I got the zone has blocked so and so message..
and reported it to zone.
then clicked on more info, and got the following..

% Information related to '213.137.236.0 - 213.137.236.255'inetnum: 213.137.236.0 - 213.137.236.255netname: CTTC-Ryazandescr: CentreTransTeleComadmin-c: VOS4-RIPEtech-c: VOS4-RIPEtech-c: DAB23-RIPEcountry: RUstatus: ASSIGNED PAmnt-by: CTTC-MNTsource: RIPE # Filteredperson: Valery O. Savinaddress: 29 Kalanchevskaya St. Moscow, 107078 Russian Federationmnt-by: CTTC-MNTremarks: fax-no: +7 095 7899897fax-no: +7 495 7899897remarks: phone: +7 095 7899897phone: +7 495 7899897e-mail: v.savin@centrettc.runic-hdl: VOS4-RIPEsource: RIPE # Filteredremarks: modified for Russian phone area changesperson: Dmitri A. Barankovaddress: 29 Kalanchevskaya St. Moscow, 107078mnt-by: CTTC-MNTremarks: phone: +7 095 7899897phone: +7 495 7899897nic-hdl: DAB23-RIPEsource: RIPE # Filteredremarks: modified for Russian phone area changes% Information related to '213.137.224.0/19AS25347'route: 213.137.224.0/19descr: CTTC Autonomous System "CentreTransTeleCom" Moscow, Russiaorigin: AS25347..My question is How can I hack back ?let them know I'm watching them..

My question is [SIZE=2]How can I hack back ?let them know I'm watching them..
After pressing the wrong button, here is my reply!!

I wouldnt even bother m8, tryng the hack a russians(?) PC is just asking for trouble :biggrin and the chances are that if they are real hackers they wouldnt be using there own IP addy it would be a forged one, and they wouldnt be as stupid as to let any open ports be visable to the internet so that they themselves could be hacked!

Got to agree with ALG that it's a waste of time. I run IPCop on my network and average no. of firewall hits comes in at about 400 a day. I just ignore them and hope that the firewall is doing its job - not enough hours in the day to investigate (if I could be arsed).

Also as ALG says the hackers will not be using their own machine to do this. The owner of this IP address is probably not even aware that their PC is compromised. I once investigated the source of spam emails and found a PC with the C: drive shared to the whole Internet with a blank administrator password. I left them a UrgentReadMe.txt on their Desktop telling them how to wipe their arse (digitally speaking).

I don't use ZA but I'm wondering why it it's only alarmed on this hit. You must be getting way more hits than that and hopefully corresponding alarms. Maybe it's set to ignore the low level hacking that goes on all the time and this attempt was a bit more prolonged or on a weird port/service.

Thanks for the replies fellas.
I get alerts from zone many times but this is the first one with such
detailed info, maybe ZA has changed with the latest update last week
now giving more info.