Jump to content

vince_

Members
  • Posts

    33
  • Joined

  • Last visited

Posts posted by vince_

  1. So it is probably a false poss then as it's only her machines that run on the network.

    Well thanks for clearing that up David you have been very helpful, I will now see if I can tell what is causing the False reading on the network which is easier said than done as it has happened twice that I have seen myself as I'm not always around.

     

    Thanks David for your time and help your a star a twinkly helpfull one  :)

  2. All I know is that Comodo flagged 2 network intrusions both spoofing of the address resolution protocol and a while ago she had more than her fair share of of cross site scripting attempts of which I think her security stopped as it flagged them every day while she browsed the net, they have since stopped. How can I be sure it is an attack is there a very simple way, as you can probably tell I'm a very very simple guy. I did type arp -d into cmd delete old arp and reset it if that's correct to do.

  3. This is constant every day second by second on a friends machine (taken from the firewall logs on the router)

    Is it an on going attack? as I believe or something else? It has been going on for a long time and has slowly got more active, to the point of being constant as you can see from this short snippet. ( I have removed the IP and replaced as you can see with little stars **.**.**.** )

     

    13:19:20, 07 Sep. IN: BLOCK [16] Remote administration (TCP 162.219.57.18:8937->**.**.**.** on ppp0)
    13:09:17, 07 Sep. IN: BLOCK [9] Packet invalid in connection (TCP 208.64.202.69:80->**.**.**.**.179:61457 on ppp0)
    13:09:03, 07 Sep. IN: BLOCK [9] Packet invalid in connection (TCP 208.64.202.69:80->**.**.**.**.179:64507 on ppp0)
    13:01:41, 07 Sep. IN: BLOCK [16] Remote administration (TCP 71.6.151.167:65244->**.**.**.**.147:80 on ppp0)
    12:55:03, 07 Sep. IN: ACCEPT [57] Connection closed (Port Forwarding: TCP 192.168.1.69:7547 <-->**.**.**.**:1024 [222.186.34.23:6000] CLOSED/SYN_SENT ppp0 NAPT)
    12:53:02, 07 Sep. IN: ACCEPT [54] Connection opened (Port Forwarding: TCP 192.168.1.69:7547 <-->**.**.**.**:1024 [222.186.34.23:6000] CLOSED/SYN_SENT ppp0 NAPT)
    12:48:28, 07 Sep. IN: BLOCK [9] Packet invalid in connection (TCP 149.20.54.15:80->**.**.**.**:59678 on ppp0)
    12:07:21, 07 Sep. IN: BLOCK [16] Remote administration (TCP 188.241.179.171:8105->**.**.**.**:22 on ppp0)
    12:04:50, 07 Sep. IN: BLOCK [16] Remote administration (TCP 173.192.55.2:32314->**.**.**.**:22 on ppp0)
    11:55:49, 07 Sep. IN: BLOCK [16] Remote administration (TCP 202.162.221.220:64009->**.**.**.**:22 on ppp0)
    11:42:21, 07 Sep. IN: BLOCK [16] Remote administration (TCP 219.235.126.174:45822->**.**.**.**:22 on ppp0)
    10:44:28, 07 Sep. IN: BLOCK [12] Spoofing protection (IGMP **.**.**.**->224.0.0.22 on ppp0)
    09:50:23, 07 Sep. IN: BLOCK [16] Remote administration (TCP 199.87.232.185:3291->**.**.**.**:8080 on ppp0)
    09:30:23, 07 Sep. IN: BLOCK [9] Packet invalid in connection (TCP 216.218.228.119:80->**.**.**.**:60702 on ppp0)
    09:30:23, 07 Sep. IN: BLOCK [9] Packet invalid in connection (TCP 216.218.228.119:80->**.**.**.**:60695 on ppp0)
    09:30:19, 07 Sep. IN: BLOCK [9] Packet invalid in connection (TCP 216.218.228.119:80->**.**.**.**:60702 on ppp0)
    09:30:19, 07 Sep. IN: BLOCK [9] Packet invalid in connection (TCP 216.218.228.119:80->**.**.**.**:60695 on ppp0)
    09:30:19, 07 Sep. BLOCKED 1 more packets (because of Spoofing protection)
    09:30:17, 07 Sep. IN: BLOCK [12] Spoofing protection (IGMP**.**.**.**->224.0.0.22 on ppp0)
    09:30:17, 07 Sep. IN: BLOCK [9] Packet invalid in connection (TCP 216.218.228.119:80->**.**.**.**:60702 on ppp0)
    09:30:17, 07 Sep. IN: BLOCK [9] Packet invalid in connection (TCP 216.218.228.119:80->**.**.**.**:60695 on ppp0)
    09:22:43, 07 Sep. IN: BLOCK [15] Default policy (TCP 66.193.112.93:443->**.**.**.**:52367 on ppp0)
    09:22:08, 07 Sep. IN: BLOCK [15] Default policy (TCP 66.193.112.93:443->**.**.**.**:54821 on ppp0)
    02:20:28, 07 Sep. IN: BLOCK [16] Remote administration (TCP 61.164.126.91:6000->**.**.**.**:8080 on ppp0)
    02:17:10, 07 Sep. IN: BLOCK [16] Remote administration (TCP 123.126.133.131:48755->**.**.**.**:22 on ppp0)
     
     
    I looked some of the IP's up and most are from China, the spoofing is new this week and have also noticed some that the Comodo firewall stops I think an attempt at arp poisoning as it just says network attack stopped arp. Shes old and I dunno what to do any help here would be good.
    Is (address resolution protocol) arp poisoning an internal thing ie you have to be on the network or not? This may explain the spoofing on the router fiewall log to but again I have no knowledge on networking or hacking or attacks or anything much really, thats why I'm coming to see you guys to help me clarify so I can take appropriate action. I almost forgot her Ip changed the otherday too to an ip beginging with 31 and thats abnormal for her IP range as I have been monitering it for over a year now
    Thanks ever so for any help provided
     
    Vince_
  4. Hello


    It may be your hard drive,  memory, graphics, cpu you can check the memory as in this link http://www.geekstogo.com/forum/topic/246994-guide-to-using-memtest86/


    As for how to check if a hard drive, graphics or cpu have problems you will have to wait for one with more knowledge than I have, sorry.


    I would also check to see if the system is dusty inside check the vents on the cpu are not clogged and fans are also not clogged with dust.


    You could  run  scandisk and check both boxes. make sure you have plenty of time it takes a while.This link explain how. http://support.microsoft.com/kb/156571


    Try also running system file check here is how. http://support.microsoft.com/kb/929833


     


    There are a few things there to check and do till someone with super tech skills jumps into the post


     


     


    Let me know how you get on OK


  5. I think most firewalls on routers block ping attacks these days if not all. I don't think people even use the ping of death as it was known anymore as it hasn't enough power to do anything much.

    I don't know much so I may be wrong I'm happy to be educated more if I am

  6. Hi Moi

    Does the whole system freeze or just the mouse?

    Have you tried another mouse to see if it's your mouse?

    If it's not your mouse try updating your driver for your mouse.

    Start

    control panel

    system and maintenance

    then scroll down click device manager click continue when prompted

    Open the mouse and pointing devices by pressing plus

    Highlight your mouse and choose properties

    click the Driver tab

    and then choose update

     

    If that does not work uninstall it and then reinstall it and see if that has any effect.

    It's the same as above except you choose uninstall and then obviously reinstall once uninstalled.

     

    You could also run a scandisk and check both boxes. make sure you have plenty of time it takes a while.This link explain how. http://support.microsoft.com/kb/156571

    Try also running system file check here is how. http://support.microsoft.com/kb/929833

     

    Let me know how you get on OK

  7. I love dogs. The four legged kind.

    I like all animals really and used to have a pet sparrow he would land on my head, only once did he poop on me there so cute. He lived outside and was wild but he was also a friend, yes I talked to him all the time. I think every one talks to there animals, well I hope it's just not me that has long convos with most animals lol

  8. If I was this women I would have enticed it closer using my womanly powers both of them and then with cunning and speed I'd entrap it with an improvised net (sheet from the bed), and kept it, as the pervs hardly likely to ask for it back and I've always wanted a flying machine. I made one of those lifters of you tube, but mrs vince said NO GET IT OUT THE HOUSE NOW, lol. That was after I told her don't touch it,  it's got a lot of voltage going through it, smiles at the thought of not telling mrs vince about the high voltage, ahhh what could have been. Eccentrics make this world great, even if this one is a perv.

  9. Hi is bit coin safe to use, as I keep seeing on different forums a lot of bit coin malware, well malware with bit coin associated with it. I don't know much about bit coin but wanted to give it a go but wonder if it's safe to use.  :unsure:

     

    Thankies in advance to all 

  10. There has been instances in the past where intelligence agencies have used animals with microphones and 1 camera eye actually implanted in the animals to spy on people, the first instance of this story was from about 1960 that I have herd of.

    I often wonder if they have ever created something like pigeons and squirrels with WiFi tails , set them free out side an enemy embassy and let them get to work, hmmm maybe not but the first bits true. 

  11. Thanks David for the reply, I've seen social engineering in action and have even had it aimed a few times at me each time I gave them fake info, god knows what they try and do with it.  :)

    I get the fake Microsoft you have a virus calls and I must admit to having a lot of fun with them, I actually look forward to them calling and miss them when they don't ring how sad's that, note to self get out more lol. I figure if I can keep them on the phone it's time they wont be conning other vulnerable people, my best time for keeping them busy is 2 hours 7 mins, It took some doing. I should have recorded some of the phone calls as there have been some memorable moments, like when I had there whole fake Microsoft team called over to listen to me in there little set up, I can never repeat what I said to them that time on hear I would be banned in a flash lol.

     

    Thanks again David for your reply and time taken.  :)

     

    Vince_ 

  12. I googled opsec and found a Wikipedia article on military security, now I know what it means I do see, loose lips sink ships and that..

    For a min CWB I thought I had been mistaken for the enemy and was gearing up to be slaughtered LMAO. PHEW

    Thanks CWB and David for your replies.

     

    You learn something new everyday, well I do cause I don't know much anyway lol.

     

    Thanks again guy's

    Vince_ :D

  13. Am I the enemy?

    If so why?

    I don't hack to be nasty or anything like that, the closest I've come to that is running attacks against my own system using backtrack in order to harden it.

     

    Vince_ is puzzled by your anwser?...................................................... :blink:

  14. Hi Today I was wondering do sites such as MBAM's forum get attacked and probed a lot by people?

    By this I mean script kiddies, black hat's, with a grudge, even other anti virus companies.

    One thought was that some people might not like you helping people who they have infected to try and extract money from.

     

     

    A curious Vince  :huh:

  15. Sub6fix Malwarebytes is the best in it's class and vince is always right unless Mrs vinces is around. I do know that call centers can be troublesome some times (I don't know about mbams as i've not used it) but you shouldn't let 1 miss understanding put you off or stop you from recommending such a great product as Malwarebytes, I mean it's detection rate is great and it's a one time payment, you can't knock that. 

    Pluss so many helpfull staff on this forum who are always ready to help and give there time, in this day and age help for free and one time payments for a great product is like trying to pull one over on mrs vince it doesn't happen very often, mainly cause I'm too scared.

    Malwarebytes and all its other products most of which are free it's awesome.

    Mbam team you can run me over, shoot me, kick me in the hoo haas, insult me till the cows come home (and that wan't an innuendo aimed at mrs vince) I will still use mbam cause it is number 1, for me at least.

     

    Vince_

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.