Well I was just at one of those "online traceroute" sites to see if my hall was nice enough to block incoming traceroutes to my comp... (conclusion - must start blocking certain udp ports with iptables...)
But main point-I read the letters that these people get from traceroute targetted comps. These are *good.*
quote:
Return-path: [email protected]
Date: Thu, 03 May 2001 01:20:41 -0700
From: [email protected]
Subject: One of your clients has hacked me!
X-Mailer: Mozilla 4.76 [en] (Win95; U)
At 1:18 Pm this date you sent a package oof data to my
computer. I consider this an Intrusion on my privacy and Computer
security ! Altuhoiugh I have Firewalls to prevent this I Feel your
clint Should Be repremanded for such practices of seeking open computer
ports and or attemppting to acess computers randomly . IF it is a web
site I had been into recently to see if I had disconnected It is NOT I
have been only to one sitte OF which I am familiar with their sweep IP
Thus This Intrusion is a agttempt to acess computers Mine or many. I
see these types of actiities as malicious only.
I am not asking but de,manding you act and inform your client of the
Facts he is known and has been recorded in thew Data bank of the FBI.
Myself and many internet security wise Persons are in a position to
auto log these activities with the Authorities! I am one of milions but
we are dedicated to Eliminating Such behaviour.
Peter
Note that this goon uses Win95. nuff said.
next-
quote:
Date: Sat, 01 Jun 2002 01:05:15 -0700
From: [email protected]
Subject: Your servers can be hacked too.
Hi
I am not interested in weather your servers get hacked or not but when either
someone from within your company or someone else using your computer as a
gateway starts to mess with my computer, it pisses me off.
I have logs showing an "attempted" scan on my computer from someone using your
IP address.
The attack took place at
Fri May 31 09:38:57 2002 PST
Here is an entry from my Intrusion Detection System
message : Udp scanning attempt: 54 cnx from port 33471 to 33524 in 6 seconds.
Ip hdr : 192.245.12.7 -> xxx.xxx.xxx.xxx [hl=20,version=4,tos=0,len=40,id=52159,ttl=1]
Udp hdr : 57349 -> 33471 [len=20]
Data hdr : size=18 bytes
I am masking my IP address here.
Now, you better not try to mess with my computer here. I have a pretty
sophisticated Intrusion detection system in place and you can think of me as a
genius when it comes to computer security. I can protect my system and though I
do not like to do it but when people start to mess with my computer, I do not
hesitate in NUKING their computer to oblivion.
I would suggest you look into your logs and make sure nobody from within you
company is trying to mess with me. Also get your servers in orders and have
some descent protection in place. A donut shop has a better protection on their
computers.
ST
__________________________________________________________
Get your FREE personalized e-mail at http://www.canada.com
Mr 1337 H4x0r here thinks that a traceroute indicates that someone is trying to hack his comp.
Meh, funnyness.
