[nycbug-talk] Researching ISP for an IP
bruno
bruno
Sun Aug 14 01:16:39 EDT 2005
On Sun, Aug 14, 2005 at 12:08:47AM -0400, Francisco Reyes wrote:
> Someone launched a dictionary attack against my machine.
> Nothing new...
>
> However, I always use IP2Location to see where
> the attack is coming from.. just for my curiosity.
>
> This particular IP, 167.206.75.27, was from New York so I figure I would
> try to find the ISP to complain.
>
> dig -x reports
>
> ;; ANSWER SECTION:
> 27.75.206.167.in-addr.arpa. 78337 IN PTR ros75-27.optonline.net.
>
> but then
> dig ros75-27.optonline.net
> ;; QUESTION SECTION:
> ;ros75-27.optonline.net. IN A
>
> Tried traceroute and mtr, but got nowhere.
> Not even ping did anything when I tried
> ping 167.206.75.27
>
>
> Is it possibly the attacker just spoofed the IP?
It pings, at least now.
Those are usually hacked zombies. To report, do a whois on the IP/subnet.
OrgName: Cablevision Systems Corp.
OrgAbuseEmail: abuse at cv.net
More information about the talk
mailing list