Hacker fjolser...

http://www.csirt.dk/

http://www.csirt.dk/rapport/

her kan du anmelde ;)

hov... så lige at det kun var TDC\'s kunder...

nu er jeg oppe på 37!!

kan det ikke ske lidt mere anonymt??

hvorfor vil du ha anonymitet??

Og hvilke porte bliver der \"hacket\" på ???
Det er jo ikke sikkert at det er hack forsøg..

læs mere her http://www.csirt.dk/newssystem/display.asp?ArticleID=115

eller endnu bedre her:

http://www.robertgraham.com/pubs/firewall-seen.html

Jeg har mine grunde til at være anonym, men jeg aner virkelig ikke hvilke porte det er, jeg har \"kun\" ipadressen.

hvordan ved du så at de har forsøgt at hacke dig???

Min Norton Firewall advarede mig og blokkede \"hackerens\" adgang!

det er jo ikke sikkert at det har været et hacker forsøg.. og nu siger du at på 3-4 minutter havde der været 35 nye forsøg... nej jeg tror ikke at det har været forsøg...

kan jeg se din logfil ?

nu er jeg oppe på 1098 attempts og 8 hackere!

kan ikke komme videre uden logfil...

Jeg leder lige efter den... er ikke sikker på hvor den ligger...

det må stå i firewall\'ens opsætning

Hvis du er på en dynamisk ip kan der være mange grunde til \"besøg\".

Derfor er det ret væsenligt at finde ud af hvilke porte der bliver scannet. Det giver et fingerpeg om hvad det er der søger adgang.

På en dynamisk ip kan adressen jo være brugt tidligere til deling af filer - hvis så modtageren forsøger at genoptage et download vil det se ud som et uautoriseret visit hos dig!

Prøv at finde ud af lidt mere inden du springer ud i anmeldelse med mere!

Og endelig - et lovligt site med et lovligt formål kan da ikke kræve anonymitet ved anmeldelser!

Min antivirus har lige fundet en trojan i en aktiv fil på mit C drev!

jeg har nu fundet en event log...
der står blandt andet:
Date: 19-01-2002 Time: 22:07:37
Port scan detected from address 147.208.171.139.
Blocked further access for 30 minutes after detecting at least 6 ports being probed.

Den Ip er jo
Name:    security.norton.com
Address:  147.208.171.139
---ret underholdende.... er det en selvtest af programmet??

Erik > *LOL*

Du skal bruge www.anmeld.politi.dk =)

Her anmeldte jeg \"min\" hacker i tirsdags ;)

Hvis man har ip. nummeret kan man så ikke finde ud af noget om hackeren?

Det er overhoved ikke underholdende!!
Her er nogle andre Ip\'er:
62.105.80.5
200.199.201.42
213.112.93.228
194.239.241.209

Hvad betyder det her ping haløj?

The firewall has blocked Internet access to your computer (ICMP Echo Request (\'Ping\')) from 213.46.20.7.

Time: 19-01-02 21:51:56

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\\>ping -a 194.239.241.209

Pinging game1.gate58.dk [194.239.241.209] with 32 bytes of data:

Reply from 194.239.241.209: bytes=32 time=30ms TTL=115
Reply from 194.239.241.209: bytes=32 time=41ms TTL=115
Reply from 194.239.241.209: bytes=32 time=30ms TTL=115
Reply from 194.239.241.209: bytes=32 time=30ms TTL=115

Ping statistics for 194.239.241.209:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 30ms, Maximum =  41ms, Average =  32ms

C:\\>ping -a 200.199.201.42

Pinging 200.199.201.42 with 32 bytes of data:

Reply from 200.199.201.42: bytes=32 time=511ms TTL=235
Reply from 200.199.201.42: bytes=32 time=521ms TTL=235
Reply from 200.199.201.42: bytes=32 time=541ms TTL=235
Reply from 200.199.201.42: bytes=32 time=531ms TTL=235

Ping statistics for 200.199.201.42:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 511ms, Maximum =  541ms, Average =  526ms

C:\\>ping -a 213.112.93.228

Pinging c-e45d70d5.036-4-6370682.cust.bredbandsbolaget.se [213.112.93.228
32 bytes of data:

Reply from 213.112.93.228: bytes=32 time=40ms TTL=113
Reply from 213.112.93.228: bytes=32 time=50ms TTL=113
Reply from 213.112.93.228: bytes=32 time=40ms TTL=113
Reply from 213.112.93.228: bytes=32 time=30ms TTL=113

Ping statistics for 213.112.93.228:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 30ms, Maximum =  50ms, Average =  40ms

C:\\>
C:\\>ping -a 194.239.241.209

Pinging game1.gate58.dk [194.239.241.209] with 32 bytes of data:

Reply from 194.239.241.209: bytes=32 time=40ms TTL=115
Reply from 194.239.241.209: bytes=32 time=40ms TTL=115
Reply from 194.239.241.209: bytes=32 time=30ms TTL=115
Reply from 194.239.241.209: bytes=32 time=41ms TTL=115

Ping statistics for 194.239.241.209:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 30ms, Maximum =  41ms, Average =  37ms

kaptajn > læs her http://www.csirt.dk/newssystem/display.asp?ArticleID=115

Hold så kæft, kaptajnen. Du er en ussel snyder på eksperten.dk. Og tro ikke
du ikke er anmeldt.

Man har vel lov til at over føre fra sine gamle brugere!

Date: 19-01-2002 Time: 21:52:46
Rule \"Default Block DeepThroat Trojan horse\" blocked (62.243.164.215,2140).  Details:
Inbound UDP packet
Local address,service is (62.243.164.215,2140)
Remote address,service is (213.112.93.228,27015)
Process name is \"N/A\"

Det får admin afgøre

Er det en hacker ??

Date: 18-01-2002 Time: 23:10:32
Port scan detected from address 62.243.164.215 At least 10 ports being probed.

her er hele min eventlog:

Norton Internet Security Version 4.0
19-01-2002 23:12 (Rom, normaltid)
Alerts Event Log
19-01-2002 22:49:33 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (205.188.250.25,http(80))
Process name is \"D:\\PROGRAMMER\\ICQ ME\\ICQSRP.EXE\"
19-01-2002 22:07:37 Supervisor  Port scan detected from address 147.208.171.139.
Blocked further access for 30 minutes after detecting at least 6 ports being probed.
19-01-2002 21:56:40 Supervisor  Security alert displayed for rule Default Block Portal of Doom Trojan horse.
Remote computer (200.199.201.42, 27018)
19-01-2002 21:56:40 Supervisor  Rule \"Default Block Portal of Doom Trojan horse\" blocked (62.243.164.215,3700).  Details:
Inbound UDP packet
Local address,service is (62.243.164.215,3700)
Remote address,service is (200.199.201.42,27018)
Process name is \"N/A\"
19-01-2002 21:52:46 Supervisor  Security alert displayed for rule Default Block DeepThroat Trojan horse.
Remote computer (213.112.93.228, 27015)
19-01-2002 21:52:46 Supervisor  Rule \"Default Block DeepThroat Trojan horse\" blocked (62.243.164.215,2140).  Details:
Inbound UDP packet
Local address,service is (62.243.164.215,2140)
Remote address,service is (213.112.93.228,27015)
Process name is \"N/A\"
19-01-2002 21:50:12 Supervisor  Security alert displayed for rule Default Block Bla Trojan horse.
Remote computer (194.239.241.209, 27015)
19-01-2002 21:50:12 Supervisor  Rule \"Default Block Bla Trojan horse\" blocked (62.243.164.215,1042).  Details:
Inbound UDP packet
Local address,service is (62.243.164.215,1042)
Remote address,service is (194.239.241.209,27015)
Process name is \"N/A\"
19-01-2002 21:46:41 Supervisor  Security alert displayed for rule Default Block Portal of Doom Trojan horse.
Remote computer (62.105.80.5, 27015)
19-01-2002 21:46:41 Supervisor  Rule \"Default Block Portal of Doom Trojan horse\" blocked (62.243.164.215,3700).  Details:
Inbound UDP packet
Local address,service is (62.243.164.215,3700)
Remote address,service is (62.105.80.5,27015)
Process name is \"N/A\"
19-01-2002 21:42:40 Supervisor  Security alert displayed for rule Default Block DeepThroat Trojan horse.
Remote computer (63.97.109.20, 27015)
19-01-2002 21:42:40 Supervisor  Rule \"Default Block DeepThroat Trojan horse\" blocked (62.243.164.215,2140).  Details:
Inbound UDP packet
Local address,service is (62.243.164.215,2140)
Remote address,service is (63.97.109.20,27015)
Process name is \"N/A\"
19-01-2002 21:30:46 Supervisor  Security alert displayed for rule Default Block Master Paradise Trojan horse.
Remote computer (194.237.39.238, 27015)
19-01-2002 21:30:46 Supervisor  Rule \"Default Block Master Paradise Trojan horse\" blocked (62.243.164.215,3129).  Details:
Inbound UDP packet
Local address,service is (62.243.164.215,3129)
Remote address,service is (194.237.39.238,27015)
Process name is \"N/A\"
19-01-2002 21:30:28 Supervisor  Security alert displayed for rule Default Block Rat Trojan horse.
Remote computer (161.115.160.154, 27015)
19-01-2002 21:30:28 Supervisor  Rule \"Default Block Rat Trojan horse\" blocked (62.243.164.215,2989).  Details:
Inbound UDP packet
Local address,service is (62.243.164.215,2989)
Remote address,service is (161.115.160.154,27015)
Process name is \"N/A\"
19-01-2002 21:28:18 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (207.199.1.105,http(80))
Process name is \"D:\\PROGRAMMER\\GAMESPY\\GAMESPY.EXE\"
19-01-2002 21:26:33 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (207.199.1.105,http(80))
Process name is \"C:\\WINDOWS\\SKRIVEBORD\\GAMESPYINSTALLER255STD.EXE\"
19-01-2002 21:22:10 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (207.199.1.105,http(80))
Process name is \"D:\\PROGRAMMER\\GAMESPY\\GAMESPY.EXE\"
19-01-2002 21:13:09 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (207.199.1.105,http(80))
Process name is \"D:\\TEMP\\GAMESPYINSTALLER254STD.EXE\"
19-01-2002 18:58:13 Supervisor  Port scan detected from address 62.243.164.215 At least 10 ports being probed.
19-01-2002 15:36:05 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (206.204.212.177,http(80))
Process name is \"D:\\PROGRAMMER\\SYMANTEC\\LIVEUPDATE\\LUCOMSERVER.EXE\"
18-01-2002 23:14:47 Supervisor  Port scan detected from address 62.243.164.215 At least 10 ports being probed.
18-01-2002 23:10:32 Supervisor  Port scan detected from address 62.243.164.215 At least 10 ports being probed.
18-01-2002 13:15:47 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (209.143.212.20,http(80))
Process name is \"D:\\PROGRAMMER\\MICROSOFT OFFICE\\OFFICE\\WINWORD.EXE\"
17-01-2002 22:34:30 Supervisor  Port scan detected from address 62.243.164.215 At least 10 ports being probed.
16-01-2002 23:15:24 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (17.254.3.194,http(80))
Process name is \"D:\\PROGRAMMER\\QUICKTIME ME\\QUICKTIMEPLAYER.EXE\"
16-01-2002 23:11:42 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (209.225.8.64,http(80))
Process name is \"D:\\GAMES\\SERVER WATCH\\SERVERWATCH.EXE\"
16-01-2002 22:51:44 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound UDP packet
Local address,service is (0.0.0.0,27016)
Remote address,service is (24.13.48.38,3622)
Process name is \"D:\\GAMES\\HALF-LIFE\\HLDS.EXE\"
15-01-2002 19:35:48 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (65.168.118.20,http(80))
Process name is \"D:\\GAMES\\UNREALTOURNAMENT_TOGO\\SYSTEM\\UNREALTOURNAMENT.EXE\"
15-01-2002 14:41:37 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound UDP packet
Local address,service is (0.0.0.0,1492)
Remote address,service is (80.62.157.158,65040)
Process name is \"D:\\GAMES\\HALF-LIFE\\HL.EXE\"
15-01-2002 14:23:38 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (208.6.85.34,http(80))
Process name is \"D:\\KH\\CRACK WHORE\\CRACKWHORE.EXE\"
15-01-2002 14:23:33 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (212.72.51.203,http(80))
Process name is \"D:\\KH\\CRACK WHORE\\CRACKWHORE.EXE\"
11-01-2002 13:15:21 Supervisor  This one time, the user has chosen to \"block\" communications.  Details:
Outbound UDP packet
Local address,service is (localhost,2347)
Remote address,service is (255.255.255.255,2347)
Process name is \"D:\\GAMES\\GHOST RECON\\GHOSTRECON.EXE\"
09-01-2002 21:37:06 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (pop3.mail.dk(195.41.46.134),smtp(25))
Process name is \"C:\\WINDOWS\\TEMP\\GM51.EXE\"
09-01-2002 21:36:19 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (159.153.231.55,smtp(25))
Process name is \"C:\\WINDOWS\\TEMP\\GM51.EXE\"
09-01-2002 16:15:47 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (207.46.197.113,http(80))
Process name is \"C:\\WINDOWS\\SYSTEM\\SUCATREG.EXE\"
09-01-2002 16:15:46 Supervisor  This one time, the user has chosen to \"block\" communications.  Details:
Outbound TCP connection
Remote address,service is (207.46.230.218,http(80))
Process name is \"C:\\WINDOWS\\SYSTEM\\SUCATREG.EXE\"
09-01-2002 14:43:21 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (64.49.220.24,ftp(21))
Process name is \"D:\\PROGRAMMER\\SMARTFTP\\SMARTFTP.EXE\"
07-01-2002 22:11:47 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (208.234.5.57,http(80))
Process name is \"D:\\KH\\WWWHACK\\WWWHACK.EXE\"
07-01-2002 22:11:47 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (194.47.61.118,http(80))
Process name is \"D:\\KH\\WWWHACK\\WWWHACK.EXE\"
07-01-2002 22:11:42 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (208.234.5.57,http(80))
Process name is \"D:\\KH\\WWWHACK\\WWWHACK.EXE\"
07-01-2002 20:21:52 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (207.46.106.88,http(80))
Process name is \"C:\\WINDOWS\\WUAUCLT.EXE\"
06-01-2002 22:44:18 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (64.77.42.34,http(80))
Process name is \"D:\\PROGRAMMER\\POPUP KILLER ME\\POPUPKILLER.EXE\"
06-01-2002 22:44:12 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Inbound TCP connection
Local address,service is (62.243.164.144,1152)
Remote address,service is (64.77.42.34,ftp-data(20))
Process name is \"D:\\PROGRAMMER\\POPUP KILLER ME\\POPUPKILLER.EXE\"
06-01-2002 22:44:04 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (64.77.42.34,ftp(21))
Process name is \"D:\\PROGRAMMER\\POPUP KILLER ME\\POPUPKILLER.EXE\"
06-01-2002 22:23:48 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Inbound TCP connection
Local address,service is (62.243.164.144,http(80))
Remote address,service is (62.22.37.200,4781)
Process name is \"D:\\PROGRAMMER\\WINPROXY 3.0\\WINPROXY.EXE\"
06-01-2002 22:23:40 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Inbound TCP connection
Local address,service is (62.243.164.144,http(80))
Remote address,service is (62.22.37.200,4738)
Process name is \"D:\\PROGRAMMER\\WINPROXY 3.0\\WINPROXY.EXE\"
06-01-2002 22:23:38 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Inbound TCP connection
Local address,service is (62.243.164.144,http(80))
Remote address,service is (62.22.37.200,4676)
Process name is \"D:\\PROGRAMMER\\WINPROXY 3.0\\WINPROXY.EXE\"
06-01-2002 22:23:37 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Inbound TCP connection
Local address,service is (62.243.164.144,http(80))
Remote address,service is (62.22.37.200,4606)
Process name is \"D:\\PROGRAMMER\\WINPROXY 3.0\\WINPROXY.EXE\"
06-01-2002 22:23:36 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Inbound TCP connection
Local address,service is (62.243.164.144,http(80))
Remote address,service is (62.22.37.200,4558)
Process name is \"D:\\PROGRAMMER\\WINPROXY 3.0\\WINPROXY.EXE\"
06-01-2002 22:23:35 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Inbound TCP connection
Local address,service is (62.243.164.144,http(80))
Remote address,service is (62.22.37.200,4521)
Process name is \"D:\\PROGRAMMER\\WINPROXY 3.0\\WINPROXY.EXE\"
06-01-2002 22:23:34 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Inbound TCP connection
Local address,service is (62.243.164.144,http(80))
Remote address,service is (62.22.37.200,4445)
Process name is \"D:\\PROGRAMMER\\WINPROXY 3.0\\WINPROXY.EXE\"
06-01-2002 22:23:33 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Inbound TCP connection
Local address,service is (62.243.164.144,http(80))
Remote address,service is (62.22.37.200,4190)
Process name is \"D:\\PROGRAMMER\\WINPROXY 3.0\\WINPROXY.EXE\"
06-01-2002 22:23:32 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Inbound TCP connection
Local address,service is (62.243.164.144,http(80))
Remote address,service is (62.22.37.200,4105)
Process name is \"D:\\PROGRAMMER\\WINPROXY 3.0\\WINPROXY.EXE\"
06-01-2002 22:23:24 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Inbound TCP connection
Local address,service is (62.243.164.144,http(80))
Remote address,service is (62.22.37.200,3630)
Process name is \"D:\\PROGRAMMER\\WINPROXY 3.0\\WINPROXY.EXE\"
06-01-2002 19:10:59 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (213.65.103.7,http(80))
Process name is \"D:\\PROGRAMMER\\WINSQUEEZE\\SQUEEZE.EXE\"
06-01-2002 19:10:59 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (134.214.100.6,daytime(13))
Process name is \"D:\\PROGRAMMER\\WINSQUEEZE\\SQUEEZE.EXE\"
06-01-2002 19:10:41 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (129.240.64.3,daytime(13))
Process name is \"D:\\PROGRAMMER\\WINSQUEEZE\\SQUEEZE.EXE\"
06-01-2002 19:10:33 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (129.240.64.3,daytime(13))
Process name is \"D:\\PROGRAMMER\\WINSQUEEZE\\SQUEEZE.EXE\"
06-01-2002 19:25:10 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (213.65.103.7,http(80))
Process name is \"D:\\PROGRAMMER\\WINSQUEEZE\\SQUEEZE.EXE\"
06-01-2002 18:43:56 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (63.111.44.122,http(80))
Process name is \"D:\\PROGRAMMER\\WINPROXY 3.0\\WINPROXY.EXE\"
06-01-2002 17:47:35 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (212.57.100.194,http-proxy(8080))
Process name is \"C:\\PROGRAMMER\\PROXY VERIFIER\\PAC.EXE\"
06-01-2002 17:25:23 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (193.70.181.3,http-proxy(8080))
Process name is \"C:\\PROGRAMMER\\A4PROXY\\A4PROXY.EXE\"
06-01-2002 17:22:12 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (207.109.247.94,http(80))
Process name is \"C:\\PROGRAMMER\\A4PROXY\\A4PROXY.EXE\"
06-01-2002 17:02:00 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (80.68.242.14,http(80))
Process name is \"D:\\PROGRAMMER\\DAP ME\\DAP.EXE\"
06-01-2002 17:02:00 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (216.167.113.144,http(80))
Process name is \"D:\\PROGRAMMER\\DAP ME\\DAP.EXE\"
06-01-2002 14:32:45 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (207.218.243.240,http(80))
Process name is \"D:\\GAMES\\HALF-LIFE\\PUNKBUSTER\\PB.EXE\"
06-01-2002 14:32:39 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (207.218.243.240,http(80))
Process name is \"D:\\GAMES\\HALF-LIFE\\PUNKBUSTER\\PB.EXE\"
06-01-2002 13:29:03 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound UDP packet
Local address,service is (0.0.0.0,1754)
Remote address,service is (63.251.143.218,27010)
Process name is \"D:\\GAMES\\HALF-LIFE\\HL.EXE\"
05-01-2002 21:47:05 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (www.eksperten.dk(195.184.125.74),http(80))
Process name is \"C:\\WINDOWS\\EXPLORER.EXE\"
05-01-2002 18:04:20 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (207.46.196.109,http(80))
Process name is \"C:\\PROGRAMMER\\WINDOWS MEDIA PLAYER\\MPLAYER2.EXE\"
04-01-2002 23:56:43 Supervisor  The user has created a rule to \"block\" communications.  Details:
Outbound TCP connection
Remote address,service is (216.86.111.55,18342)
Process name is \"C:\\PROGRAMMER\\ACD SYSTEMS\\ACDSEE\\ACDSEE.EXE\"
04-01-2002 19:43:04 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (213.248.107.12,http(80))
Process name is \"D:\\PROGRAMMER\\KAZAA ME )(\\KAZAA.EXE\"
04-01-2002 19:43:04 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (213.248.107.12,1214)
Process name is \"D:\\PROGRAMMER\\KAZAA ME )(\\KAZAA.EXE\"
04-01-2002 19:43:04 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (213.248.112.35,http(80))
Process name is \"D:\\PROGRAMMER\\KAZAA ME )(\\KAZAA.EXE\"
04-01-2002 19:21:25 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (pop3.mail.dk(195.41.46.134),pop3(110))
Process name is \"C:\\PROGRAMMER\\NORTON ANTIVIRUS\\NAVAPW32.EXE\"
04-01-2002 18:20:19 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound UDP packet
Local address,service is (0.0.0.0,27960)
Remote address,service is (192.246.40.65,27952)
Process name is \"D:\\GAMES\\RETURN TO CASTLE WOLFENSTEIN\\WOLFMP.EXE\"
04-01-2002 18:17:24 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (206.228.51.3,http(80))
Process name is \"D:\\PROGRAMMER\\MULTIPROXY\\MPROXY.EXE\"
04-01-2002 18:17:24 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (211.10.10.83,http(80))
Process name is \"D:\\PROGRAMMER\\MULTIPROXY\\MPROXY.EXE\"
04-01-2002 18:17:24 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (195.15.66.4,8000)
Process name is \"D:\\PROGRAMMER\\MULTIPROXY\\MPROXY.EXE\"
04-01-2002 18:17:24 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (206.183.7.90,http(80))
Process name is \"D:\\PROGRAMMER\\MULTIPROXY\\MPROXY.EXE\"
04-01-2002 18:17:24 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (210.175.52.100,http(80))
Process name is \"D:\\PROGRAMMER\\MULTIPROXY\\MPROXY.EXE\"
04-01-2002 18:17:24 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (209.177.61.130,http(80))
Process name is \"D:\\PROGRAMMER\\MULTIPROXY\\MPROXY.EXE\"
04-01-2002 18:17:24 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (62.159.140.130,http-proxy(8080))
Process name is \"D:\\PROGRAMMER\\MULTIPROXY\\MPROXY.EXE\"
04-01-2002 18:17:24 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (211.6.244.202,http(80))
Process name is \"D:\\PROGRAMMER\\MULTIPROXY\\MPROXY.EXE\"
04-01-2002 18:17:11 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (211.1.149.10,http(80))
Process name is \"D:\\PROGRAMMER\\MULTIPROXY\\MPROXY.EXE\"
04-01-2002 15:30:52 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (207.68.131.27,http(80))
Process name is \"C:\\WINDOWS\\WUAUBOOT.EXE\"
04-01-2002 15:25:27 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (195.43.236.139,http(80))
Process name is \"C:\\PROGRAMMER\\SYMANTEC\\LIVEUPDATE\\LUCOMSERVER.EXE\"
03-01-2002 23:24:40 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (80.69.224.150,202)
Process name is \"C:\\PROGRAMMER\\INTERNET EXPLORER\\IEXPLORE.EXE\"
03-01-2002 23:23:52 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (80.69.224.150,202)
Process name is \"C:\\PROGRAMMER\\INTERNET EXPLORER\\IEXPLORE.EXE\"
03-01-2002 23:09:00 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (80.69.224.150,202)
Process name is \"C:\\PROGRAMMER\\INTERNET EXPLORER\\IEXPLORE.EXE\"
03-01-2002 22:36:06 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (195.8.2.50,http(80))
Process name is \"D:\\PROGRAMMER\\A4PROXY\\A4PROXY.EXE\"
03-01-2002 22:34:48 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (12.29.106.211,http-proxy(8080))
Process name is \"D:\\PROGRAMMER\\A4PROXY\\A4PROXY.EXE\"
03-01-2002 22:34:40 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (207.109.247.94,http(80))
Process name is \"D:\\PROGRAMMER\\A4PROXY\\A4PROXY.EXE\"
03-01-2002 22:34:21 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (195.31.181.131,http(80))
Process name is \"D:\\PROGRAMMER\\A4PROXY\\A4PROXY.EXE\"
03-01-2002 22:06:15 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (pop3.mail.dk(195.41.46.150),pop3(110))
Process name is \"C:\\PROGRAMMER\\OUTLOOK EXPRESS\\MSIMN.EXE\"
03-01-2002 21:52:25 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (152.163.226.185,http(80))
Process name is \"C:\\PROGRAMMER\\INTERNET EXPLORER\\IEXPLORE.EXE\"
03-01-2002 21:39:21 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (62.243.140.123,19274)
Process name is \"D:\\PROGRAMMER\\ICQ ME\\ICQ.EXE\"
03-01-2002 21:39:21 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (205.188.165.25,http(80))
Process name is \"D:\\PROGRAMMER\\ICQ ME\\ICQ.EXE\"
03-01-2002 21:39:14 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (205.188.165.25,http(80))
Process name is \"D:\\PROGRAMMER\\ICQ ME\\ICQ.EXE\"
03-01-2002 21:39:11 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (205.188.248.89,http(80))
Process name is \"D:\\PROGRAMMER\\ICQ ME\\ICQ.EXE\"
03-01-2002 21:39:07 Supervisor  The user has created a rule to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (205.188.248.89,http(80))
Process name is \"D:\\PROGRAMMER\\NORTON INTERNET SECURITY\\SYMPROXYSVC.EXE\"
03-01-2002 21:39:07 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (62.243.140.123,19274)
Process name is \"D:\\PROGRAMMER\\ICQ ME\\ICQ.EXE\"
03-01-2002 21:39:04 Supervisor  This one time, the user has chosen to \"permit\" communications.  Details:
Outbound TCP connection
Remote address,service is (205.188.248.89,http(80))
Process name is \"D:\\PROGRAMMER\\ICQ ME\\ICQ.EXE\"

www.anmeld.politi.dk ser ikke særlig anonym ud...
Ringer de til en?

Umiddelbart så ville jeg scanne min PC for Trojans hvis jeg var dig.
De Trojans der optræder i din liste er på port 27015 som er Half-Life Multiplayer port.

Så hvis du har spillet Half-life online inden for den sidste tid, så er din IP registreret endnu på de forskellige servere. Det kan give dig utallige \"indbruds-forsøg\".

Alene navnet Trojan lyder ikke betryggende - har du scannet din PC for virus?

Du kan også være udsat for forskellige forsøg fra andre brugere som intetanende er ramt at en virus i stil med Nimda. Det betyder, at de ikke ved de har den og derfor er mere eller mindre uskyldige.

Alt det har de andre også forklaret dig tidligere - denne gang håber jeg så du læser hvad der står.

Med de programmer du har kørende så ville jeg nok tænke over det 2 gange inden jeg anmelder nogen - den kunne tænkes at fare tilbage på dig selv.
Medmindre du har betalt for alle dine programmer naturligvis.

ok, jeg spillede Counter-Strike lige inden det hele begyndte så det er nok det!

Jeg genstartede lige computeren og kørte en virus scan (den fandt nogle trojans), nu er \"hacker angrebende\" stoppet!

Jeg har valgt ikke at anmelde nogen!

Desuden har jeg sat flere point til rådighed og hvis du (Prodic) vil have point skal du blot lave et svar, alle der har svaret relevant vil få point!

Nej tak!

mange tak for hjælpen!

Hvis en rigtig hacker virkrlig vil ind i ens computer kommer han det om du vil eller ej, det er bare et spørgsmål om tid. En firewall er ligesom en mur omkring et hus jo højere man bygger muren jo sværere vil det være at komme over, men så finder man jo bare stige der er lang nok. Håber i kan følge mig:)

>Jeg har valgt ikke at anmelde nogen!

Det er vel nok storsindet af dig, specielt når du ikke får noget ud af det!

Hacking og forsøg på hacking er strafbart, men portscanning alene er ikke nok til at underbygge "forsøg på hacking", idet det ikke beviser "ond hensigt".

Politiet vil sikkert tage imod din anmeldelse, men videre kommer det ikke.
Sådan er livet...