lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: chromazine at sbcglobal.net (Steve Kudlak)
Subject: Strange FTP log messages

Andrea Purificato - bunker wrote:

>Alle 16:08, venerd? 24 settembre 2004, ken ha scritto:
>  
>
>>Does anyone recognize this behavior? This has been occurring
>>for a while. I am curious as to what would cause this. This
>>has been happening on a wide range of IPs. Any hints would
>>be appreciated, thanks in advance.
>>    
>>
Well I did a WHOIS and got tthe following  result from that putative IP 
number.
Now remember it has been years since I did lots of this sort of stuff. 
...but I am
pretty sure the info is correct. ...NSLOOKUP seems to confirm  most of it.
You can send them mail and ask them what them are uip to doing. ....

If I had more sleep and had not spent so much time looking at weather maps
and old such strange stuff it might immediately dawn on me as to what is up.
But I really need to sleep.....hope that  starts you on your way.

> 205 /u/chroma> whois 65.82.31.47
> [Querying whois.arin.net]
> [whois.arin.net]
>
> OrgName:    BellSouth.net Inc.
> OrgID:      BELL
> Address:    575 Morosgo Drive
> City:       Atlanta
> StateProv:  GA
> PostalCode: 30324
> Country:    US
>
> ReferralServer: rwhois://rwhois.eng.bellsouth.net:4321
>
> NetRange:   65.80.0.0 - 65.83.255.255
> CIDR:       65.80.0.0/14
> NetName:    BELLSNET-BLK9
> NetHandle:  NET-65-80-0-0-1
> Parent:     NET-65-0-0-0-0
> NetType:    Direct Allocation
> NameServer: NS.BELLSOUTH.NET
> NameServer: NS.ATL.BELLSOUTH.NET
> Comment:
> Comment:    For Abuse Issues, email abuse@...lsouth.net. NO 
> ATTACHMENTS. Incl
>  IP
> Comment:    address, time/date, message header, and attack logs.
> Comment:    For Subpoena Request, email ipoperations@...lsouth.net 
> with "SUBP
> A" in
> Comment:    the subject line. Law Enforcement Agencies ONLY, please.
> RegDate:    2000-11-28
> Updated:    2003-05-05
>
> AbuseHandle: ABUSE81-ARIN
> AbuseName:   Abuse Group
> AbusePhone:  +1-404-499-5224
> AbuseEmail:  abuse@...lsouth.net
>
> TechHandle: JG726-ARIN
> TechName:   Geurin, Joe
> TechPhone:  +1-404-499-5240
> TechEmail:  ipoperations@...lsouth.net
>
> OrgAbuseHandle: ABUSE81-ARIN
> OrgAbuseName:   Abuse Group
> OrgAbusePhone:  +1-404-499-5224
> OrgAbuseEmail:  abuse@...lsouth.net
>
> OrgTechHandle: JG726-ARIN
> OrgTechName:   Geurin, Joe
> OrgTechPhone:  +1-404-499-5240
> OrgTechEmail:  ipoperations@...lsouth.net
>
> # ARIN WHOIS database, last updated 2004-09-24 19:10
> # Enter ? for additional hints on searching ARIN's WHOIS database.
> 206 /u/chroma



Have Fun,
Sends Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ