From owner-freebsd-security  Fri Jan 28 22:42:23 2000
Delivered-To: freebsd-security@freebsd.org
Received: from gndrsh.dnsmgr.net (GndRsh.dnsmgr.net [198.145.92.4])
	by hub.freebsd.org (Postfix) with ESMTP id 8782214DC0
	for <freebsd-security@FreeBSD.ORG>; Fri, 28 Jan 2000 22:42:19 -0800 (PST)
	(envelope-from freebsd@gndrsh.dnsmgr.net)
Received: (from freebsd@localhost)
	by gndrsh.dnsmgr.net (8.9.3/8.9.3) id WAA84140;
	Fri, 28 Jan 2000 22:42:15 -0800 (PST)
	(envelope-from freebsd)
From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>
Message-Id: <200001290642.WAA84140@gndrsh.dnsmgr.net>
Subject: Re: Continual DNS requests from mysterious IP
In-Reply-To: <200001290216.SAA34537@floozy.zytek.com> from Samara McCord at "Jan 28, 2000 06:16:09 pm"
To: mccord@zytek.com (Samara McCord)
Date: Fri, 28 Jan 2000 22:42:14 -0800 (PST)
Cc: freebsd-security@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL54 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> Hello,
Hi.

I don't know why they are doing this, but here is some help in just
who it is that is doing this...

> 
> This is not an attack, but somewhat irritating.  Also it's something
...
> Some kind of network monitoring?  The IP address is not reversible
> (surprise surpise), possibly in New York. 

The IP address is reversible to the class C bondary, and a couple
of whois quieris and you find:

gndrsh:rgrimes {504}% whois -h whois.ripe.net 212.205.50.129

% Rights restricted by copyright. See http://www.ripe.net/ripencc/pub-services/db/copyright.html

inetnum:     212.205.50.128 - 212.205.50.191
netname:     V-SHARE
descr:       14 Mesologiou str
descr:       15122 Marousi
country:     GR
admin-c:     NA525-RIPE
tech-c:      NA525-RIPE
status:      ASSIGNED PA
mnt-by:      OTENET-GR-MNT
changed:     nameadm@otenet.gr 19990624
source:      RIPE

person:      N Ameladiotis
address:     14 Mesologiou str
address:     15122 Marousi
address:     GR
phone:       +30-1-8022373
fax-no:      +30-1-6691573
nic-hdl:     NA525-RIPE
mnt-by:      OTENET-GR-MNT
changed:     nameadm@otenet.gr 19990624
source:      RIPE

...


-- 
Rod Grimes - KD7CAX @ CN85sl - (RWG25)               rgrimes@gndrsh.dnsmgr.net


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message