Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19
Need help with a script kiddie
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Need help with a script kiddie

  1. #1

    Need help with a script kiddie

    Hey all I know this is a Linux forum but this is what is going on.

    My Wife's 16 year old son is here and has downloaded msn messenger for windows me. All the sudden some screwball kid 13 years old starts talking about how he can hack in and screw up my son's computer (mine).

    Well this goes on for awhile and it looks like he is either running a bot or some kind of script. Just the same old messages retreading. It does control this ends msn and can cause him to log out etc.

    First off I installed Mcafee firewall and ran that the next thing to make sure is that on her machine there were no ports open. (Linksys forwarder says no).

    How can I figure out from his email address an ip address and then who do I report him too?

    Thanks
    Ras

  2. #2

    Re:Need help with a script kiddie

    [quote author=Rastar link=board=5;threadid=3738;start=0#37725 date=1023840762]How can I figure out from his email address an ip address and then who do I report him too?[/quote]

    You can't figure out his email address from his ip address. You can find out what ISP owns that IP range, and then complain to his ISP; or you can just install A Real OS (tm) with some Real Firewalling (tm) capabilities, and never worry about him again...

  3. #3

    Re:Need help with a script kiddie

    I hate to jump on the don't run M$ bandwagon, but that may be the way to go. Get rid of MSN messenger. A lot of holes have been popping up in it lately. I also second the motion to report the trouble to his isp, if you can get his ip somehow. If you have his IP address, find out what ISP owns the block, as Fetzaa already said, and then send nastygram to abuse@what_ever_isp.com.

  4. #4

    Re:Need help with a script kiddie

    [quote author=Feztaa link=board=5;threadid=3738;start=0#37730 date=1023844842]
    [quote author=Rastar link=board=5;threadid=3738;start=0#37725 date=1023840762]How can I figure out from his email address an ip address and then who do I report him too?[/quote]

    You can't figure out his email address from his ip address. You can find out what ISP owns that IP range, and then complain to his ISP; or you can just install A Real OS (tm) with some Real Firewalling (tm) capabilities, and never worry about him again...
    [/quote]

    I have his email something_something@hotmail.com but since it is hotmail I think I am SOL?

    I have RH 7.3 on my machine but my wife's machine is running M$ (I cant convince her to switch) ;D

    So if I have his email can they trace it back to an IP block?

    Ras

  5. #5

    Re:Need help with a script kiddie

    [quote author=Rastar link=board=5;threadid=3738;start=0#37751 date=1023849714]I have his email something_something@hotmail.com but since it is hotmail I think I am SOL?[/quote]

    This email address is useless to you. Forget about it and don't worry about it ever again.

    What you need to do is find out this guy's IP address, and from that you can find out what ISP he is on, and then get him booted off the ISP.

    I have RH 7.3 on my machine but my wife's machine is running M$ (I cant convince her to switch) ;D
    So then what you need to do is set up the Real OS as a gateway for the Toy OS, so that you can block attacks without worrying too much about the Toy OS.

    So if I have his email can they trace it back to an IP block?
    No. Email means nothing. Email is a very high level concept, IP is a very low one. Email has no bearing on IP whatsoever. Anybody at any IP could have any email address.

    The worst thing that you can possibly do with that email is complain to hotmail, so they'll close his email... but then he'll just open another one. Minor inconvenience.

  6. #6

    Re:Need help with a script kiddie

    find out the lil shits ip address and pXr.c em also submit his email address to a bunch of gay porn things.

  7. #7

    Re:Need help with a script kiddie

    So then what you need to do is set up the Real OS as a gateway for the Toy OS, so that you can block attacks without worrying too much about the Toy OS.
    I'm not so sure a gateway or firewall would block this type of activity if your ruleset allows outgoing MSN traffic. Don't most of the IM exploits bypass firewalls so long as IM client-to-server traffic is permitted to leave the LAN?

  8. #8
    Senior Member
    Join Date
    May 2001
    Posts
    472

    Re:Need help with a script kiddie

    Put your Linux box between the 'net and the Win32 machine, and run snort. Eventually, you will get his IP address. Once that is done, report him to his ISP or just leave the Linux box as the gateway/firewall and drop his whole subnet range automatically.

  9. #9

    Re:Need help with a script kiddie

    [quote author=tolstoy link=board=5;threadid=3738;start=0#37792 date=1023881621]
    So then what you need to do is set up the Real OS as a gateway for the Toy OS, so that you can block attacks without worrying too much about the Toy OS.
    I'm not so sure a gateway or firewall would block this type of activity if your ruleset allows outgoing MSN traffic. Don't most of the IM exploits bypass firewalls so long as IM client-to-server traffic is permitted to leave the LAN?[/quote]

    Sure, it would bypass the firewall if IM stuff, which is why you would set up a rule that just drops everything from his ip.

  10. #10

    Re:Need help with a script kiddie

    Okay so Mcaffee returned this report

    Blocked port scan attack the ip associated with this attack was 63.251.119.14 port 20480 with the local port of 17924.

    Mind you this is a windows machine which SHOULD not have any ports open at my linksys router but... Obviously he got as far as the firewall.

    A traceroute returns unknown host
    so does a whois

    How do I find out who this is? Which program should I run to figure it out.

    Ras

Similar Threads

  1. script
    By try in forum Linux - General Topics
    Replies: 0
    Last Post: 12-15-2008, 07:43 AM
  2. A Suspicious Script
    By Carrym in forum Windows - General Topics
    Replies: 1
    Last Post: 03-22-2007, 12:30 PM
  3. Firestarter script help ...
    By Compunuts in forum Programming
    Replies: 3
    Last Post: 01-03-2006, 02:07 AM
  4. Probs in a script called from another script
    By Outlaw in forum Programming
    Replies: 1
    Last Post: 03-12-2004, 02:54 PM
  5. iptables script...
    By Mor_gath in forum Programming
    Replies: 5
    Last Post: 12-24-2001, 04:35 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •