nanog mailing list archives

Re: "portscans" (was Re: Arbor Networks DoS defense product)

From: Scott Francis <darkuncle () darkuncle net>
Date: Sun, 19 May 2002 22:59:39 -0700

On Sun, May 19, 2002 at 10:03:08AM -0400, ralph () istop com said:

rough assessment of their network security, which was important to me
as a customer for obvious reasons.


In that case, I would not consider the scan to have come from an
'unaffiliated' person. I'm sure if the bank's network operator noticed it,
and contacted you, things would have been cleared up with no harm done. To


It sounds like you know something that I don't.  How do you find out the
contact information for someone given only an IP address?


You know the contact information for the block that the scan originated from.
From there, it's detective work (if the admin of the block in question
cooperates, hopefully not too much).

-- 
Scott Francis                   darkuncle@ [home:] d a r k u n c l e . n e t
Systems/Network Manager          sfrancis@ [work:]         t o n o s . c o m
GPG public key 0xCB33CCA7              illum oportet crescere me autem minui

Attachment: _bin
Description:

Current thread:

Re: Re[2]: "portscans" (was Re: Arbor Networks DoS defense product), (continued)
- - - Message not available
    - Re: Re[2]: "portscans" (was Re: Arbor Networks DoS defense product) JC Dill (May 19)
    - Re: Re[2]: "portscans" (was Re: Arbor Networks DoS defense product) Ralph Doncaster (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 18)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Ralph Doncaster (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Gifford (May 18)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 18)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Ralph Doncaster (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Alex Rubenstein (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) william (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Ralph Doncaster (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Stephen J. Wilcox (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Dan Hollis (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Greg A. Woods (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Gifford (May 19)
    - RE: "portscans" (was Re: Arbor Networks DoS defense product) James (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Greg A. Woods (May 18)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 18)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Greg A. Woods (May 18)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Dan Hollis (May 19)

(Thread continues...)