blackice just showed that i got hit with an snmp back door probe and 3 second laters an attack. this is who says did the attack:

IP: 24.166.74.113
Node: MIKE-2000
Group: REGAN
NetBIOS: <0102>__MSBROWSE__<02>
MAC: 00600837A26F
DNS: dhcp024-166-074-113.neo.rr.com

is this a road runner server or somebody else?

DG:

This is someone using RR! The address comes back to a DHCP in Columbus.rr.com! Somebody is manipulating things. You might want to report that to abuse@rr.com.
They probabely won't be able to do anything about it but, at least make them aware of the problem.

[This message has been edited by blebs99 (edited 01-19-2001).]

done. i emailed them and gave them all of the info i could gather. we'll see what they can do about the attack.

thanks for the email, also.

No Problem! I hope your firewall is doing it's job. I'm thinking maybe you should go do a port probe to be sure.

i had a friend of mine install a trojan on my computer and with blackice running he couldnt get the client to connect to the trojan. (trojan was successfully removed) also, i ran both tests on grc.com. so i guess for all intensive purposes its doing its job.

http://www.sdesign.com/securitytest/index.html

Try this one sometime-use the complete test. It takes a long time and they will email you the results. I did mine and it took something like 133 minutes to scan all 65535 ports, so obviously, you'll have to do it when you really have a lot of time to kill and can leave the computer on to do the test.