For a change of pace...
Re: BlackICE intruder indentification:
I have been probed over a dozen times now from an intruder indentified by BlackICE as:
98230SALWS117
and further elaborated as:
IP: 64.24.39.75
DNS: c07-075.006.popsite.net
Node: 98230SALWS117
Group: SHERIFF
MAC: 44455354000
All of the probes have been a “Back Orifice ping”.
As near as I can determine, using Whois.com, “popsite.net” is a domain registered to Starnetusa.net in Palatine, IL. Starnet is one of the first “hops” my computer makes when connecting to anything on the internet, (according to TRACERT).
Assuming the probes are real, (and I am not sure that is a correct assumption), before I report this intruder as a trouble maker,( a probable waste of time), I would like to query the thread as to whether anyone thinks the reference to “SHERIFF” above, is a name of coincidence...or could it really mean a law enforcement agency?...
And/or, is there a means by which I can take the identification of the “perp” to higher level?
I do not have any of the BlackICE log info enabled, which I realize would facilitate further sleuthing. It is my understanding it slows the computer down and I would not be able to decipher it anyway, so I did not turn it on.
Thanks in advance,
JCC |
