[Dshield] blocking the DSL hacker

Hernandez, Moses MHernandez3 at mercymiami.org
Mon Jan 23 14:54:47 GMT 2006


I would recommend instead of a firewall only look into a Host IPS. They
are more difficult to use however they are probably the way to go.

PrevX I've heard is free and good (as long as you use the beta its
free!)

A good alternative is ZoneLabs with the Checkpoint SmartDefense filters.
Now that they have purchased Sourcefire you will probably get an upgrade
to a snort based IDS in that sucker within a few years I am sure.

Moses


- -----Original Message-----
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org] On Behalf Of Mel
Sent: Saturday, January 21, 2006 4:48 PM
To: list at lists.dshield.org
Subject: [Dshield] blocking the DSL hacker




My friends Earthlink DSL account has become useless lately.
 As soon as the computer is turned on a constant barrage begins
coming from diverse machines on the Verizon network.(70.20.x.x)
 Most attempts seem to be netBIOS in nature, but it isn't very long,
maybe as short as ten minutes, until my friends machine is full of
viruses and begins acting very unstable.
 We tried to get to the AVG website to update the anti-virus but
always get infected before we could wend our way to the AVG site in
Germany.
 We have a linksys router on hand but don't know anything about
putting it to use. I remember reading on the Dshield forum that a
router would be helpful in stopping intrusions. We are using a
Netopia modem.
 Can someone please point us in the right direction. Thanks many many
in advance.
                                      Mel. 
 

This message was sent via the web forum at
http://forum.dshield.org

_________________________________________
Learn about Intrusion Detection in Depth from the comfort of your own
couch:
https://www.sans.org/athome/details.php?id=1341&d=1

_______________________________________________
send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1 - not licensed for commercial use: www.pgp.com

iQA/AwUBQ9Tjb6xTsMlIjlJcEQIOvgCeOktjXVqcFRDcBNXklPppoMUMzmIAoOaO
JgP388NUEGh4PkwEUmOj9R5S
=+Qrl
-----END PGP SIGNATURE-----

_________________________________________
Learn about Intrusion Detection in Depth from the comfort of your own
couch:
https://www.sans.org/athome/details.php?id=1341&d=1

_______________________________________________
send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list
**********************************************************************************************
IMPORTANT: The contents of this email and any attachments are confidential. They are intended for the 
named recipient(s) only.
If you have received this email in error, please notify the system manager or the sender immediately and do 
not disclose the contents to anyone or make copies thereof.
*** Mercy Hospital has scanned this email for viruses, vandals, and malicious content. ***
**********************************************************************************************




More information about the list mailing list