Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 11 Oct 1999 17:44:08 +0200
From:      "Michael Hallgren" <michael.hallgren@fisystem.fr>
To:        "Michael Hallgren" <michael.hallgren@fisystem.fr>, <cjclark@home.com>, <freebsd-security@freebsd.org>
Subject:   Re: Identifying an Unresolvable IP
Message-ID:  <004d01bf13ff$756c8e20$5b014b0a@asf.fr>
next in thread | raw e-mail | index | archive | help 

Or, from the shell,

# whois -a <addr>

which gives you a cross search over the databases.


mh


> Hi,
>
> > Connections from two different, but close (consecutive class C nets),
> > IP addresses showed up in some of my daily security logs. The
> > addresses do not reverse-lookup, but I would still like to know who
> > owns the addresses (my guess it is a valid user's 3rd party ISP, but I
> > want to be sure).
> >
> > What tools or references are easily accessible for determining who
> > owns a block of IPs?
> > I have not been able figure out how to coax the
> > info from DNS or whois.
>
> A whois lookup (RIPE and friends), should give the owner of the block in
> question.
>
> For example, say that you're trying to track down 195.90.34.69. A whois -h
> whois.ripe.net gives you
>
> inetnum:     195.90.34.0 - 195.90.34.255
> netname:     GRAPHNET-PARIS
> descr:       Graphnet Inc. Paris node
> country:     FR
> admin-c:     GIS-ORG
> tech-c:      XH15-RIPE
> tech-c:      GIS-ORG
> rev-srv:     ns.fr.graphnet.net
> rev-srv:     ns.globalis.net
> status:      ASSIGNED PA
> mnt-by:      GNET-MNT
> changed:     mh@graphnet.com 19990201
> changed:     geno@graphnet.com 19990721
> source:      RIPE
>
>
> So, you know that Graphnet's responsible for that IP address. (Now, maybe
> Graphnet's been allocating some IP space including 195.90.34.69 to some
> customer ? That's no big deal for you, since you may contact Graphnet for
> details...)
>
> > A web search, somewhat to my surprise, did not
> > immediately pop up a site that will tell you this info when you slip in
> > an IP address.
> >
>
> Go http://www.ripe.net/ , for example
>
>
>
> Cheers
>
> Michael
> > Thanks for any help.
> > --
> > Crist J. Clark                           cjclark@home.com
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the message
> >
>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004d01bf13ff$756c8e20$5b014b0a>