I installed a firewall yesterday on my broadband after a hack attack, and lo and behold, I noticed a good number of attackers going after my system. Being a little peeved about this, I proceeded to identify where the attackers were coming from (firewall statistics, trace route, nslookup) and notified their respective ISPs.
Today, I start up my internet and shortly after getting on line my firewall starts going crazy. Turns out, one of my attackers must have gotten kicked off his ISP or warned, because it appears I’m now under an attack by PC “zombies”. As I watched in amazement, the number of PCs attacking me kept growing and growing.
After 5 minutes of this, I decided it was time to change the identity my PC was using. There are two or three things he could have been looking for. It wasn’t the IP, as the IP is dynamically assigned when I log into my DSL provider. It had to be my PC Name, my workgroup name (a remote possibility), or my network card’s MAC address. I figured it was the MAC address, more than likely, as it acts as a “true” identifier of a PC.
Still to be safe, I changed all three in my Network Neighborhood properties and rebooted my PC. Since then, I’ve had a minor number of probes. Part of it may be due to what I set my MAC address to. It is an unusual number that probably doesn’t match any manufacturer’s MAC range. I must admit, the number of probes is unusually small compared to yesterday’s number and especially to earlier this evenings.
All in all, it was an unusual 5 or 10 minutes this evening, that I found interesting. Somewhere out there, is some pimple faced 15 year old hacker wannabe waiting for me to “resurface”, so he can continue his attacks. I find it humorous thathe will be wasting his resources waiting for me, when I’m already back out in the world wide web figuratively thumbing my nose at him….
