Hi In NPF sometimes i get those annoying hacker probes saying some type of trojan is trying to access my computer. If you respond and check their ip address with the tracer route in NPF, will you alert the hacker that you are there? Or is it safe to use this feature without alerting the person/hacker who probed you that your there?(provided it is a person/hacker and not something else) Thanks so much.
Short answer, yes, you will alert them that you are really there (assuming it's really anyone who wanted to know in the first place). It's actually kind of a stupid feature to have, since it largely emasculates the whole concept of being Stealthed. (And it also tells them that you've got a firewall, an IDS, or a NAT router that logs unsolicited incoming communication attempts.) If someone turned into a real pest and you're curious about the source, it's actually much better to use something that the online services such as Visual Route or Neo Trace. These run the trace routes from their own site and pass the results back to you. That way, the guy who got tracerouted has no idea where it came from. Use these services sparingly. Abuse of them tends to irritate your own ISP and they may develop an inordinate interest in just what you are doing on the 'net!
My NIS2004Pro has the same tracing feature, but it is not always immediately responsive so I rarely use it. A few nights ago I was really irritated by a repeated attack, so I traced its source directly, using one of the following DNS WhoIs servers: http://www.apnic.net/apnic-bin/whois.pl http://www.arin.net/whois/index.html http://www.ripe.net/perl/whois http://lacnic.net/en/index.html [You cannot apriori tell from the IP which continent to search so you have to try them all] Then, using the data provided in the WhoIs results I contacted the Administrator in charge of the ISP serving the offending user, and together we found who was hit with a malicious virus/worm that troubled other users too.