Hi, Whats the best way to figure out who owns an IP? I've been getting on going connection attempts from: 12.29.19.96 Which looks to me to be part of First Robinson Savings Bank. Now I doubt they are trying to sell me a credit card. Various emails have yet to be answered. Any pointers would be great. Thanks Nick -- -------------------------------------------------- Nick Zentena "Microsoft has unjustifiably jeopardized the stability and security of the operating system." U.S. District Judge Thomas Penfield Jackson Nov 5/1999 -------------------------------------------------- -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
On Wed, 22 Dec 1999, Nick Zentena wrote: <-]Date: Wed, 22 Dec 1999 13:17:57 -0500 <-]From: Nick Zentena <zentena@hophead.dyndns.org> <-]To: Suseenglish <suse-linux-e@suse.com> <-]Subject: [SLE] IP owner? <-] <-]Hi, <-] Whats the best way to figure out who owns an IP? I've been getting on <-]going connection attempts from: <-] <-]12.29.19.96 <-] Hi, you should try: http://www.visualroute.com It gives a lot of infos on any IP. You have 2 choices: 1- Download the Visualroute client for Linux (still never tried it) 2- Perform the search directly with your browser at: http://visualroute.datametrics.com/ <-] <-] Which looks to me to be part of First Robinson Savings Bank. Now I <-]doubt they are trying to sell me a credit card. Various emails have yet <-]to be answered. Any pointers would be great. You are right, here is a part of tthe output from a search on the IP: 12.29.19.96 | 2frs96.frsb.net | ?Robinson, IL 62454 | First Robinson Saving Banks ciao ________________ Nicolas Beaulieu Departement d'economique, Universite Laval Centre de Recherches en Economie et Finances Appliquees (CREFA) Quebec, Canada 418-626-5033 _________________ http://www.penguinpowered.com/~montesquieu montesquieu@penguinpowered.com ICQ 15933500 ---> http://www.ccfa.org <--- ---> http://www.ccfc.ca <--- _________________ " La raison fait l'homme, mais c'est le sentiment qui le conduit. " Jean-Jacques Rousseau Discours sur l'origine et le fondement de l'inegalite parmi les hommes. -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
On Wed, 22 Dec 1999, you wrote:
Hi, Whats the best way to figure out who owns an IP? I've been getting on going connection attempts from:
12.29.19.96
Which looks to me to be part of First Robinson Savings Bank. Now I doubt they are trying to sell me a credit card. Various emails have yet to be answered. Any pointers would be great.
Thanks Nick
I first did a name server lookup and got the following name: Name: 2frs96.frsb.net Address: 12.29.19.96 Then I went to the Network Solutions web site and did a whois lookup and got the following: Registrant: First Robinson Savings Bank (FRSB2-DOM) 501 East Main Street P.O. Box 153 Robinson, IL 62454 Domain Name: FRSB.NET Administrative Contact: Trotter, Les (LT4335) lt3@FRSB.NET 618-544-8621 (FAX) 618-544-7506 Technical Contact, Zone Contact: HOSTMASTER, EOSINC (DE190-ORG) hostmaster@EOSINC.COM 217-241-6000 Fax- 217-241-6001 Billing Contact: Trotter, Les (LT4335) lt3@FRSB.NET 618-544-8621 (FAX) 618-544-7506 Record last updated on 10-Jun-1999. Record created on 10-Jun-1999. Database last updated on 22-Dec-1999 13:07:29 EST. Domain servers in listed order: NS1.EOSINC.COM 208.167.184.2 NS2.EOSINC.COM 208.167.184.3 Hope that info helps. Good luck. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Darren R. Weber drw@linuxfan.com ICQ# 2849193 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
u may have to read this full screen but heres a winders trace i did on it using neotrace... butit was the default look up server i think it was internic or something like that... NeoTrace Version 2.10 - Registered (11-05-99) Destination: 12.29.19.96 -#--------------Node Name---------------IP Address------Location-----------RT*--High---Low---Avg-Tot---D-Who 1 C542470-A 24.14.112.237 41.497N, 87.349W 0 0 0 0 1 0 2 10.81.24.1 Unknown 12 12 12 12 1 0 3 r1-fe1-0-100bt.grffth1.in.home.net 24.10.210.33 41.525N, 87.417W 38 38 38 38 1 0 4 10.83.192.37 41.525N, 87.417W 16 16 16 16 1 0 5 24.12.155.229 Unknown 17 17 17 17 1 0 6 c1-pos9-0.chcgil1.home.net 24.7.72.73 Unknown 18 18 18 18 1 0 7 c1-pos1-0.omahne1.home.net 24.7.64.141 Unknown 25 25 25 25 1 0 8 c1-pos1-0.tulsok1.home.net 24.7.64.150 Unknown 33 33 33 33 1 0 9 c1-pos1-0.dllstx1.home.net 24.7.64.162 Unknown 37 37 37 37 1 0 10 home-gw.dlstx.ip.att.net 192.205.32.49 32.783N, 96.800W 40 40 40 40 1 0 11 gbr1-a80s6.dlstx.ip.att.net 12.123.16.10 32.783N, 96.800W 37 37 37 37 1 0 12 gbr3-p70.dlstx.ip.att.net 12.122.1.166 32.783N, 96.800W 38 38 38 38 1 0 13 gbr2-p30.kszmo.ip.att.net 12.122.2.114 Unknown 47 47 47 47 1 0 14 gbr2-p70.cgcil.ip.att.net 12.122.2.30 41.883N, 87.625W 80 80 80 80 1 0 15 gbr2-p00.sl9mo.ip.att.net 12.127.9.194 Unknown 82 82 82 82 1 0 16 br1-a340s10.sl9mo.ip.att.net 12.123.24.162 Unknown 82 82 82 82 1 0 17 ar3-a300s1.sl9mo.ip.att.net 12.127.4.37 Unknown 85 85 85 85 1 0 18 12.126.90.234 Unknown 93 93 93 93 1 0 19 No Response 0.0.0.0 Unknown - 0 0 0 2 2 20 2frs66.frsb.net 12.29.19.66 Unknown 94 94 94 94 1 0 21 2frs96.frsb.net 12.29.19.96 Unknown 274 274 274 274 1 0 -------------------------------------------------------------------------------------------------------- *All times in milliseconds (ms), D=Dropped packets ------------------------------------------------------------------------------------------------------------ December 22, 1999 14:12:1 NeoTrace Copyright ©1997-1999 NeoWorx inc http://www.neoworx.com "Darren R. Weber" wrote:
On Wed, 22 Dec 1999, you wrote:
Hi, Whats the best way to figure out who owns an IP? I've been getting on going connection attempts from:
12.29.19.96
Which looks to me to be part of First Robinson Savings Bank. Now I doubt they are trying to sell me a credit card. Various emails have yet to be answered. Any pointers would be great.
Thanks Nick
I first did a name server lookup and got the following name: Name: 2frs96.frsb.net Address: 12.29.19.96
Then I went to the Network Solutions web site and did a whois lookup and got the following: Registrant: First Robinson Savings Bank (FRSB2-DOM) 501 East Main Street P.O. Box 153 Robinson, IL 62454 Domain Name: FRSB.NET
Administrative Contact: Trotter, Les (LT4335) lt3@FRSB.NET 618-544-8621 (FAX) 618-544-7506 Technical Contact, Zone Contact: HOSTMASTER, EOSINC (DE190-ORG) hostmaster@EOSINC.COM 217-241-6000 Fax- 217-241-6001 Billing Contact: Trotter, Les (LT4335) lt3@FRSB.NET 618-544-8621 (FAX) 618-544-7506 Record last updated on 10-Jun-1999. Record created on 10-Jun-1999. Database last updated on 22-Dec-1999 13:07:29 EST. Domain servers in listed order: NS1.EOSINC.COM 208.167.184.2 NS2.EOSINC.COM 208.167.184.3
Hope that info helps. Good luck.
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Darren R. Weber drw@linuxfan.com ICQ# 2849193 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
On Wed, 22 Dec 1999, Nick Zentena wrote: <-]Date: Wed, 22 Dec 1999 13:17:57 -0500 <-]From: Nick Zentena <zentena@hophead.dyndns.org> <-]To: Suseenglish <suse-linux-e@suse.com> <-]Subject: [SLE] IP owner? <-] <-]Hi, <-] Whats the best way to figure out who owns an IP? I've been getting on <-]going connection attempts from: <-] <-]12.29.19.96 <-] <-] <-] Which looks to me to be part of First Robinson Savings Bank. Now I <-]doubt they are trying to sell me a credit card. Various emails have yet <-]to be answered. Any pointers would be great. <-] <-] Thanks <-] Nick <-] Hi Nick Here is another tool, that gives youaccute informations on the IP, the network, the owner, contact infos.....: http://www.leader.ru/secure/ Enter the IP in the "Watson [Whoiz]" field. Don't be afraid by the russian symbols....the results are in english. ________________ Nicolas Beaulieu Departement d'economique, Universite Laval Centre de Recherches en Economie et Finances Appliquees (CREFA) Quebec, Canada 418-626-5033 _________________ http://www.penguinpowered.com/~montesquieu montesquieu@penguinpowered.com ICQ 15933500 ---> http://www.ccfa.org <--- ---> http://www.ccfc.ca <--- _________________ " La raison fait l'homme, mais c'est le sentiment qui le conduit. " Jean-Jacques Rousseau Discours sur l'origine et le fondement de l'inegalite parmi les hommes. -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Nick Zentena wrote:
Hi, Whats the best way to figure out who owns an IP? I've been getting on going connection attempts from:
12.29.19.96
Which looks to me to be part of First Robinson Savings Bank. Now I doubt they are trying to sell me a credit card. Various emails have yet to be answered. Any pointers would be great.
I had something like this from a manufacturing company. I e-mailed them, and as it turned out, they had been cracked. Their ISP received hundreds of e-mails complaining about these attacks. I use fwhois (a nice Red Hat rpm that installs on SuSE) to track this stuff down. Why not give ol' Les Trotter a call at work as ask him why they are attacking your machine? You can also complain to AT&T (their provider). Keywords like "port-scanning," "probing firewalls" get attention. Be sure you have logs available to support your claims. hawaii:~/applications $ fwhois 12.29.19.96@whois.arin.net [whois.arin.net] AT&T ITS (NET-ATT) ATT 12.0.0.0 - 12.255.255.255 First Robinson Saving Banks (NETBLK-FRS-L-18) FRS-L-18 12.29.18.0 - 12.29.19.255 [snip] hawaii:~/applications $ fwhois NETBLK-FRS-L-18@whois.arin.net [whois.arin.net] First Robinson Saving Banks (NETBLK-FRS-L-18) 501 E. Main Street Robinson, IL 62454 US Netname: FRS-L-18 Netblock: 12.29.18.0 - 12.29.19.255 Maintainer: FRSL Coordinator: Trotter, Les (LT40-ARIN) lt3@FRS-L.COM 618-544-8621 Record last updated on 07-Jun-1999. Database last updated on 22-Dec-1999 03:55:03 EDT. [snip] -- George Toft http://www.georgetoft.com -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Saw this in my xconsole log. Doubt it's good. Any clues what I'm up against? _____________________________________________________ Daniel Woodard daniel.woodard@extricate.com design@mindspring.com -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Hi, Whats the best way to figure out who owns an IP? I've been getting on going connection attempts from:
12.29.19.96
ARIN - American Registry of Internet Numbers http://www.arin.net/whois/index.html -------- AT&T ITS (NET-ATT) ATT 12.0.0.0 - 12.255.255.255 First Robinson Saving Banks (NETBLK-FRS-L-18) FRS-L-18 12.29.18.0 - 12.29.19.255 Mario -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Thanks everybody. I think I'll forward a complaint to AT&T tommorow. Hopefully I'll have finished upgrading to 6.3 by then-) Nick -- -------------------------------------------------- Nick Zentena "Microsoft has unjustifiably jeopardized the stability and security of the operating system." U.S. District Judge Thomas Penfield Jackson Nov 5/1999 -------------------------------------------------- -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
participants (7)
-
design@mindspring.com -
grtoft@yahoo.com -
mistrM@socal.rr.com -
nbea@ecn.ulaval.ca -
steganos1@home.com -
weberdr@bellsouth.net -
zentena@hophead.dyndns.org