IT help please!
Discussion
Can someone please tell me in plain English what this means:
"Default Block Hack 'A' Tack Trojan horse"
It keeps popping up on my Norton antivirus when I am online. It seems to be some kind of 'hack', but with me being a bit software illiterate, I have no idea what is going on! Incidentally, the IP address of my most frequent hacker is 217.230.125.226
I have run a trace on the attack, and it goes as follows:
Private use,
Santa Clara CA, (Intel corp)
Parsippany NJ, (AT&T)
Sanfrancisco CA (AT&T)
Chicago IL (AT&T)
New York NY (Deutsche Telekom AG)
Does this mean that someone is trying to hack me from the Santa Clara area of California via different networks to the UK?
If so what possible motive?
Jas.
"Default Block Hack 'A' Tack Trojan horse"
It keeps popping up on my Norton antivirus when I am online. It seems to be some kind of 'hack', but with me being a bit software illiterate, I have no idea what is going on! Incidentally, the IP address of my most frequent hacker is 217.230.125.226
I have run a trace on the attack, and it goes as follows:
Private use,
Santa Clara CA, (Intel corp)
Parsippany NJ, (AT&T)
Sanfrancisco CA (AT&T)
Chicago IL (AT&T)
New York NY (Deutsche Telekom AG)
Does this mean that someone is trying to hack me from the Santa Clara area of California via different networks to the UK?
If so what possible motive?
Jas.
This is public information for above IP-address, obtained from a RIPE-query:
% This is the RIPE Whois server.
% The objects are in RPSL format.
% Please visit www.ripe.net/rpsl for more information.
% Rights restricted by copyright.
% See www.ripe.net/ripencc/pub-services/db/copyright.html
inetnum: 217.224.0.0 - 217.237.161.47
netname: DTAG-DIAL15
descr: Deutsche Telekom AG
country: DE
admin-c: DTIP-RIPE
tech-c: ST5359-RIPE
status: ASSIGNED PA
remarks: ************************************************************
remarks: * ABUSE CONTACT: abuse@t-ipnet.de IN CASE OF HACK ATTACKS, *
remarks: * ILLEGAL ACTIVITY, VIOLATION, SCANS, PROBES, SPAM, ETC. *
remarks: ************************************************************
notify: auftrag@nic.telekom.de
notify: dbd@nic.dtag.de
mnt-by: DTAG-NIC
changed: auftrag@nic.telekom.de 20020108
source: RIPE
route: 217.224.0.0/11
descr: Deutsche Telekom AG, Internet service provider
origin: AS3320
mnt-by: DTAG-RR
changed: bp@nic.dtag.de 20010405
source: RIPE
person: DTAG Global IP-Adressing
address: Deutsche Telekom AG
address: Bayreuther Strasse 1
address: D-90409 Nuernberg
address: Germany
phone: +49 911 68909856
e-mail: ripe.dtip@telekom.de
nic-hdl: DTIP-RIPE
mnt-by: DTAG-NIC
changed: ripe.dtip@telekom.de 20020717
source: RIPE
person: Security Team
address: Deutsche Telekom AG
address: Technikniederlassung Schwaebisch Hall
address: D-89070 Ulm
address: Germany
phone: +49 731 100 84055
fax-no: +49 731 100 84150
e-mail: abuse@t-ipnet.de
nic-hdl: ST5359-RIPE
notify: auftrag@nic.telekom.de
notify: dbd@nic.dtag.de
mnt-by: DTAG-NIC
changed: auftrag@nic.telekom.de 20010321
source: RIPE
It says, as much as it's a Deutsche Telekom AG IP-Address, and gives contact information in case of abuse, as you can see
% This is the RIPE Whois server.
% The objects are in RPSL format.
% Please visit www.ripe.net/rpsl for more information.
% Rights restricted by copyright.
% See www.ripe.net/ripencc/pub-services/db/copyright.html
inetnum: 217.224.0.0 - 217.237.161.47
netname: DTAG-DIAL15
descr: Deutsche Telekom AG
country: DE
admin-c: DTIP-RIPE
tech-c: ST5359-RIPE
status: ASSIGNED PA
remarks: ************************************************************
remarks: * ABUSE CONTACT: abuse@t-ipnet.de IN CASE OF HACK ATTACKS, *
remarks: * ILLEGAL ACTIVITY, VIOLATION, SCANS, PROBES, SPAM, ETC. *
remarks: ************************************************************
notify: auftrag@nic.telekom.de
notify: dbd@nic.dtag.de
mnt-by: DTAG-NIC
changed: auftrag@nic.telekom.de 20020108
source: RIPE
route: 217.224.0.0/11
descr: Deutsche Telekom AG, Internet service provider
origin: AS3320
mnt-by: DTAG-RR
changed: bp@nic.dtag.de 20010405
source: RIPE
person: DTAG Global IP-Adressing
address: Deutsche Telekom AG
address: Bayreuther Strasse 1
address: D-90409 Nuernberg
address: Germany
phone: +49 911 68909856
e-mail: ripe.dtip@telekom.de
nic-hdl: DTIP-RIPE
mnt-by: DTAG-NIC
changed: ripe.dtip@telekom.de 20020717
source: RIPE
person: Security Team
address: Deutsche Telekom AG
address: Technikniederlassung Schwaebisch Hall
address: D-89070 Ulm
address: Germany
phone: +49 731 100 84055
fax-no: +49 731 100 84150
e-mail: abuse@t-ipnet.de
nic-hdl: ST5359-RIPE
notify: auftrag@nic.telekom.de
notify: dbd@nic.dtag.de
mnt-by: DTAG-NIC
changed: auftrag@nic.telekom.de 20010321
source: RIPE
It says, as much as it's a Deutsche Telekom AG IP-Address, and gives contact information in case of abuse, as you can see
Right - basically your "IP address" (the thing that your ISP gives you that uniquly identifies your PC on the Internet) is subject to a "ohhh - lets see what we can find here" attack from an address that is from a (probably) DSL user in Germany.
The reason why you are being "picked on" is wide and varied - suffice to say that you are sensible enough to be using a private firewall that is just detecting this and warning you.
You should
a) Update NAV from its Live Update (or whatever they call it nowadays) so it has the latest "definitions"
b) run a full scan on your PC
c) after that sit back in the knowledge that you are "safe", and some poor d****ead in Germany isn't so clever as you and has a trojan running that is trying to have a "go" at your PC.
Basically you've been sensible - the guy at the other end hasn't
J
The reason why you are being "picked on" is wide and varied - suffice to say that you are sensible enough to be using a private firewall that is just detecting this and warning you.
You should
a) Update NAV from its Live Update (or whatever they call it nowadays) so it has the latest "definitions"
b) run a full scan on your PC
c) after that sit back in the knowledge that you are "safe", and some poor d****ead in Germany isn't so clever as you and has a trojan running that is trying to have a "go" at your PC.
Basically you've been sensible - the guy at the other end hasn't
J
Gassing Station | General Gassing [Archive] | Top of Page | What's New | My Stuff