Security Incidents mailing list archives
Re: Korea a classic ? was: IP blacklist
From: jane.delfavero () NYU EDU (Jane DelFavero)
Date: Thu, 18 May 2000 17:37:20 -0400
krnic does have a whois database in English, just in a new place: http://whois.nic.or.kr/english/ I have also found the Korean cert (cert () certcc or kr) to be helpful in conveying the seriousness of the problem to the site and helping them clean up, so I cc them on all incident reports about the .kr domain. -------------------------------------------------- Jane DelFavero Network Security Manager security () nyu edu Information Technology Services jane.delfavero () nyu edu New York University phone: (212) 998-3053 http://www.nyu.edu/its/security PGP fingerprint: 4F56 0A88 3AF9 60A0 DB73 E726 DA94 CBDD
On Tue, 16 May 2000 09:07:28 +0200 Jens Hektor <hektor () RZ RWTH-AACHEN DE> wrote:So, you mean http://whois.nic.or.kr/ with all these nice little letters an ordinary European can't read or understand.Hmmm... you used to be able to put a /e on the end of a query and get the english version of the text. That no longer seems to work :-( Apnic mirrors some of the information in KRNIC database but I suspect that krnic is now not bothering to keep an English version of their data at all so there is no point in APNIC mirroring it. Filling the IP adress into the queryfield does not help either, so I had to use the domain name I found out. That worked with apnic, too, but there should be a netblock entry also, which is much easier, so I don't have to nslookup/traceroute and so on.The problem is made worse by the lack of PTR records so you can't even get a domain name. -- I have been reduced to poking at the IMAP port on LINUX boxes and getting a domain name from the banner! Cheers, Russell.
Current thread:
- Re: Korea a classic ? was: IP blacklist Doglus Cho (May 15)
- Re: Korea a classic ? was: IP blacklist Jens Hektor (May 16)
- Re: Korea a classic ? was: IP blacklist Russell Fulton (May 16)
- Re: Korea a classic ? was: IP blacklist Jane DelFavero (May 18)
- Re: Korea a classic ? was: IP blacklist Russell Fulton (May 16)
- Strange logs and scans. Lic. Rodolfo Gonzalez Gonzalez (May 17)
- Re: Strange logs and scans. * * (May 19)
- While we're on viruses... Keith McCammon (May 19)
- <Possible follow-ups>
- Re: Korea a classic ? was: IP blacklist Doglus Cho (May 16)
- Re: Korea a classic ? was: IP blacklist Cho, Douglas (May 17)
- Re: Korea a classic ? was: IP blacklist Jens Hektor (May 16)