Hacker trying to visit me!

[arios2mx]

Hi!

I don't know a bit about Internet hackers but someone has tried to visit my computer for almost 3 months.

I was using my computer with Samba activated, I noticed something like:

Mar 2 18:15:22 server smbd[1737]: gustavo (200.65.169.64) couldn't find service c
Mar 2 18:20:21 server smbd[1740]: [2003/03/02 18:20:21, 0] smbd/service.c:make_connection(249)

He is able to change is name and IP address.
Almost everyday is the same with different name and IP address so How could I strike back this "hacker"
Or where Can I obtain information about this?
I have noticed a few things:
His name is in Spanish like mine
I think that He uses a IP Address range similar mine so We could live in the same city
My Internet connection is slow
I don't thing he had accessed my system, the above message is what he has could do
I checked /var/log/messages he is not here in somewhere else
I think He is using some kind of script he tries to access my system every 20 minutes, but when I ping his address he tries to access my server every minute.

 

[MrTom]

Firstly, there's not much point in trying to trace back an attack. As you suggest, it is probably an automated script so you have not been targeted specifically.
Secondly, use the firewalling capabilities in the Linux kernel. Search freshmeat for 'firewall script' and you should find something that is easy to configure.

 

[littlejohnny]

Go ahead and install a firewall and if ya got the room, try
an IDS such as snort and a honeypot to catch and bag the hackers.

 

[rrsub]

If you want to strike back at the hacker, I suggest you use one of the honeypot or tarpit methods. They work very well.