Security Basics mailing list archives
Re: deny access
From: Sean Earp <smearp () gmail com>
Date: Thu, 25 Nov 2004 20:53:25 -0600
If you pull up this IP in a web browser, it is an OWA 2003 server, and according to SamSpade, the IP address belongs to a company called "Cummings Oberkfell and Ristau", which appears to be an auditing/CPA company. <http://www.samspade.org/t/lookat?a=216.212.33.185> The certificate provided by the site is for mail.cummingscpa.com, which also happens to resolve to this IP address. In other words, it appears to be a legitimate Exchange Server for a legitimate company. If you look up the company name on Google, the first several results list a phone number for the company. I would call and explain the situation, and see if you can get in touch with a System Administrator. It may be an honest mistake on their end, or they may have a compromised server. In either case, a friendly phone call could probably go a long way. Just my 2 cents... -Sean On Wed, 24 Nov 2004 16:27:40 -0700, Carlos Garcia <carlosg () cabonet net mx> wrote:
newbie question how can i block this ip 216.212.33.185 i have a cisco 7200 this ip is trying to send mail with my server, i did not configure the router so i dont know how to do this any help? Atte. Carlos A. Garcia G. Cabonet Staff Tel (624) 14 30120
Current thread:
- deny access Carlos Garcia (Nov 26)
- Re: deny access Sean Earp (Nov 27)
- Re: deny access John R. Morris (Nov 27)
- Re: deny access GuidoZ (Nov 27)
- RE: deny access dave kleiman (Nov 27)
- RE: deny access David Gillett (Nov 29)
- <Possible follow-ups>
- Re: deny access Carlos Garcia (Nov 27)
- Re: deny access GuidoZ (Nov 29)
- Message not available
- Re: deny access GuidoZ (Nov 30)
- Re: deny access GuidoZ (Nov 30)
- Re: deny access GuidoZ (Nov 29)
- RE: deny access David Gillett (Nov 30)
- RE: deny access James McGee (Nov 30)