short version (sorry mike =)
POLITICALLY CORRECT approach - report the abuse to contacts retrieved from
the WHOIS query.
http://ww1.arin.net/tools/rwhois.html
hopfully the ISP will disconnect the owner of the IP address, Dad will find
out what Junior did and will whip out a can of whoop-butt that he keeps
under his belt.
...be glad your firewall did it's job in detection.
VIGILANTE APPROACH - hack them back by scanning their ports, fishing for
information, and vulnerabilities.
***NOT RECOMMENDED***
obviously the perp has a lot of time on his/her hands... if they see they
are being counter attacked they can easily bring down your DSL/cable/$700 T1
down to a sub 300 baud modem by using a hacked $10 dial up connection... or
worse. Any good hacker will probably be using someone's connection that
they "jacked" anyways... chances are you will be retaliating on some
innocent victim that already had their system compromised.
http://www.insecure.org/nmap/
http://www.insecure.org/
http://www.netadmintools.com/art299.html
http://winpcap.polito.it/
http://netgroup-serv.polito.it/windump/
http://www.datanerds.net/~mike/dsniff.html
...
countless others tools
...or...
Use any Linux distro that has those commands included.
My conclusion... Keep patching those numerous POS MS Windows flaws
discovered monthly (or go download Linux for 'free' =) and grease that
firewall.
|