Hacked and craked, windows at fault?

[digitaloracle]

If the guy has any brains, he is probably working from some difficult to trace connection. It will take more than an IP to track him down...
Do you dial in to AOL through their program? If so try and use windows to connect. Perhpas that will protect you be allowing the firewalls to monitor your actual connection, instead of having aohell manage the whole thing. Better yet, try your netzero account. I tried that on a neighbor's machine and it actually connected through a normal windows request (usually the cheap, or crappy ISPs need to have their won dialer, to pip adware or viruii through). Most of what I said is just speculation, ie I don't completetly know what I am talking about.

BTW, is bouncing the same as pinging?

 

[PP Mguire]

If the guy has any brains, he is probably working from some difficult to trace connection

yea he was routed through aol servers, and direcway servers. idk if he was through anythign else but i recognized the IPs of those right off the bat. Aohell dosent manage much anymore cuase ive disabled alot of aohells programs from inside and outside. My zonealarm pretty much wathces the whole worx and it alerts me for everything now. i had my zonealarm pretty lax but now ive got everything on high for maximum protection. and i dont use my netzero cause it has started crashin. i gotta reinstall it but im to lazy to use it. on a plus the high speed is disabled 3/4s of the time so i get really slow ass conections. (gay shit) all adware and that shit is blocked from zonealarm as well, so i dont have to worry about it at all.
205.171.8.222
or
172.30.81.90
could be either one.

 

[tribalsun]

Firstly, sorry to see how many problems some jackass is causing you. Secondly, 4 firewalls? That's overkill and your probably weakening your protection rather than helping it. Multiple firewalls can cause many conflicts often relegating them near useless when hardcore attacks occur. So, I would suggest the following.

1) Change all your passwords, for everything!
2) Back up any important data.
3) Format and reinstall your OS.
4) Only use 1 firewall.
5) Connect to the net and go to GRC.com and run "Shields Up" to test your firewall.

As for your IP, since your on dial-up I presume your IP should change with each log-on. If you do have a static IP, you can use release/renew from the command prompt to get a new one if your not given one after your new connection has been established. You may also want to consider configuring your browser to use a proxy server. Best of luck to ya!

 

[PP Mguire]

ok im only running one firewall right now, and zonealarm. according to the site you sent me it says ive passed all the tests w/ stealth machine or something. all i saw on the tests was green across the board which means stealth. so it loks like i will be fine. alrighty, im gonan do everyhting else and tell yall how it goes.

 

[EricB]

Firstly, sorry to see how many problems some jackass is causing you. Secondly, 4 firewalls? That's overkill and your probably weakening your protection rather than helping it. Multiple firewalls can cause many conflicts often relegating them near useless when hardcore attacks occur. So, I would suggest the following.

1) Change all your passwords, for everything!
2) Back up any important data.
3) Format and reinstall your OS.
4) Only use 1 firewall.
5) Connect to the net and go to GRC.com and run "Shields Up" to test your firewall.

As for your IP, since your on dial-up I presume your IP should change with each log-on. If you do have a static IP, you can use release/renew from the command prompt to get a new one if your not given one after your new connection has been established. You may also want to consider configuring your browser to use a proxy server. Best of luck to ya!

2 firewalls. 1 software 1 hardware

 

[tribalsun]

2 firewalls. 1 software 1 hardware

Agreed EricB, I was speaking of software firewalls.

 

[PP Mguire]

i cant get a hardware right now. but im working on it. it was actualy the first thing i thought of really.

 

[TheMajor]

A decent firewall has a logfile. You can always use it to see the remote IP. Some firewalls (like Sygate) also have a back trace feature.

 

[diabloII]

OrgName: Colorado SuperNet, Inc.
OrgID: CSN
Address: 950 17th Street
Address: Suite 1900
City: Denver
StateProv: CO
PostalCode: 80202
Country: US

NetRange: 205.168.0.0 - 205.171.255.255
CIDR: 205.168.0.0/14
NetName: CSN-BLOCK-7
NetHandle: NET-205-168-0-0-1
Parent: NET-205-0-0-0-0
NetType: Direct Allocation
NameServer: DCA-ANS-01.INET.QWEST.NET
NameServer: SVL-ANS-01.INET.QWEST.NET
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 1995-03-17
Updated: 2001-05-04

TechHandle: QN-ARIN
TechName: NOC
TechPhone: +1-703-363-3001
TechEmail: support@qwestip.net

OrgAbuseHandle: QIA2-ARIN
OrgAbuseName: Qwest, Communications
OrgAbusePhone: +1-877-886-6515
OrgAbuseEmail: abuse@qwest.net

OrgNOCHandle: QIN-ARIN
OrgNOCName: Qwest IP NOC
OrgNOCPhone: +1-877-886-6515
OrgNOCEmail: support@qwestip.net

OrgTechHandle: QIA-ARIN
OrgTechName: Qwest IP Admin
OrgTechPhone: +1-877-886-6515
OrgTechEmail: ipadmin@qwest.com

OrgAbusePhone: +1-877-886-6515 call that and file abuse report?

 

[diabloII]

traceroute: Warning: Multiple interfaces found; using 216.19.223.17 @ hme0
traceroute to 205.171.8.222 (205.171.8.222), 30 hops max, 40 byte packets
1 216.19.223.1 (216.19.223.1) 1.334 ms 0.946 ms 0.907 ms
2 phnx-core-7513.getnet.net (216.19.201.247) 61.324 ms 229.209 ms 1.273 ms
3 phnx-core2-7513.getnet.net (216.19.201.248) 1.061 ms 1.067 ms 0.806 ms
4 s1-0.ca01.phx01.atlas.cogentco.com (38.112.7.25) 1.683 ms 1.653 ms 1.940 ms
5 s0-0.core01.lax01.atlas.cogentco.com (154.54.2.5) 13.646 ms 12.838 ms 12.761 ms
6 p2-0.core01.lax05.atlas.cogentco.com (154.54.2.214) 14.198 ms 12.578 ms 12.736 ms
7 qwest.lax05.atlas.cogentco.com (154.54.11.82) 12.962 ms 12.822 ms 13.200 ms
8 205.171.213.105 (205.171.213.105) 14.682 ms 13.457 ms 13.398 ms
9 205.171.13.45 (205.171.13.45) 14.309 ms 14.174 ms 13.201 ms
10 205.171.13.1 (205.171.13.1) 13.514 ms 13.795 ms 13.859 ms
11 205.171.205.26 (205.171.205.26) 40.247 ms 40.164 ms 39.943 ms
12 205.171.31.42 (205.171.31.42) 41.165 ms 40.863 ms 40.219 ms
13 205.171.8.146 (205.171.8.146) 59.885 ms 60.885 ms 60.255 ms
14 205.171.21.150 (205.171.21.150) 60.057 ms 61.204 ms 60.262 ms
15 205.171.8.154 (205.171.8.154) 74.298 ms 74.337 ms 74.924 ms
16 205.171.8.222 (205.171.8.222) 74.758 ms 77.222 ms 75.330 ms

dunno if that helps

qwest.lax05.atlas.cogentco.com

seems like he's on qwest in the la area (lax)

or maybe he's a colorado b/c of the report above?

edit: btw, if you want sygate firewall like themajor said, i'd be glad to send it over to you via AIM (it's like 9500kb in a zip file)