Security Basics mailing list archives
Re: Tracking down a vandalizer who's faking his IP
From: H Carvey <keydet89 () yahoo com>
Date: 26 Apr 2004 13:52:15 -0000
In-Reply-To: <BAY15-F10FKpO2DTSWF00007cd4 () hotmail com>
I have sent an email to the owner of that segment of IP address but haven't heard anything for the past 2 months other than an automated reply. Do most admins in other countries ignore requests to reveal source IP's when they feel it's just a vandalism and not a significant incidence?
I don't think that it's necessarily dependant upon which country the admin is from...lots of admins from all over ignore such things.
Does anyone here have any experience tracking down a faker such as this and could you provide any tips on how one can effectively talk to and coordinate with the ISP's at the other end?
Instead of focusing on tracking the faker, why not focus your efforts on securing the web site? You said you haven't heard back from the admin you contact in 2 months, but you're also saying that this faker "is vandalizing" the site (ie, present tense). Also, it doesn't sound as if this person if "faking" his IP address, as much as he's perhaps routing his communications through the remote system you've identified. Since you haven't been able to get in touch w/ the owner or admin of that block of IPs, maybe you should focus on securing the web site itself. --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Tracking down a vandalizer who's faking his IP Jon S. (Apr 24)
- Re: Tracking down a vandalizer who's faking his IP Paul Kurczaba (Apr 26)
- Re: Tracking down a vandalizer who's faking his IP Byron Sonne (Apr 26)
- <Possible follow-ups>
- Re: Tracking down a vandalizer who's faking his IP H Carvey (Apr 26)
- RE: Tracking down a vandalizer who's faking his IP Hagen, Eric (Apr 28)