[ILUG] funny attack (comes in threes)
wesley at yelsew.com
Mon Aug 20 20:30:05 IST 2001
On Mon, Aug 20, 2001 at 07:36:55PM +0100, Gerard Gorman wrote:
> ...on a related note, how do I interpret ip-addresses like 18.104.22.168
> which are not known to the dns server.
Use whois. Usually it will tell you to whom the ip address is registered,
`swip'-ped I believe. AIUI, address ranges are doled out by IANA to ripe,
arin and apnic and you need to use the right whois server. In some cases,
they will refer you to a more specific whois server (eg. brnic, kornic,
aunic, jpnic etc).
...says that 62/8 is assigned to ripe. So something like...
whois -h whois.ripe.net 22.214.171.124
...or, if you use redhat...
whois 126.96.36.199 at whois.ripe.net
...tells us that the address `belongs' to wind.it.
 I find this page fascinating. That BBN have *three* /8s (4, 6 & 46)
is (to me) an interesting snippet. That they are AS1 is a similarly
interesting snippet. (ftp://rs.arin.net/netinfo/asn.txt)
More information about the ILUG