[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Logcheck, IP address

Subject: Re: [cobalt-security] Logcheck, IP address
From: Glen Scott <glen@xxxxxxxxxxxxxxxxxxxx>
Date: Tue, 19 Jun 2001 12:16:14 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

How do I chase down an IP address that was reported by Logcheck to FTP in?
If have their IP and I want to see where it originated from so I know if it
is one of my users or a hacker?


$ whois 144.134.44.127@xxxxxxxxxxxxxx
[whois.arin.net]
Telstra (NET-TELECOMAU4)
   Network Development and
   Construction Branch  32 Pirie Street  Adelaide
   South, 5000
   AU

   Netname: TELECOMAU4
   Netblock: 144.134.0.0 - 144.134.255.255

   Coordinator:
      Telstra  (HM100-ORG-ARIN)  hostmaster@xxxxxxxxxxxxxx
      +61 3 9253 8600   Fax- +61 392538701

   Domain System inverse mapping provided by:

   SY-DNS01.TMNS.NET.AU         139.134.2.2
   SY-DNS02.TMNS.NET.AU         139.134.2.18

   Record last updated on 29-Nov-2000.
   Database last updated on 18-Jun-2001 23:08:46 EDT.

The ARIN Registration Services Host contains ONLY Internet
Network Information: Networks, ASN's, and related POC's.
Please use the whois server at rs.internic.net for DOMAIN related
Information and whois.nic.mil for NIPRNET Information.

Follow-Ups:
- RE: [cobalt-security] Logcheck, IP address
  - From: Todd Kirk

References:
- [cobalt-security] Logcheck, IP address
  - From: Todd Kirk

Prev by Date: Re: [cobalt-security] Logcheck, IP address
Next by Date: Re: [cobalt-security] Re: RaQ4-All-Security Release 1.0.2-5-9769
Previous by thread: Re: [cobalt-security] Logcheck, IP address
Next by thread: RE: [cobalt-security] Logcheck, IP address

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index