Hello, I am having troubel with a hacker, Black ice found these IP's: 192.168.0.48
192.168.0.118
192.168.1.4
192.168.1.106

Is there any way I can block or report them?
So far my sony computer's firewalls are holding up (the one I'm using right now)

Those wouldn't be hackers with those addresses. The 192.168.xxx address series is one of the defined "private" ip address ranges and no router on the internet would route one of those private ip addresses. Those are coming from something local on your network.

Those IP address are class C addresses, and used primarly for internal networks. They wouldn't be someone's address on the internet. It is probably just the other computers on your network.

I checkd all the computers and routers in the house, and none of them have any of those IP's.
And my dad found some pics on his computer, and my hard drive Had 10 GB and droped down to 200 MB (And I only install on my D drive).

oh yeah, I found pictures and music of a german beer commercial on my computer.

do you have a wireless network? if so: enable encryption, use a random password.

anywhere someone could tap into your hardwired network? if so, i would report them to the proper authorities (police). they should investigate further.

how about antivirus software? if so: run a full system scan. if not: get antivirus and run a full system scan.

just out of curiosity... what kind if IP's do your computers/routers have?
I am more interested in the Sony Firewall... does it serve IP's to your home network? Maybe the IP's are changed frequently by that brand of firewall?

Otherwise, it looks like your ISP is giving out NAT'ed addresses. Those IPs are likely from other users under the same ISP. You can take the logs from your firewall, or even better a capture of the attack and send it to your ISP.

the ISP wouldn't be giving out address in the 192.168.x.x class. this is reserved for private networks (SOHO).

your router probably has DHCP enabled. it is giving out address to clients that connect to your network. they question is, where are unwelcomed clients connecting.

i would recommend disabling file sharing on your computers, until you get this resolved.

Actually, Some ISPs for small regions do give out NAT'ed IPs.. Its because the smaller the ISP, the smaller his range of public IPs is. He would be trying to save them as best as he can..

It does seem from the Op's post that the intrusions are coming from his own network(likely wireless - its hard to tap into hard wired networks without access to the residence). Reason that leads me to beleive it is an internal intrusion ->

-- he has a sony firewall guarding his home network.
-- he saw the IP's in black-ice logs on his computer..
-- which means that the attackers are past the sony firewall and the sony firewall did not have a clue! unless of course, the black-ice is actually running on the sony firewall... which seems unlikely.

The fact that he's finding large amounts of unexpected content on his PC leads me to believe his computer has been compromised and is probably running a backdoor allowing someone to do as they want with his hardware.

This would be a good time to find all the important files and save them, then I'd recommend a complete nuke and reload of the affected systems. Also upgrading the firmware in the router and resetting it with new passwords might also pay off.

just a minor correction, sony only made my computer, I dont own a single sony firewall (I didnt even know sony made them).
Linksys, microsoft, and ISS made my firewalls (My comp has about 5-7 fiirewalls :D ).
oh yeah, Some body hijacked my systers computer and tried to attack my computer throghe her computer :mad: !
I think that what ever they might be using to hack my computers might be home made stuff :( , I scaned with norton and found nothing, if it is home made then, how am I supposed to fight back or deffend myself?
Thanks for all the advice so far!

hmm.... this sounds stupid but your firewalls' company can be the ones doing it!!!!though the IP addess do not have any prove!!! There r lots of firewalls & anti-virus softwares like that of the norton, McAFee, and the like which are rated as cool but if u take a closer look, you will find spy-wares in them!!!

Scan for those stuffs in your system.

For real?!?!

I scanned for spy ware and adware, found 150+ spy ware and 300+ adware!

I havent seen any strange IP's any more, but I think that is because the malicious person that is doing this saw that I was geting help and made him/her want to back off for a few days.

if your network is static, you could use access lists. only allow your routers to route packets with a source or destination address of a client on your network.

I dont know if my router is static, but if I encrypt files can they decrypt them?

not unless they have the decryption code...which could be cracked. generally, encryption is a good thing.

Is it hard to crack?
Windows has an up-grade for encrypting files, does any one where it is at?
(I will look after this post)

I found sevral 128-bit encryption things, but all the ones i saw was for win2K, does windows xp already have 128-bit encryption?

I don't know, but I'd still take Roy Sinclair's advise -- unhook your computer for a couple of days and rebuild the damn thing!!

encrypting your files will most likely stop hackers from reading your material. it will not stop them from abusing your network, though.

I do have a wireless network and I havent been seeing any strange IP's any more, but if there only hijacking the network then how am I finding files in unshared folders?

Your systems appear to be compromised and to be frank, there's no sure fire way to be sure you've removed all the traces.

http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx

Thanks for the info Roy.
I recently found a song of the German beer comercial called edel weiss.

You have a trojan on your computer, or network. You also have an un-safe network, proably being exposed by the extreamly bad netowrk protocall MS made up, called NETBIOS, aka, the bane of all MS users. Personaly, I've disabled it one mine, but the other computers... well my dad won't let me, and I'm 16.

If you at all know how to, use netstat on one computer, online, with no other computers on the network, do this with all other computers.

I would love to be able to tell you how to trace down problems and stuff, but I really am no good at that, and you'd proably end up screwing up your computer in the registry, where many of these things work their ways into.

My only other advice then get rid of it or find some one who can... is to format your network all together, run ONE firewall, such as McAfee, or Zone Alarm... Black Ice is 100% useless.

Check grc.com (I think that's the url atleast) for some more advice... goto the "shields up" portion of their website.

So, like I said, the only thing I can think of, is formatting your network and starting a new, don't let people hack you... song.exe is not song.mp3... gator is not an awesome cool thing, don't use microsoft IE... that's about it... other then possably disableing your netbios.

You mean NWlink netbios?
I can not remove netbios, I need it for communications for my computers.

I would use another in your situation, since viruses use netbios.

Anyway, try somthing else, such as enabling passwords on shared drives. However, you may want to check to see if you have spyware on, since that could just as easily store your password as you entered it in.

I have a ten digit password and I dont share the whole HDD, and I also scan for spy ware and adware about once a week.