What should i do when ppl scan me for open port (ie 27374) to find subseven trojan i believe. I have their ip, the time they made the port scan etc. What do you guys do?
The most annoying part is when same user runs a port scan twice a day, i know its a hostmask scan.. because other comptuers in the network gets scanned aswell.
Is there any anti-trojan/virus or whatever out there that sends a log of what the user have done to their
abuse@isp.xxx or do i haveto do that manually?
I have the ips below from the most recent attacks on my computer, these are 3 days of port scans...
81.218.84.144
61.32.214.23
211.193.18.138
67.169.90.120
207.112.51.124
65.162.185.3
67.113.198.72
82.41.168.37
67.73.138.179
81.218.223.214
67.169.90.120
80.25.89.86
9.29.140.179
69.29.140.179
24.243.69.135
207.112.55.18
4.42.52.124
63.53.204.168
81.192.46.5
69.21.212.187
82.49.96.128,3129 - Master Paradise Trojan horse
213.78.103.58
211.109.142.209
80.181.223.223
66.142.12.109
69.29.146.159
61.254.248.242
What should i do, what can a port scan victim do, should i just send mail to
abuse@isp.xxx with the log of what the user have done or just ignore it. But the thing is if you ignore a port scan that means the hacker is gonna try find another victim using the port scan until he finds one and then connect.
I ask again, do you guys just ignore these logs or do you do anything with them?.. i better ask again is there any program, because norton wont do, that can send a mail to abuse section of their isp with the logs and time etc?
Linear Mode
