Snort.org home  
Got Source? About Snort About Sourcefire Snort FAQ
Sourcefire Network Security - the creators of Snort
Snort News Downloads Snort Docs Rules Snort Community Snort Forums Snort Training
Search Site
Search Rules
Account
email
password
not registered?
user preferences

Snort Forums Archive

Archive Home » General Security Discussion » Computer Security Problems

Please note that the categories listed below represent an archived version of our forums pages. To view the current version and be able to post and reply to threads, please register and login here to go to the full forums pages.

[ Notice: Full Version of This Topic ]

Computer Security Problems


Posted by Traci on March 21, 2007 05:35:17

I am hoping you can help me. I have a unique "situation" ..long story
> short..I am the target of a cyber-stalker/hacker. The object of
> hacking into my system is not to steal money or credit card info...it
> is to "spoof" my IP or MAC address..or "send" death threats from my
> computer, making it appear as though I am an insane killer.
>
> Well, I am none of the above.
>
> The problem is, this person is within close proximity to where I live,
> giving him access to my neighborhood cable network.
>
> What is the best way to stop/or document any malicious activity or
> hack attempts to my computer???
>
> I have a 12 year old that enjoys online gaming and I enjoy the
> Internet myself, and will not shut down my connection to the Net,
> because of these idiots.
>
>
>
> I do have 2 pc's.and a router (not setup yet) How should I configure
> the architecture of a IDS??? Should /I setup a network with a Network
> based and host based version of snort??
>
> Use taps?? Switch??
>
> I have just reformatted my hard drive and am not yet connected to the
> Internet. I am a novice user at best. Please tell me the order in
> which I should setup a secure system.
>
> Also, are there any rules that I can configure in snort to filter
> ARP..or how can I filter IP or MAC addressspoofing? So as to prevent
> access or change in system files??
>
Bear in mind, I do not have alot of resources to devote to this.
Has anyone heard of IP Cop??
Any suggestions????


Posted by WhiteAngel1 on November 28, 2007 09:38:43

I know this is addressing an old subject but

I think you are confusing spoofing and a compromised system. It isn't hard to spoof an address you don't need to take over a system or anything, they are simply impresonating you.

If your system is compromised (ie they have control) then they are able to act as if they were you but using your machine to do the work.
site feedback | Terms of Use | Privacy Policy | forum archives ©2007 Snort and Sourcefire are registered trademarks of Sourcefire, Inc. All rights reserved.