First a bit of history:
The term "hacker" used to be misused, as a hacker used to be someone who dissasembled (hacked) software to rewrite the code so they don't have to pay for it. I use to do this
The correct term used to be "cracker", as a cracker used to be someone who "cracked" into another's computer.
Today the term hacker and cracker has been reversed.
1.) Never use more than one firewall as they can cancel each other out.
2.) Always keep firewall definitions updated.
3.) Typically, firewalls (I recommend Nortons) will tell you what type of attack was used and the IP address. If yours does this, great! it's updated and working...Don't mess with it.
4.) Use a third party anti-virus program (I recommend McAffee or Norton). Never use more than one anti-virus program, because they WILL cancel each other out.
5.) If you want to trace an IP address, use
WHOIS or
INTERNIC. However, the individual most likely has his IP proxied using SOCKS 4 or SOCKS 5 protocols, if the person doesn't, he's an idiot. Assuming that it is proxied, you will never trace it.
6.) If you don't want to use either WHOIS or INTERNIC, I recommend VisualRoute.
7.) Always keep your OS updated. Microsoft always posts critical updates. Just go to your Control Panel and click on Windows Update.
8.) It is very common that your firewall is reporting a hack attempt that's false. If you want to check this, contact your Internet Service Provider (ISP) and give them the IP address. BlackIce Defender gives false hack attempts.
9.) Get to know what makes a hacker tick.
Hacker Manifesto,
Script Kiddie and
WhiteHat
10.) The best firewall in the world is a router (I recommend LinkSys). These are impossible to hack because it assigns a MAC (
Media
Access
Control) address. Routers use headers and forwarding tables to determine the best path for forwarding the packets, and they use protocols such as ICMP to communicate with each other and configure the best route between any two hosts.
One last note if you attempt to trace an email address:
A single PC on the Internet can be running both a Web server and e-mail server. If the PC's IP address, say, 227.134.196.101, a Web browser that looks at 227.134.196.101 will find Web pages there, while an e-mail program will find mail at 227.134.196.101. They don't get confused because (this is the crucial part) TCP/IP uses different 'ports' for each type of service. Ports are like lanes on a motorway, and keep the Web traffic and e-mail traffic separate. Web services generally run on port 80, while e-mail runs on ports 25 and 110. There are thousands of ports to choose from, and you can run any service on any port, but there are standards that most people abide by.
Steve LeMaster
Edited 3 time(s). Last edit at 04/07/2005 02:51PM by Steve LeMaster.