[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
If all you have to go on is an IP address dont be to fast to accuse as it is VERY possible that a spoofed/'stolen' ip was used. That ip could be a very innocent person/company who didn't realise what their ip was being used for. So unless your ceartain that the ip is the ip of the intruder dont retaliate in kind (if you know what I mean). The ISP of that ip block may be able to help you and/or the real owner of that ip (if it was being used by someone other than them) if they will let you look at their logs, i'm sure they will want to get to the bottom of it too. It may be a long trail back to the intruder....but for 2GB i'd ceartainly start walking along it. Hope that this is some kind of help.
Stick the IP address into RIPE.NET's whois. -----Original Message----- From: owner-list@xxxxxxxxxxxx [mailto:owner-list@xxxxxxxxxxxx]On Behalf Of Neil Stone Sent: 26 May 2002 21:27 To: list@xxxxxxxxxxxx Subject: RE: [LUG] breakin...the ISP of the person who broke in... Any idea how they got in?Over port 1427/1428. of all the things to pick this up sshd did !! odd ! What is the best way of finding the ISP of the offender ?? Neil
-- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.