Hello Splatt ([EMAIL PROTECTED]),
at 10:15:05, 05-Mai-00, you wrote:
[snip]
>
> Could be a smurf attack, even though the victum of a smurf attack will
> usually only recieve icmp replies from aload of misconfigured routers.
> Sometimes Miami will pick up a few icmp request or ping floods as
> well.
>
> This, you can do nothing about. You could always find a cheap unix
> shell provider and set up a irc proxy bouncer on the shell, where you
> connect to the proxy, send a password then use the shell's hostname to
> use as your own through AmIRC.. This can be a hassle when doing it
> every time.. But if the person tried to attack you, he will be trying
> to flood a T3 shell server. Even though there is ways to find out your
> real IP through a shell (like if finger is enabled on it).
>
> But, anyway.. Miami cannot stop a user from wasting your bandwidth..
>
>> I will EMail my ISP also and ask them for advice, but until then... I
>> am not sure if they can get to that person, since even when on IRC he
>> seems to hide his real IP address.
>
> Yeah, send an e-mail or ring your ISP. Ask them to block the floods
> from you, they should probably have the floods logged. This is all you
> can really do.
>
Well, I did so, and all they gave me is an URL of a lame mIRC script, I
suspect they just did not understand that I use Amiga... at times I
forget that I live in Spain, and that Spain belongs to Africa...
> If you want to find out who it is though... whois the person who
> attacks you on IRC, get his [EMAIL PROTECTED] and type in shell/CLI:
>
> miami:miamifinger user@host
> replacing the user@host with his user@hostname ofcourse. :)
>
> It may or may not tell you his/her name and IP address he/she is
> logged in with.
> But most of the time the finger service is disabled on shell
> providers.
>
> Also trying e-mailing the admin of the shell/ISP he is using.
>
His ISP he Telmex, and Telmex is banned from DALnet (where he is on).
Also, I guess they do not really care anyway, and even if they did, that
user surely knows how to avoid problems of that kind.
>
>> Any help appreciated.
>
> Here is a few tips that may help protect you though. Try turning off
> services in Miami (database/iNetD) that are not needed. Like chargen,
> echo, finger..
>
> Also, he may be using an old exploit on you that disconnects some
> modems. To block this, you add the following into your init string in
> the Miami modem settings: S2=255
>
> Like, if your init string is:
>
> (Just an example) AT&F&K3&C1&D0\r replace it with:
> AT&F&K3&C1&D0S2=255\r
>
> Don't put any spaces in it, and look at your modem's manual if you get
> stuck.
>
> This added to your init string will stop + + + commands being sent to
> your modem via ping or echo etc..
Thx, will do so.
>
>
> Hope some of this helped.
>
>
> Oh, and if you dont telling.. Could you tell me which network, channel
> etc.. and whats the nick of the person doing this?
Sure, he is on DALnet, and users the registered nicks SeTSiHaCKeR and
MaNdRaGoRa, don't know if any other. I have seen him online with hosts
like ~[EMAIL PROTECTED] or
[EMAIL PROTECTED] , I know though he lives
in Mexico, so....
--
{ Frank Meyer-Pfauder Canary Islands - Spain }
{ [EMAIL PROTECTED] }
{ http://i.am/Smurf1 }
{ Software support: http://fly.to/fmp }
{ A4000T - 2+16MB - CV64/3D - M1438S - 4.4x CDROM - OS3.5 }
__________________________________________________________
AmIRC Mailing List - Info & Archive: http://www.vapor.com/
For Listserver Help: <[EMAIL PROTECTED]>, "HELP"
To Unsubscribe: <[EMAIL PROTECTED]>, "UNSUBSCRIBE"
