Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Incidents: Re: Why would someone DoS a free-lance writer?

Re: Why would someone DoS a free-lance writer?

From: Sara Brigid Gaffney <irishelf_at_bellsouth.net>
Date: Sun, 1 Jul 2001 18:21:39 -0400

I discovered that somehow that day both my firewalls had somehow
become misconfigured - thus, no alert. I have a ADSL not a dial up
so the IP does not change. I've never used Gnutella. I have all
file sharing unchecked and have rigorous and specific rules set on my
firewalls. Can't help it - I was hacked once, big time.

Two things happened just before this: I had dl free PGP. Perhaps I
mis-configured it when installing and that affected the others? I
deleted PGP for now and checked at www.grc.com and I was back to
complete stealth mode.

Someone (else) mentioned that packets are always being sent - to
indicate perhaps that I should have seen some activity on my packet
sniffer. I use CommView and it does NOT show packet capture when I
am not actively using the internet, i.e., when I'm on the net but not
surfing, etc. CommView is quiet.

Oh yes, the other thing that happened directly before this. I was
having a slightly heated conversation with someone who I doubt would
harm me ---- but is a bit mischievous & has hacking skill. Probably
a coincidence. Who knows? I was just too curious not to seek some
answer here. Thanks for the many replies. I appreciate all the info
and will try to hone my TP/IP skills or lack thereof.

On Sat, 30 Jun 2001 15:25:35 -0400, Jim Starke wrote:
>Sara Brigid Gaffney wrote:
>>
>> I had my packet sniffer running on this solitary Windows PC but I
>> wasn't on the net. Suddenly I noticed I was getting hit multiple
>> times a second. They were coming from a range of sources but
>> targeted one port, 6346.
>
>Possibly the previous person who had the IP Address that you were
>assigned when you connected to your ISP was running Gnutella. It
>wasn't
>a DoS but just the fallout of other computers thinking that you were
>sharing files because they didn't know the previous user
>disconnected.
>I'm presuming that you are assigned a dynamic ip address by your
ISP.
>
>Normally disconnecting and dialing back into your ISP will fix the
>problem because it will assign you a new ip address.
>
>--
>Quidquid latine dictum sit, altum viditur.
>http://www.jcsmall.com/homepage
>
>
>---------------------------------------------------------------------

>-------
>
>
>This list is provided by the SecurityFocus ARIS analyzer service.
>For more information on this free incident handling, management
>and tracking system please see:
>
>http://aris.securityfocus.com

Sara
~~~~
"One must still have chaos in oneself, to give birth to a dancing star." Nietzsche

----------------------------------------------------------------------------

This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see:

http://aris.securityfocus.com
Received on Jul 02 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos