A Word to the Wise.

I've been the target of a number of direct attacks against my computer over the last several months. I'm providing the relevant Norton logs below, including the "remote address" (the IP of the attacker). My own IP is x'd out for obvious reasons.


8/6/2006 @ 6:13:42 PM: Rule "Default Block NetBus Trojan horse" blocked (207.12.157.2, NetBus(12345)).
Inbound TCP connection.
Local address, service is (XXX.XXX.XX.XX), NetBus(12345).
Remote address, service is (207.12.157.2, 3018).
Process name is "N/A".

See: Wikipedia page User talk:207.12.157.2; DNS Stuff/WhoIs page.


8/4/2006 @ 9:42:57 PM: Rule "Default Block Backdoor/SubSeven Trojan horse" blocked (209.159.206.135, 27374).
Inbound TCP connection.
Local address, service is (XXX.XXX.XX.XX, 27374).
Remote address, service is (209.159.206.135, 2783).
Process name is "N/A".


7/11/2006 @ 8:07:05 PM: Rule "Default Block Senna Spy Trojan horse" blocked (206.165.215.13, 13000).
Inbound TCP connection.
Local address, service is (XXX.XXX.XX.XX, 13000).
Remote address, service is (206.165.215.13, 13000).
Process name is "N/A".


5/10/2006 @ 10:53:19 PM: Rule "Default Block NetBus Trojan horse" blocked (209.214.148.159, NetBus(12345)).
Inbound TCP connection.
Local address, service is (XXX.XXX.XX.X, NetBus(12345)).
Remote address, service is (209.214.148.159, 1123).
Process name is "N/A".


Although not many Wiki Watchdog pages are getting indexed by the search engines these days, I hope that the IPs will be of help to you should you Google one or more of them in relation to an attack on your own computer.



Related posts:

• * Since I Began Wiki Watchdog (5/15/06);
• * "All we are saying is give jackbooted fascism a chance.";
• * '...the "democratic" people's MAFIA...';
• * "...normal person, plus anonymity, plus large audience, equals flaming f**kwad.";
• * Is Wikipedia Handing Out Your Browsing Information to Thousands?