Baron was kind enough to share the IP of our good ebook friend. The trace route dies somewhere in the middle east, in what appears to be Saudi Arabia. The virus is a backdoor coupled with a keyword log. I am guessing the idea was to go after trading account passwords, thus the choice of the day trading ebook. So it seems they were organized enough to be at least attempting to go after money. The posts by the ebook guy were creepy enough to have been from an Islamic extremist. The calling of traders "devils" and the poor grammar would support this. Just speculation. The attached file is a jpeg picture of the trace route map. I am in St Pete on the left.
217.21.1.222 doesn't extend to Saudi Arabia but ends somewhere in the Palestinian territories. inetnum: 217.21.0.0 - 217.21.2.31 netname: PISNET descr: Palestinian Internet Services Co. Ltd. descr: P O Box: 5111 , Gaza City country: PS status: ASSIGNED PA source: RIPE (from www.samspade.org)
That's just the last node before the trace dies. I don't know why neotrace drew a line out to Saudi Arabia at the end of the map. I guess it could really be anywhere in the middle east. But anyway, it still looks more like the Middle East than Russia. The user's use of English and referring to all of us as "devils" makes it sound to me like he is a crazy Arab.
A question for the tech oriented. I have 3 computers connected to a router and a cable modem. Only on 1 computer do I surf the web and check the mail. The 2nd computer is for a backup data feed and the 3rd is for trade execution only. My question is if while surfing or through the mail I get a virus can it affect the other computers or does the router isolate them. Thanks in advance. monee
While many routers provide a hardware firewall to protect you from an outside port attack, they don't isolate your 3 computers from each other. In fact, just the opposite, normally your 3 computers are networked together. The question is whether you have set up file sharing between them, and if so, what attacks one can access all. A quick way to check is to open the windows file explorer on each computer, go to the bottom of the folder list to "Network Places" or "Network Neighborhood" depending on your version of windows, start clicking around to expand things, and determine whether you can "see" any folders or files on any other computer. If you can, so can a virus. If you can't, it can't.
magna thanks for the response I went into windows explorer in windows 98 then clicked on network neighborhood then clicked on entire network and get a message unable to brouse network. Im really lost with this kind of thing. Its sounds like I can't access other computers in the network from what you are saying. Just wondering if it would be safer to spend $20 a month extra with the cable co and get a separate ip address and a separate modem and have the computer that checks the mail and surfs separate from the network. Thanks for all