i've installed norton personal firewall and it's detected an intrusion! i traced the ip and it was someone from brazil! using the Backdoor/SubSeven trojan (anybody heard of that?)

SA,

I've seen unauthorised trojan/backdoors accesses similar to
this on my machine but never bothered checking them.
Its probably script kiddies running some timed program to
scan through a range of IP addresses. A bit like running down
a street and turning the door handles of each house to check which door is open.

As long as it was detected you should be ok - InshaAllah

A further point is that the IP address in brazil is
probably not the actual address of the perpetrator.

WS

Salams

Sub7 is a backdoor trojan that allows remote access to people computers ive tried using it before and its hell of a craft too....u got Subseven trojan installed on ur comp

brb

ws
sajid

Salaam Alaikum,

I don't have this installed as yet but may in the future.
You should be very careful installing such software on ur pc as
there are many tools available that will allow u to get traced.

I used to muck around with virii when I was a student and
ended up reformatting my HD after an experiment went wrong.

Not a pleasant experience - I lost all my work :(

WS

Incoming subseven probes are very common on the Internet. It usually means nothing. If you are infected by sub-seven, your IP address is published on IRC (Internet Relay Chat) channels frequented by hackers. They then put your IP address into the Sub seven "server" to be scanned on a regular basis to see if the trojan is active. It would then alert the hacker that your computer is available to take control of. So if you were EVER infected (or someone with your IP address was ever infected) you will get many more sub-seven 'hits'. Most 'hits' are just random IP scans. Most ISP's will not pursue hacking activities.

According to blurb from Nortons, subseven is of low threat and
is easily removed from an infected system..

http://securityresponse.symantec.com/avcenter/venc/data/backdoor.subseven.22.a.html