Trying to identify hosts

• Previous message (by thread): Trying to identify hosts
• Next message (by thread): Trying to identify hosts
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ok, got a few off list replies that secureserver.net is godaddy which
is fine - makes sense. I just wish this would link back to them easier
(some backup ns being something.godaddy.com or some SOA of an IP
listed in the spf being something.godaddy.com or whatever).

Thank y'all for the info.

On Mon, Oct 27, 2014 at 11:57 AM, shawn wilson <ag4ve.us at gmail.com> wrote:
> We get lots of probes from subdomains of southwestdoor.com and
> secureserver.net 's SOA and I'm curious who these guys are?
>
> The only web page I could find was southwestdoor redirects to
> http://www.arcadiacustoms.com and then to http://arcadia-custom.com/
> (a hardware company is causing unwanted network traffic - not unless
> they're owned)
>
> Traceroute for southwestdoor.com goes through secureserver.net and
> they have lots of references (in dns) to themselves, jomax.net and
> domaincontrol.com.
>
> Can someone give me a better picture of how this all fits together on
> a company level - as in how do these guys make money and why are they
> probing our network? I understand scans from ISPs and colos, but I
> can't directly identify these guys as either.

• Previous message (by thread): Trying to identify hosts
• Next message (by thread): Trying to identify hosts
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]