Security Incidents mailing list archives
Re: pop2 scan and .jp contact question
From: John Kristoff <jtk () DEPAUL EDU>
Date: Tue, 15 Aug 2000 14:11:54 -0500
Ian Eure wrote:
(times are UTC -0700) -- snip -- Aug 14 04:44:16 spindle kernel: Packet log: ltraf REJECT eth0 PROTO=6 their.ip.was.here:109 my.ip.was.here:109 L=40 S=0x00 I=39426 F=0x0000 T=21 SYN (#11)
I saw a bunch of those as well. Source was 133.31.109.220 (hatomugi.me.noda.sut.ac.jp). If your timestamps are accurate, the time I got them is a few hours off on the same day (around 13:45 -6 UTC).
some digging shows it as a linux 2.0.xx box at the science university of tokyo - SUTNET in whois.nic.ad.jp. after some more digging, it appears to be a student system in noda. despite much digging with whois, i could not find a contact for SUTNET.
Did you try this: http://www.nic.ad.jp/cgi-bin/whois_gate If you do a lookup on sut.ac.jp, you'll find a number of technical contacts. John
Current thread:
- pop2 scan and .jp contact question Ian Eure (Aug 15)
- Re: pop2 scan and .jp contact question John Kristoff (Aug 18)
- Re: pop2 scan and .jp contact question Jan Meijer (Aug 18)
- <Possible follow-ups>
- Re: pop2 scan and .jp contact question Robert Bussey (Aug 18)
- Re: pop2 scan and .jp contact question 玉造 光緒 (Aug 18)