Someone trying to hack me at my university?

[EricW]

I'm sitting in one of the libraries at my University and my firewall shows that it has blocked 2 intrusion attempts. They were both "Fin Scans." I am using the university's wireless internet but I have a VPN set up.

If this really is an intrusion attempt, is there anyway I can find this [censored] and kick his ass?

[chris b]

depending on the firewall, there might be a way that the firewall will display where the attack was running from, and then you could traceroute back to the origin of the attack. Dont be supprised by this attempt, they are more common than you think. Just because you were at the univ and it was their wireless, doesnt mean that someone from japan or where couldnt scan or attempt intrusion

[EricW]

I have the reomote IP of listed and as well, the DNS name is the name of my university's wireless internet. Does that mean that some [censored] on campus is trying to [censored] with me?

[chris b]

Could be. I wouldnt worry to much about it, obviously the firewall blocked it. If it continues from the IP, then I would go to the IT department there. Let them handle it and block the person.

[cosmonaut]

Your firewall is retarded. A FIN scan isn't an "intrusion" attempt at all. Many software based firewalls for Windows PCs are highly overzealous and produce tons of false positives, causing more confusion than providing rational information. Even if your firewall correctly identified the traffic it was seeing, which I'm sure it did, the traffic is harmless. You can't break into someone's computer by sending 2 FIN packets to it. A FIN packet simply indicates the graceful closing of a connection.

[Phil153]

Standard.

[Push_Fold]

You want me to find said unknown person and kick said unknowns ass? I'll do it if you want me to.