Location: Waterloo, Ontario, Canada
Posts: 11,451
Thanks: 1
Thanked 4 Times in 4 Posts
Suicide Junkie is on a distinguished road
Default Re: OT: MS Tried to Hack My Computer???

I mean, like what port, how often, size per packet, or whatever else you know.
Reply With Quote
  #5  
Old August 10th, 2004, 08:49 PM
Thermodyne's Avatar

Thermodyne Thermodyne is offline
Lieutenant Colonel
 
Join Date: Dec 2000
Location: DC Burbs USA
Posts: 1,460
Thanks: 0
Thanked 1 Time in 1 Post
Thermodyne is on a distinguished road
Default Re: OT: MS Tried to Hack My Computer???

Need the port and proto that got bounced to say for sure. But it looks like you are blocking mail or IM traffic. Also MS is often the target of spoofing by script kiddies.
__________________





Think about it
Reply With Quote
  #6  
Old August 10th, 2004, 09:38 PM

Baron Munchausen Baron Munchausen is offline
General
 
Join Date: Aug 2000
Location: Ohio, USA
Posts: 4,323
Thanks: 0
Thanked 0 Times in 0 Posts
Baron Munchausen is on a distinguished road
Default Re: OT: MS Tried to Hack My Computer???

You are assuming the Microsoft can keep control of its own machines!? What other OS would they be using except Wind'ohs?

(Ok, I have heard that they do run Free BSD on a lot of Hotmail servers.)

I think it's just as likely that a Microsoft server on MS' very own campus could be hijacked as a server anywhere else. It's also possible that someone could be spoofing packets from a completely different domain than Microsoft.
Reply With Quote
  #7  
Old August 10th, 2004, 09:42 PM
Katchoo's Avatar

Katchoo Katchoo is offline
Sergeant
 
Join Date: Jun 2002
Location: Ottawa, ON, Canada
Posts: 390
Thanks: 0
Thanked 0 Times in 0 Posts
Katchoo is on a distinguished road
Default Re: OT: MS Tried to Hack My Computer???

Atrocities, can you post a sample of your firewall log here, or upload it to NASY with a link to it here for us to look at it? If we can see everything that your Firewall is reporting, then we might be able to nail down what's happening.
__________________
The Nu'Wam Shipset: (Download) & (Preview)
The Psycho Trapper Shipset: (Download) & (Preview)
Reply With Quote
  #8  
Old August 11th, 2004, 03:39 PM

rdouglass rdouglass is offline
Major
 
Join Date: Nov 2000
Location: Biddeford, ME, USA
Posts: 1,007
Thanks: 0
Thanked 0 Times in 0 Posts
rdouglass is on a distinguished road
Default Re: OT: MS Tried to Hack My Computer???

Probably the lates Bagle variant. That's a busy one lately. What you're posting here tho looks like a reverse IP lookup.

Do you know what port(s) you're being attacked on? IMO that'll tell you a lot more than the "apparent" IP address. That's pretty easily spoofed nowadays. However, the ports and other items are a better fingerprint IMO.
Reply With Quote
  #9  
Old August 11th, 2004, 03:55 PM
Sivran's Avatar

Sivran Sivran is offline
Sergeant
 
Join Date: Dec 2003
Posts: 251
Thanks: 0
Thanked 0 Times in 0 Posts
Sivran is on a distinguished road
Default Re: OT: MS Tried to Hack My Computer???

More likely it's an MSN user infected with a worm or two, or three. No need to worry, or blame MS. :P Blame the idiot Users who directly connect their NT-based machines to the internet.
Reply With Quote
  #10  
Old August 11th, 2004, 05:05 PM

Baron Munchausen Baron Munchausen is offline
General
 
Join Date: Aug 2000
Location: Ohio, USA
Posts: 4,323
Thanks: 0
Thanked 0 Times in 0 Posts
Baron Munchausen is on a distinguished road
Default Re: OT: MS Tried to Hack My Computer???

Directly connect them and don't properly configure them, you mean....

You have to set your machine up with the right permissions and restrictions or you get 0wned within minutes of going Online. Most people get their broadband and connect with NETBIOS active -- which is designed for LANs, not the Internet! A properly configured system is dramatically harder to infect, especially with third party enhancements like firewalls and anti-virus software.

I've just recently installed a firewall even though I'm on dialup and I get probes to port 445 (NETBIOS) every few minutes even though I'm on a rotating dialup connection! Since I was smart enough to disable my NETBIOS before I went Online this is not a problem for me. But if even dialup lines are under constant probes, imagine how bad it must be on DSL address blocks where the hackers and worms know you have a high-speed line.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump


All times are GMT -4. The time now is 04:30 AM.


Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©1999 - 2024, Shrapnel Games, Inc. - All Rights Reserved.