Exodus / Clue problems

• Previous message (by thread): Exodus / Clue problems
• Next message (by thread): Exodus / Clue problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 15 Nov 1998 sigma at pair.com wrote:

> 
> Let me guess - the IP is 209.67.50.254, and they're trying to login to
> nameservers as "root", sometimes a dozen times per second?
> 
> Hello, filtering.
> 
> Kevin
> 
> > 	Sorry to cross post, but is there anyone monitoring this list
> > from Exodus with 1/2 a clue who might be able to help me?  I called the
> > NOC with an in-progress abuse and was told :
> > 
> > 	1) We don't know who owns that IP

That's funny...

[chuck at ws chuck]$ ping dns4.register.com
PING dns4.register.com (209.67.50.254): 56 data bytes
64 bytes from 209.67.50.254: icmp_seq=0 ttl=47 time=130.2 ms
64 bytes from 209.67.50.254: icmp_seq=1 ttl=47 time=132.8 ms
64 bytes from 209.67.50.254: icmp_seq=2 ttl=47 time=133.6 ms

--- dns4.register.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 130.2/132.2/133.6 ms           

and it's Linux 5.1!

[chuck at server chuck]$ whois register-dom
[rs.internic.net]

Registrant:
Forman Interactive Corp (REGISTER-DOM)
   201 Water St.
   Brooklyn, NY 11201
   USA

   Domain Name: REGISTER.COM

   Administrative Contact, Technical Contact, Zone Contact:
      Forman, Internic  (PF61)  internic at FORMAN.COM
      212-627-4988 (FAX) 212-627-6477
   Billing Contact:
      Forman, Internic  (PF61)  internic at FORMAN.COM
      212-627-4988 (FAX) 212-627-6477

   Record last updated on 25-Aug-98.
   Record created on 01-Nov-94.
   Database last updated on 15-Nov-98 04:46:26 EST.

   Domain servers in listed order:

   DNS1.REGISTER.COM            209.67.50.220
   DNS2.REGISTER.COM            209.67.50.241

So... either they're bad folks or they got hacked and the bad folks
are using their machine.  If they got hacked I'd say that's plenty
interesting...

209.67.50.254    22 ssh          Secure Shell - RSA encrypted rsh
                    -> SSH-1.5-1.2.26\n

Cheers!
--                         
Chuck Mead, CEO - Moongroup Consulting, Inc. <chuck at moongroup.com>
http://www.moongroup.com/
http://www.moongroup.com/unix/

There's no such thing as a free lunch.
                -- Milton Friendman

• Previous message (by thread): Exodus / Clue problems
• Next message (by thread): Exodus / Clue problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]