Anyone know, if say someone is constantly trying to access your PC, and you know there IP and DNS, if there is anything that can be sent back at them... Sort of a warning shot... Getting annoying having Blackice and zone, going of , every few seconds, I am not exagerating, 300+ times last night in 2 hours, 71 times tonight in 30 mins.. he is doing an UDP port scan.... Anything will be great.... Yes I have contacted the ISP but it will be dealt with when they have time poss, a week.... Thanks

i would shot a pm to muggles this should be right up his alley

PM me or muggles the addy. If someone is trying to scan your computer on this site they will be delt with...GL

If you're actively being scanned, go to his ISP website, get their phone number, and ask for the NOC (Network Operations Center). Tell them you have an intrusion attempt in progress from one of their users and they will work with you while you are on the phone with them. Note that this is an extreme measure and should only be taken if you are for sure the port scans are malicious in nature.

HAHA, I have no doubt they are malicious in nature... Over 250 tonight, so far and counting, and close to 400 last night... I have been in contact with muggles and fiddlefingers... I will how ever, try this tommorrow night if it continues... Thanks
BTW, he has the same ISP as I... gee as we speak the alarms have stopped... Nothing for over 1 min,,, haha Either he was forced to stop, from the last nasty email I sent to my/his ISP, or his Mommy made him go to bed...LOL

...or, he got in...

dssnowalittle, I occassionally have the same problem...ip from same isp attacking me, ran a whois on this imposter, come to find out it was zeus.myisp.com, which I am assuming is one of the servers from my ISP, havent quite figured out why they do this, but I have to go down next week to pick up my dsl equipment (FINALLY) and Im gonna hit up their sysadmin about it.... if I find out anything relevant I will let you know

Black Ice does a Sniffer-compatible trace of every intrusion attempt. You can send the files to the offending ISP (and your ISP) to show them exactly the nature of the offense, the source and destination addreses, etc.

If they want to take action against the offender, they have to have proof, if you supply the evidence, the Monitor Lizards are more likely to respond in your favor.

The Sniffer files are in the BI subdirectory. They'll have an extension of ".ENC"

Be careful sending anything back to the offender other than an Email, the same rule apply, and, given that Murphey lives on the Internet, you'd end up being the one they shut down.

Good Luck

Scott

Smack, great info... Looking over the enc files... Now if I knew how to read them,,,lol.... Anyone have any idea what to open them with so as one can read them in english and not PC lingo... Or is this what they are... It does seem that everytime I goto a different site, this is what triggers the alarms... Anyone, know also what it means when, on Jan 01/01 in black ice, same IP and DNS, it says DNS spoof successful.... only once.... This is certainly got me buffalo'd... I am by far no PC whiz. It could be what aikiman, said...
jheron, he is not getting in at the moment, but he may have at one time.... As I said above the one time it says DNS spoof successful, what ever this may mean.... To all thanks..

Well guys, it seems when I put this in this forum, I was unsure of where else to put it, and I did put it in the right place.... I just got off the phone with a tech from the ISP, he told me that when running BlackIce, it will show this UDP Port Scan, and set off the bells and whistles, when in fact it is there own servers, checking to see if you are still alive, so to speak,(his words not mine).. So to everyone that helped thanks... I do hope this will benifit some... So it seems aikiman was the winner...
Thanks to all again for your time...

For future reference, the .ENC files are in the Network Associates (formerly Network General) "sniffer" network analyzer format. There are some other analyzers that can import these files, and I think there's some third party (maybe freeware/shareware) that can also read and display these files.

NAI/NetGen network analyzers are/were the "kleenex" of that kind of product. Generally speaking, it's a packet analyzer with a software "expert system" that offers what it finds as problems, and possible solutions.

The popularity of this unit (starting to slip) make it likely that if you send the .Enc files to a network management group, they can probably get it to a box that can decode 'em.

FWIW

Scott