Snort.org home  
Got Source? About Snort About Sourcefire Snort FAQ
Sourcefire Network Security - the creators of Snort
Snort News Downloads Snort Docs Rules Snort Community Snort Forums Snort Training
Search Site
Search Rules
Account
email
password
not registered?
user preferences

Snort Forums Archive

Archive Home » General Security Discussion » Help! I am being cyber-stalked!

Please note that the categories listed below represent an archived version of our forums pages. To view the current version and be able to post and reply to threads, please register and login here to go to the full forums pages.

[ Notice: Full Version of This Topic ]

Help! I am being cyber-stalked!


Posted by Traci on March 19, 2007 07:28:28

I am hoping you can help me. I have a unique "situation" ..long story
> short..I am the target of a cyber-stalker/hacker. The object of
> hacking into my system is not to steal money or credit card info...it
> is to "spoof" my IP or MAC address..or "send" death threats from my
> computer, making it appear as though I am an insane killer.
>
> Well, I am none of the above.
>
> The problem is, this person is within close proximity to where I live,
> giving him access to my neighborhood cable network.
>
> What is the best way to stop/or document any malicious activity or
> hack attempts to my computer???
>
> I have a 12 year old that enjoys online gaming and I enjoy the
> Internet myself, and will not shut down my connection to the Net,
> because of these idiots.
>
>
>
> I do have 2 pc's.and a router (not setup yet) How should I configure
> the architecture of a IDS??? Should /I setup a network with a Network
> based and host based version of snort??
>
> Use taps?? Switch??
>
> I have just reformatted my hard drive and am not yet connected to the
> Internet. I am a novice user at best. Please tell me the order in
> which I should setup a secure system.
>
> Also, are there any rules that I can configure in snort to filter
> ARP..or how can I filter IP or MAC addressspoofing? So as to prevent
> access or change in system files??
>
Bear in mind, I do not have alot of resources to devote to this S***.
Has anyone heard of IP Cop??
Any suggestions????

Posted by solarboyz1 on April 04, 2007 11:10:21

They don't need to be on your computer to "spoof" your IP or MAC. Not sure how computer saavy you are so don't be offended by these questions:

1. Do you have a wireless network in your house? If so what are the security settings on it?

2. Do you know they have actually been "in" to your system? If so how do you know, and do you know how they got in?

3. Do you have any type of firewall running?

If *I* were to set something up, I would put a firewall in line between my cable modem and my internal router. This is also where I would put my IDS. You would need a computer with two ethernet ports, you could use an older system.

As I've stated before, there will be no way for you to detect another person spoofing your IP to an external website. All of that traffic would be external to your network.

I would contact the cable company if the problems have escalated to this point.


site feedback | Terms of Use | Privacy Policy | forum archives ©2007 Snort and Sourcefire are registered trademarks of Sourcefire, Inc. All rights reserved.