×

Switch Account

Hacking Attempts / Block IP

Reply
Highlighted
Copper Contributor
Copper Contributor
Posts: 15
Registered: ‎05-12-2012

Hacking Attempts / Block IP

Message 1 of 4
(1,901 Views)

In the last few months, someone from overseas has been attempting to hack my computer via port forwarding that I have configured. I know, because my event logs are full of these (some information redacted):

 

Log Name:      Security
Source:        Microsoft-Windows-Security-Auditing
Date:          3/26/2013 12:15:03 AM
Event ID:      4625
Task Category: Logon
Level:         Information
Keywords:      Audit Failure
User:          N/A
Computer:     

Description:
An account failed to log on.

Subject:
 Security ID:  SYSTEM
 Account Name:  
 Account Domain:  PRIDEDALLAS
 Logon ID:  0x3e7

Logon Type:   10

Account For Which Logon Failed:
 Security ID:  NULL SID
 Account Name:  jonas4
 Account Domain:  

Failure Information:
 Failure Reason:  Unknown user name or bad password.
 Status:   0xc000006d
 Sub Status:  0xc0000064

Process Information:
 Caller Process ID: 0x22b4
 Caller Process Name: C:\Windows\System32\winlogon.exe

Network Information:
 Workstation Name:
 Source Network Address: 188.130.251.74
 Source Port:  3569

Detailed Authentication Information:
 Logon Process:  User32
 Authentication Package: Negotiate
 Transited Services: -
 Package Name (NTLM only): -
 Key Length:  0

 

I've changed the port, which throws him off the trail for a while, but then it starts again. Can I turn that IP address into FiOS for them to block? Are there other protocols that I should follow? FBI?

3 REPLIES 3
Highlighted
Platinum Contributor III
Platinum Contributor III
Posts: 5,881
Registered: ‎07-22-2009

Re: Hacking Attempts / Block IP

Message 2 of 4
(1,862 Views)

They make port scanners available online for free downloads. 

 

So he probably has your IP Address

 

Everytime you change your port he simply scans it again and finds the new port, and then trys to hack you with dictionary or brute force attacks. 

 

I Think you should probably just try to change your IP.  

 

Unless he has a virus on your PC that sends him the new IP Address then he shouldn't be able to find you, unless you are on websites that broadcast your IP. 

 

To change your IP try this.   

 

go to www.whatismyip.org write down your ip address.

 

Actiontec MI424-WR - RELEASE DHCP
Click on MY NETWORK icon at the top.
Select NETWORK CONNECTIONS from the menu on the left.
Select BROADBAND CONNECTION (coax or ethernet) depending on your connection to the ONT.
Click SETTINGS
Click RELEASE
Click APPLY
Disconnect the router immediately to prevent it from re-requesting a DHCP lease.  You have to NOW leave it off for 10-20 minutes. 

 

If you plug it in too fast, it will probably get the very same IP Address that you had before. 

Now go back to www.whatismyip.org and make sure that it changed.

 

 

Highlighted
Copper Contributor
Copper Contributor
Posts: 15
Registered: ‎05-12-2012

Re: Hacking Attempts / Block IP

Message 3 of 4
(1,851 Views)

Sorry, I should have give more detail. I realize how he is doing it (I'm an I.T. person myself) and I suppose I could change my IP, but I don't want to. My equipment is fairly secure. I am looking for an alternate recourse.

Highlighted
Trivia Champ
Trivia Champ
Posts: 5,912
Registered: ‎09-24-2008

Re: Hacking Attempts / Block IP

Message 4 of 4
(1,823 Views)

#1 I went to http://network-tools.com/

 

#2 Selected Network Lookup

 

#3 Typed in that IP Address.

 

#4 Pressed Go

 

#5 That site gave:

 

a) An abuse contact

 

b) and a link to http://www.ripe.net/whois

 

#6 I used that other URL and I see another abuse contact.

 

**

 

Your Directions are: Get the abuse e-mal addresses and report the abuse.

If you are the original poster (OP) and your issue is solved, please remember to click the "Solution?" button so that others can more easily find it. If anyone has been helpful to you, please show your appreciation by clicking the "Kudos" button.


 

How-To Videos
 
The following videos were produced by users like you!
   
Videos are subject to the Verizon Fios Community Terms of Service and User Guidelines and contains content that is not created by Verizon.
Covid19


Browse Categories
Categories:
Posts

Verizon Troubleshooters
Unable to find your answer here? Try searching Verizon Troubleshooters for more options.