Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Odd identd behavior

From: Barrie Dempster <barrie () reboot-robot net>
Date: Wed, 16 Nov 2005 10:18:23 +0000
On Mon, 2005-11-14 at 17:33 -0800, kgp () nethere com wrote:

Just to reiterate, I'd simply dig or nslookup the ip addresses (or use one
of the many nslookup webpages) and see if they have some contact info.


Mike, have you done this yet and have you received any replies ?


Really all you care about at this point is passing off some information to
the admin that it looks like he has some nefarious activity on his network.
You might also want to give him your ip address (and maybe mac)


Just the IP address, the MAC address wouldn't be in any logs on the
remote servers since they wouldn't see the MAC address. MAC addresses
don't travel that far their realm is the local segment.


-- 
With Regards..
Barrie Dempster (zeedo) - Fortiter et Strenue

"He who hingeth aboot, geteth hee-haw" Victor - Still Game

blog:  http://reboot-robot.net
sites: http://www.bsrf.org.uk - http://www.security-forums.com
ca:    https://www.cacert.org/index.php?id=3

Attachment: smime.p7s
Description:

Previous By Date Next
Previous By Thread Next

Current thread: