| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 76793 | 2007-02-16 03:11:00 | Port scanning- China | Phaedra (9624) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 525075 | 2007-02-19 04:21:00 | Yeah Greg way to go, found the blighters! and sent them a rude email to**** off lol not that it will do much good but gives me satisfaction! they are not as invisable as they thought they were..info below for anyone else IP Information 220.164.140.250 Record Type: IP Address IP Location: China - Yunnan - Yunnan - Chinanet Yunnan Province Network Blacklist Status: Currently Listed (history) Whois Record inetnum: 220.163.0.0 - 220.165.255.255 netname: CHINANET-YN descr: CHINANET yunnan province network descr: China Telecom descr: A12,Xin-Jie-Kou-Wai Street descr: Beijing 100088 country: CN admin-c: CH93-AP tech-c: ZL48-AP mnt-by: MAINT-CHINANET mnt-lower: MAINT-CHINANET-YN changed: 20010711 status: ALLOCATED NON-PORTABLE source: APNIC person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: jjway@126.com address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN changed: 20051212 mnt-by: MAINT-CHINANET source: APNIC person: zhiyong liu nic-hdl: ZL48-AP e-mail: jjway@126.COM address: 136 beijin roadkunmingchina phone: +86-871-8223073 fax-no: +86-871-8221536 country: CN changed: 20060822 mnt-by: MAINT-CHINANET-YN source: APNIC |
Phaedra (9624) | ||
| 525076 | 2007-02-19 04:56:00 | So you emailed some abuse to a webmail account, someone you dont even know or like. GREAT IDEA, did you ask them to try hacking a little harder, or put your address on the spam list..:groan: | Rob99 (151) | ||
| 525077 | 2007-02-19 05:22:00 | You do your thing I'll do mine... :thumbs: | Phaedra (9624) | ||
| 525078 | 2007-02-20 16:46:00 | Couple of things here. If you got an old computer laying around? 486 to a pentium? Couple network cards? Install an external firewall like IPCop. (http://ipcop.org) If you went with IPCop, you could grab up the 3rd party tool called BANISH then grab "cidr" do a lookup on the IP. do a cidr on the IP add the whole domain to BANISH. ~poof magically gone~ Also URLFILTER kicks butt. For ad's... nevertheless A little about the use of cidr cidr -a 220.154.140.250 Network class: C Network mask: 255.255.255.0 Network mask (hex): FFFFFF00 Network address: 220.154.140.0 Subnet bits: 0 Max subnets: 1 Full subnet mask: 255.255.255.0 Full subnet mask (hex): FFFFFF00 Host bits: 8 Hosts per subnet: 256 Bit map: nnnnnnnn.nnnnnnnn.nnnnnnnn.hhhhhhhh Subnet 1: 220.154.140.0 220.154.140.255 * IP address: 220.154.140.250 Hexadecimal IP address: DC9A8CFA Address allocation range: 220.154.140.0 - 220.154.140.255 Full subnet mask: 255.255.255.0 Subnet mask: 0.0.0.0 Subnet ID: 0.0.0.0 Network ID: 220.154.140.0 Host ID: 0.0.0.250 Cisco Wildcard: 0.0.0.255 CIDR notation: 220.154.140.0/24 Route/Mask: 220.154.140.0 / 255.255.255.0 Hexadecimal route/mask: DC9A8C00 / FFFFFF00 Supernet max: 0 What you want here is the CIDR notation CIDR notation: 220.154.140.0/24 Add 220.154.140.0/24 to Banish. You won't never see a packet from them again. Final Thought: Port scanning is harmless, unless you left something open, obviously. Anyway, this is just one solution. It's the way, I have been playing this game. Might get a list of bogon's also. e.g. a bogon list |
sacxtra (1024) | ||
| 525079 | 2007-02-21 10:08:00 | Thanks for your help:) much appreciated | Phaedra (9624) | ||
| 1 2 | |||||