[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Sheflug] Security : Port scanning
Just for completion on this thread IPCop gives me information such as the
following three records (for those that are curious):
----------------------------------------------------
Date: 05/07 15:38:19
Name: (spp_portscan2) Portscan detected from 62.204.33.81: 1 targets 21
ports in 33 seconds
Priority: n/a
Type: n/a
IP Info: 62.204.33.81 -> 192.168.101.101
SID: n/a
Refs:
Date: 05/07 15:44:07
Name: (spp_portscan2) Portscan detected from 146.101.143.10: 1 targets 21
ports in 17 seconds
Priority: n/a
Type: n/a
IP Info: 146.101.143.10 -> 192.168.101.101
SID: n/a
Refs:
Date: 05/07 15:57:12
Name: (spp_portscan2) Portscan detected from 146.101.143.10: 1 targets 21
ports in 26 seconds
Priority: n/a
Type: n/a
IP Info: 146.101.143.10 -> 192.168.101.101
SID: n/a
Refs:
--------------------------------------------------
Each of the IP addresses in the above records are linked to a page
containing information such as:
---------------------------------------------------
146.101.143.10 (Reverse lookup failed) : whois.arin.net
OrgName: Performance Systems International Ltd.
OrgID: PSIL
Address: Brookmount Court, Kirkwood Road
Address: Cambridge, CB4 2QH
City:
StateProv:
PostalCode:
Country: GB
NetRange: 146.101.0.0 - 146.101.255.255
CIDR: 146.101.0.0/16
NetName: PSINET-UK
NetHandle: NET-146-101-0-0-1
Parent: NET-146-0-0-0-0
NetType: Direct Assignment
NameServer: PRI1.DNS.UK.PSI.NET
NameServer: PRI2.DNS.UK.PSI.NET
NameServer: PRI3.DNS.UK.PSI.NET
Comment:
RegDate: 1992-06-23
Updated: 1996-04-18
TechHandle: HM415-ARIN
TechName: Hostmaster, Host
TechPhone: +44 1223 577177
TechEmail: hostmaster [at] uk.psi.com
# ARIN WHOIS database, last updated 2003-05-07 20:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
-----------------------------------------------------------------
or
----------------------------------------------------------
62.204.33.81 (BALKANHOLIDAYS.datagate.net.uk) : whois.ripe.net
% This is the RIPE Whois server.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/db/copyright.html
inetnum: 62.204.32.0 - 62.204.35.255
netname: DNS-NET
descr: Datagate Network Solutions
country: GB
admin-c: DNA12-RIPE
tech-c: DNM3-RIPE
rev-srv: solair.datagate.co.uk
rev-srv: ns2.datagate.net.uk
status: ASSIGNED PA
notify: noc [at] datagate.net.uk
mnt-by: DATAGATE-NOC
changed: noc [at] datagate.net.uk 20020316
source: RIPE
role: Datagate Network Administrators
address: Unit 4, Media Village
address: Walpole Court, Ealing Green
address: W5 5ED
address: London
address: UK
phone: +44 (0)8700 11 90 90
fax-no: +44 (0)8700 11 90 80
e-mail: netadmin [at] datagate.net.uk
trouble: noc [at] datagate.net.uk
admin-c: IS2618-RIPE
tech-c: IS2618-RIPE
nic-hdl: DNA12-RIPE
notify: noc [at] datagate.net.uk
mnt-by: DATAGATE-NOC
changed: noc [at] datagate.net.uk 20020316
source: RIPE
role: Datagate Network Managers
address: Unit 4, Media Village
address: Walpole Court, Ealing Green
address: W5 5ED
address: London
address: UK
phone: +44 (0)8700 11 90 90
fax-no: +44 (0)8700 11 90 80
e-mail: noc [at] datagate.net.uk
trouble: noc [at] datagate.net.uk
admin-c: IS2618-RIPE
tech-c: IS2618-RIPE
nic-hdl: DNM3-RIPE
notify: noc [at] datagate.net.uk
mnt-by: DATAGATE-NOC
changed: igors [at] datagate.net.uk 20020316
source: RIPE
--------------------------------------------------------------------
None of whom are my ISP (currently BTConnect/BTInternet/BT).
and all from the click of a button.
Chris Johnson
(SESEAZ)
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.476 / Virus Database: 273 - Release Date: 24/04/2003
___________________________________________________________________
Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html
GNU the choice of a complete generation.