Spoofing Net Attack

Nestor · Post by **Nestor** » Tue Mar 30, 2004 5:08 pm

I am receving some spoofing attacks, I am not realy aware of what this is, or if it is a serious attack and I should contact my server administrator os something.

I have read and, as far as I understand, it is a fake connection to lead you to, let say, Netscape, but it is not Netscape. But this is the basic concept. My Panda Max stops this telling me someone is trying to get into the computer, through the use of spoofing.

What do you know about it? How can I prevent it if posible be?

BTW: It seems the net is going totaly mad... there are problems, viruses and attacks absolutely everywere... what the heck is people doing, what's going on?

Nestor · Post by **Nestor** » Tue Mar 30, 2004 5:56 pm

I hate to read about those things, but I will have to:

http://www.securitymanagement.com/libra ... ch0304.pdf

astroman · Post by **astroman** » Tue Mar 30, 2004 6:25 pm

On 2004-03-30 17:08, Nestor wrote:
...BTW: It seems the net is going totaly mad... there are problems, viruses and attacks absolutely everywere... what the heck is people doing, what's going on?

well, progress

today they have computers '...important for my kid's future...'

cheers, Tom

Nestor · Post by **Nestor** » Tue Mar 30, 2004 11:08 pm

Ho, I see... so it was your sun the one trying to get into my machine

at0m · Post by **at0m** » Wed Mar 31, 2004 9:54 am

Hi Nestor,

Don't be afraid of everything that hits your firewall, there's a lot of traffic going on. I once paniced when the firewall said a port being slammed was for a p2p program that I don't have. It hit me for days, from the same adress. That made me suspicious. Ran a whois on the IP, and it appeared one of my providers' proxy servers

I had a good read on http://www.grc.com/ last week. It's a security website with some neat tests you can run to see how vulnerable your machine is. It also offers hints pages etc.

Here's some of my favorite pages of grc:
http://www.grc.com/dos/grcdos.htm
http://www.grc.com/dos/xpconference.htm

Take care!

at0m.

Nestor · Post by **Nestor** » Thu Apr 01, 2004 11:52 am

That's great atOmic, thank you for the links

I am not afreid of the attack itself, but must be cusious today cos I'm doing an important job, and have to keep everything from being damaged or loosing data. Of course I have a backup of important files, but I don't backup every day, but once a week cos of time, it takes me a long time to do it. It's a matter of space.

Yes, exactly like you, I have received, by periods of 5 to 30 minutes, hundreds of spoogings, from the very same address, that's why I was wondering what was it...

I'll do the checks suggested in the page you send me, than you

Post by **garyb** » Fri Apr 02, 2004 2:22 am

i have gotten an email from NI saying that an email had come from my address containing a virus. funny 'cause my computer is clean and NI is not on any of my address books as i own no NI products nor have i ever tried to contact them. i can only assume that my email address is here and someone.........

Nestor · Post by **Nestor** » Fri Apr 02, 2004 12:33 pm

Esactly Garyb, that's the way the work. Unfortunately, you need to have your email address and hopefully, not having to change it all the time. But for the forum itself, I preffer not having my mail expoused. I would give my email exclusivily to people I know, and have been here for a while, otherwise, I would probably create a new address and would open it from an internet caffé someware. This is what I did last time, and I saved myself from something nasty.