Date: Fri, 14 Jul 2000 22:30:26 +0000 From: Ben <ben@emailnow.net> To: Carl Strickler <cstrickl@ifta.net> Cc: "'freebsd-questions@freebsd.org'" <freebsd-questions@freebsd.org> Subject: Re: Who's knockin' on my firewall [OFF TOPIC] Message-ID: <200007142230.WAA12588@emailnow.net> In-Reply-To: Message from Carl Strickler <cstrickl@ifta.net> of "Fri, 14 Jul 2000 14:12:13 MST." <01BFED9D.8280F100.cstrickl@ifta.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Carl, If I'm curious enough about an IP that doesn't seem to resolve I'll do a traceroute to it to see where it's coming from. Then depending on why I noticed the IP in the first place I may dig further and find a technical or administrative contact to send mail to. -- -- Ben Williams Systems Administration > This is a bit off topic, but I was hoping someone could at least point me in the right > direction. > > I regularly check my security logs to see who's been trying to get in and I'll do an > nslookup on any IP address that occurs over 3 times. Now once in a while this > will actually be useful and I come up with actual useful information. But most of > the time I end up with what I started with, an IP address. Is there a way to find out > who owns what block of addresses? > > Also is there a way to find out the real IP address if someone is spoofing (quite often > we are probed by someone with a 10.x.x.x address)? > > Finally, is there any kind of SOP when dealing with unauthorized attempts from foreign > countries (we seem to get probed quite a bit from SE Asia)? > > Any information would be helpful. > > > TIA, > Carl > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007142230.WAA12588>