1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

what to do with IP addresses???

Discussion in 'Virus & Other Malware Removal' started by lax30, Sep 24, 2003.

Thread Status:
Not open for further replies.
  1. lax30

    lax30 Thread Starter

    Joined:
    Sep 21, 2003
    Messages:
    44
    When someone is caught trying to enter your computer via a port and your Norton Firewall catches them and shows an IP address, how can that be used to stop this person in the future or to contact security about the person on their domain?
     
  2. NiteHawk

    NiteHawk

    Joined:
    Mar 9, 2003
    Messages:
    4,699
    About the best thing you can do is to resolve the IP into a name and then address an email to [email protected].
    Logically explain what happened giving all the facts such as time and date and attach that section of your log file that gives the TCP/ID, port, date and time as a TEXT file.

    Due to all the other internet traffic during that time period take the time to edit out any entries that don't belong to their user.

    Send the email to [email protected]. If you are lucky, you might get a reply from the ISP. But from my experience, don't hold your breath. I get a reply in about 1 in 7
     
  3. NiteHawk

    NiteHawk

    Joined:
    Mar 9, 2003
    Messages:
    4,699
    If you want to save time with editing and get a file with just that IP, I use a version of the old UNIX utility called egrep.
    The UNIX command would be
    cat filename | egrep 123.123.123.123 > newfile
    The DOS version would be
    type filename.txt |egrep 123.123.123.123 > newfile.txt

    You end up with a flat file named newfile.txt that contain all the lines with just the specified TCP/ID (which would include time, date, port # and so on).

    If you want to use something like that I would suggest a Google search for "egrep for DOS" or "egrep for windows"
    The different "flavors" of the command are grep, egrep, and fgrep. Egrep will give you the whole line.

    Make sure the firewall log file is a TEXT file and not from a word processor.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/167003

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice