At 12:21 PM 12/20/2001 -0800, Dave wrote:
Thanks for the reply - and I saw a similar post almost the same time as mine with a reply, didn't mean to post the same question twice :) In my case, 61.175.130.201 is most certainly NOT a customer as Output from ARIN WHOIS returns: Asia Pacific Network Information Center??? Is it still harmless?
FWIW, I have been seeing a lot of scans from that part of the world lately and have actually black-holed an entire class-B from over there because of the malicious traffic. I know of two systems hacked from similar addresses as well, so it's worth keeping an eye on. Note that the ones I'm seeing are from ISP dialup accounts so I doubt there is some kind of distributed DoS/scan happening here, probably just increased attacks in general from all the US-oriented media coverage.
- Ralph