Noticed through Black Ice that someone is trying to hack into one of my ports.

How can I find the ISP of this person with the IP address given by Black Ice.

Person is looking for "Subseven Trojan Horse", never heard of it.

I was running some bandwidth tests from various sites on a cable modem install.

Hi mad1

Your attacker's IP will be listed under the Intruder tab. Double click on the particular attack on the Intruder list to get more details.

You can get further details of type of attack itself under the Attacks tab, advICE link, which will link you to the www.networkice.com (http://www.networkice.com) site

Socalgal,
I have the IP address, and information regarding what the attack was, I have viewed all the information given by the Blackice program regarding the attack.

Need information on how the find the ISP of the offender with the IP address that is given by Blackice, if this is the true IP address. I want to notify the ISP of this attempted intrusion into my computer, what will this do I do not know.

If anyone has any information on this program I would appreciate it.

Thanks

Socalgal,
Thanks for the link, found some info. regarding the program.

mad1 with the cable modem you will now get those attacks all the time. I just ignore them now that I am used to it. It just takes to much time to report all of them and most of the time their ISP will do nothing.


Your user are my initals - the 1 of course.

Yes, I agree with jad1 on this one.

You'll end up spending all your time filing log reports!

I just make sure I run port scans frequently to make sure all is well. Do a search; there are lots of links to scan sites on these pages.

But if you want to file a complaint, all the info you need for doing so is at the BID site I linked to. Look at their KB (Knowledge Base).

If you want run a traceroute/whois, one service is http://samspade.org/t/

[This message has been edited by socalgal (edited 10-26-2000).]

I have to agree with all the advice given. The Subseven Trojan Horse and Backdoor Trojan seemed to appear a lot to me recently (It was all blocked). Luckily it all happened after I installed my two virus checkers and a decent firewall.

I traced them myself to the ISP and got absolutely nowhere with the company. I'm not sure what the law is over there but the ISP's here in the UK don't seem to give a monkeys.

I gave up trying to do anything about it in the end and as already said just get on with it.

It does teach you not to conect without some decent protection though.

I had a continual intruder from London before I got ZA and BID. He uses various firewalls so I couldn't prove it but I think he's blocked now.

Made me wonder about the laws over there for a while. I guess there's always going to be some jerks that make more laws necessary.

What's really strange is he has a little fan club that doesn't see anything wrong with it.
Probably until they become his victim...