spammer from outer space? (routing error)

• Previous message (by thread): spammer from outer space? (routing error)
• Next message (by thread): spammer from outer space? (routing error)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Peter Dambier wrote:
> 
> I just caught this one:
> 
> 2007-08-25 16:57:52 SMTP connection from [125.187.32.144]:45885 (TCP/IP
> connection count = 1)
> 2007-08-25 16:58:11 SMTP connection from [125.187.32.222]:52495 (TCP/IP
> connection count = 2)
> 2007-08-25 16:58:22 ident connection to 125.187.32.144 timed out
> 2007-08-25 16:58:25 no host name found for IP address 125.187.32.144

I don't think of korea as outer space but maybe that's just me.

> Traceroute says:
> 
> traceroute to 125.187.32.144 (125.187.32.144), 30 hops max, 40 byte packets
>  1  krzach.peter-dambier.de (192.168.48.2)  1.112 ms   1.590 ms   1.774 ms
>  2  * * *
>  3  217.0.78.54  83.412 ms   83.446 ms   183.549 ms
>  4  217.239.40.33  183.582 ms   190.061 ms   207.031 ms
>  5  dt-gw.n54ny.ip.att.net (192.205.32.57)  207.000 ms * *
>  6  * * *
>  7  12.122.16.137  268.719 ms   275.778 ms   284.531 ms
>  8  cr1.cgcil.ip.att.net (12.122.1.190)  209.032 ms   217.048 ms  
> 223.948 ms
>  9  12.122.17.130  229.927 ms   237.691 ms   245.808 ms
> 10  tbr1.sffca.ip.att.net (12.122.10.6)  252.838 ms   260.754 ms  
> 269.676 ms
> 11  12.122.110.5  277.657 ms   576.902 ms *
> 12  * * *
> 13  * * *
> 14  203.255.234.221  357.076 ms   357.083 ms   372.057 ms
> 15  210.120.246.65  379.221 ms   395.135 ms   395.169 ms
> 16  210.120.117.6  410.197 ms 210.120.248.250  420.023 ms   427.029 ms
> 17  210.120.244.94  360.443 ms   360.451 ms 210.120.244.90  368.292 ms
> 18  210.120.104.146  389.240 ms 203.248.223.82  389.274 ms   746.508 ms
> 19  * * *
> 22  * * *
> 23  125.187.32.144(H!)  351.850 ms (H!)  359.870 ms (H!)  367.696 ms
> 
> But whois keeps telling me:
> 
> ReferralServer: whois://whois.apnic.net
> 
> NetRange:   125.0.0.0 - 125.255.255.255
> CIDR:       125.0.0.0/8
> NetName:    APNIC-125
> NetHandle:  NET-125-0-0-0-1
> Parent:
> NetType:    Allocated to APNIC
> Comment:    This IP address range is not registered in the ARIN database.
> Comment:    For details, refer to the APNIC Whois Database via
> Comment:    WHOIS.APNIC.NET or http://www.apnic.net/apnic-bin/whois2.pl
> Comment:    ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
> Comment:    for the Asia Pacific region. APNIC does not operate networks
> Comment:    using this IP address range and is not able to investigate
> Comment:    spam or abuse reports relating to these addresses. For more
> Comment:    help, refer to http://www.apnic.net/info/faq/abuse
> RegDate:    2005-01-27
> Updated:    2005-05-20
> 
> OrgTechHandle: AWC12-ARIN
> OrgTechName:   APNIC Whois Contact
> OrgTechPhone:  +61 7 3858 3100
> OrgTechEmail:  search-apnic-not-arin at apnic.net
> 
> 
> So I should never have seen a packet from them?
> 
> 
> Kind regards
> Peter and Karin

• Previous message (by thread): spammer from outer space? (routing error)
• Next message (by thread): spammer from outer space? (routing error)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]