Hackers can attack any computer in the world that's connected to the Internet, which means that someone could be probing your computer right now and checking it for weaknesses. Even worse is that you may catch a hacker in your computer, but the second he disconnects, he's gone.
Since hackers can appear and disappear at any time, there's nothing to stop them from attacking any computer they want, since it's highly unlikely that they'll ever get caught. To eliminate the hacker's refuge in anonymity, Sharp Technology has developed Hack Tracer (http://www.sharptechnology.com/bh-cons.htm), which can trace a hacker back to his Internet service provider (ISP) and possibly even find the hacker's IP address as well.
Knowing an IP address may identify the hacker's location, but the cryptic series of numbers that make up an IP address might not give you a clue where the hacker is located. The next time your firewall or IDS identifies a hacker's IP address, run it through McAfee Visual Trace, which is part of the McAfee Personal Firewall program (http://www.mcafee.com) or VisualRoute (http://www.visualware.com) to see the hacker's approximate location on a world map (see Figure 18-4). After tracing enough hackers' IP addresses, you may be surprised to find that your personal computer in Nebraska has been targeted by hackers in Korea, Canada, Israel, or Germany.
To further track down hacker activity, visit myNetWatchman (http://www.mynetwatchman.com) and share hacker attempts on your computer with people all over the world. The more people who pool information about hackers, the more likely myNetWatchman can identify specific types of attacks and pinpoint the IP addresses of the more active hackers in the world (see Figure 18-5).
While hackers can always choose when to attack a computer, that doesn't mean that your computer needs to be defenseless. With a good firewall, an intrusion-detection system, a securely patched operating system, and even a honeypot, you can protect your computer and possibly turn the tables on the hacker by tracing him and revealing his location for everyone to see. If enough people contact the ISP used by a particularly annoying hacker, the ISP may disconnect the hacker and force him to look for alternative ISPs. If this happens often enough, this may not discourage the hacker, but at least it can cause him enough trouble that he might restrict his activities and spare many potential victims from future attacks.