Sygate & backtracing

Discussion in 'NZ Computing' started by Southern Kiwi, May 23, 2004.

  1. What info (that is of any use) can I glean from backtracing port scanners?
    I'm not sure how to dechipher the info I get
    Here is the log


    This is the RIPE Whois server.
    % The objects are in RPSL format.
    %
    % Rights restricted by copyright.
    % See http://www.ripe.net/ripencc/pub-services/db/copyright.html

    inetnum: 0.0.0.0 - 255.255.255.255
    netname: IANA-BLK
    descr: The whole IPv4 address space
    country: EU # Country is really world wide
    org: ORG-IANA1-RIPE
    admin-c: IANA1-RIPE
    tech-c: IANA1-RIPE
    status: ALLOCATED UNSPECIFIED
    remarks: The country is really worldwide.
    remarks: This address space is assigned at various other places in
    remarks: the world and might therefore not be in the RIPE database.
    mnt-by: RIPE-NCC-HM-MNT
    mnt-lower: RIPE-NCC-HM-MNT
    mnt-routes: RIPE-NCC-RPSL-MNT
    changed: 20010529
    changed: 20020625
    changed: 20031014
    changed: 20040422
    changed: 20040504
    source: RIPE

    organisation: ORG-IANA1-RIPE
    org-name: Internet Assigned Numbers Authority
    org-type: IANA
    address: see http://www.iana.org
    remarks: The IANA allocates IP addresses and AS number blocks to RIRs
    remarks: see http://www.iana.org/ipaddress/ip-addresses.htm
    remarks: and http://www.iana.org/assignments/as-numbers
    e-mail:
    admin-c: IANA1-RIPE
    tech-c: IANA1-RIPE
    mnt-ref: RIPE-NCC-HM-MNT
    mnt-by: RIPE-NCC-HM-MNT
    changed: 20040417
    source: RIPE

    role: Internet Assigned Numbers Authority
    address: see http://www.iana.org.
    e-mail:
    admin-c: IANA1-RIPE
    tech-c: IANA1-RIPE
    nic-hdl: IANA1-RIPE
    remarks: For more information on IANA services
    remarks: go to IANA web site at http://www.iana.org.
    mnt-by: RIPE-NCC-MNT
    changed: 20010411
    source: RIPE



    --
    Cheers
    Southern Kiwi
    southern_kiwi@*spamsucks*hotmail.com
    Word of wisdom from high in the mountains....you know...like a Guru...but
    not as old....or mystic......or wise....or high... :)
    Southern Kiwi, May 23, 2004
    #1
    1. Advertising

  2. Southern Kiwi

    Dave Taylor Guest

    "Southern Kiwi" <southern_kiwi@*spamsucks*hotmail.com> wrote in
    news::

    > What info (that is of any use) can I glean from backtracing port
    > scanners? I'm not sure how to dechipher the info I get
    > Here is the log


    Don't bother unless they are attacking you.
    Look into dshield.org or mynetwatchman.com. Let someone else do the work.
    If you setup the clients correctly you will be emailed reports.
    If you want to dig information Samspade.org has a great tool for that kind
    of stuff.

    Ciao, Dave
    Dave Taylor, May 24, 2004
    #2
    1. Advertising

  3. Southern Kiwi

    Steve Guest

    Dave Taylor wrote:
    > "Southern Kiwi" <southern_kiwi@*spamsucks*hotmail.com> wrote in
    > news::
    >
    >
    >>What info (that is of any use) can I glean from backtracing port
    >>scanners? I'm not sure how to dechipher the info I get
    >>Here is the log

    >
    >
    > Don't bother unless they are attacking you.
    > Look into dshield.org or mynetwatchman.com. Let someone else do the work.
    > If you setup the clients correctly you will be emailed reports.
    > If you want to dig information Samspade.org has a great tool for that kind
    > of stuff.
    >
    > Ciao, Dave


    This is just an info message surely... otherwise the whole of the IPV4
    internet is attacking you!
    Steve, May 24, 2004
    #3
  4. "Steve" <> wrote in message
    > Dave Taylor wrote:
    > > "Southern Kiwi" <southern_kiwi@*spamsucks*hotmail.com> wrote
    > >>What info (that is of any use) can I glean from backtracing port
    > >>scanners? I'm not sure how to dechipher the info I get
    > >>Here is the log

    > >
    > > Don't bother unless they are attacking you.
    > > Look into dshield.org or mynetwatchman.com. Let someone else do the

    work.
    > > If you setup the clients correctly you will be emailed reports.
    > > If you want to dig information Samspade.org has a great tool for that

    kind
    > > of stuff.
    > > Ciao, Dave

    >
    > This is just an info message surely... otherwise the whole of the IPV4
    > internet is attacking you!


    While I may be a tad paranoid, I'm not totally convinced EVERYONE in
    cyberspace is after me ;-)

    --
    Cheers
    Southern Kiwi
    southern_kiwi@*spamsucks*hotmail.com
    Word of wisdom from high in the mountains....you know...like a Guru...but
    not as old....or mystic......or wise....or high... :)
    Southern Kiwi, May 24, 2004
    #4
  5. This report means that the IP address was not known to the RIPE whois
    server. What exactly was the IP address?


    "Southern Kiwi" <southern_kiwi@*spamsucks*hotmail.com> wrote in message news:<>...
    > What info (that is of any use) can I glean from backtracing port scanners?
    > I'm not sure how to dechipher the info I get
    > Here is the log
    >
    >
    > This is the RIPE Whois server.
    > % The objects are in RPSL format.
    > %
    > % Rights restricted by copyright.
    > % See http://www.ripe.net/ripencc/pub-services/db/copyright.html
    >
    > inetnum: 0.0.0.0 - 255.255.255.255
    > netname: IANA-BLK
    > descr: The whole IPv4 address space
    > country: EU # Country is really world wide
    > org: ORG-IANA1-RIPE
    > admin-c: IANA1-RIPE
    > tech-c: IANA1-RIPE
    > status: ALLOCATED UNSPECIFIED
    > remarks: The country is really worldwide.
    > remarks: This address space is assigned at various other places in
    > remarks: the world and might therefore not be in the RIPE database.
    > mnt-by: RIPE-NCC-HM-MNT
    > mnt-lower: RIPE-NCC-HM-MNT
    > mnt-routes: RIPE-NCC-RPSL-MNT
    > changed: 20010529
    > changed: 20020625
    > changed: 20031014
    > changed: 20040422
    > changed: 20040504
    > source: RIPE
    >
    > organisation: ORG-IANA1-RIPE
    > org-name: Internet Assigned Numbers Authority
    > org-type: IANA
    > address: see http://www.iana.org
    > remarks: The IANA allocates IP addresses and AS number blocks to RIRs
    > remarks: see http://www.iana.org/ipaddress/ip-addresses.htm
    > remarks: and http://www.iana.org/assignments/as-numbers
    > e-mail:
    > admin-c: IANA1-RIPE
    > tech-c: IANA1-RIPE
    > mnt-ref: RIPE-NCC-HM-MNT
    > mnt-by: RIPE-NCC-HM-MNT
    > changed: 20040417
    > source: RIPE
    >
    > role: Internet Assigned Numbers Authority
    > address: see http://www.iana.org.
    > e-mail:
    > admin-c: IANA1-RIPE
    > tech-c: IANA1-RIPE
    > nic-hdl: IANA1-RIPE
    > remarks: For more information on IANA services
    > remarks: go to IANA web site at http://www.iana.org.
    > mnt-by: RIPE-NCC-MNT
    > changed: 20010411
    > source: RIPE
    Gene Soudlenkov, May 25, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. jafiwam

    Re: Sygate Personal Firewall readout

    jafiwam, Jul 4, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    489
    jafiwam
    Jul 4, 2003
  2. Philippe L. Balmanno

    Re: Sygate Personal Firewall readout

    Philippe L. Balmanno, Jul 4, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    563
    Philippe L. Balmanno
    Jul 5, 2003
  3. Sonia

    My Sygate firewall is getting full

    Sonia, Aug 22, 2003, in forum: Computer Support
    Replies:
    13
    Views:
    694
  4. Samantha Jackson

    Sygate,Outpost query

    Samantha Jackson, Oct 1, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    422
    ┬░Mike┬░
    Oct 1, 2003
  5. Sygate Firewall

    , Dec 18, 2003, in forum: Computer Support
    Replies:
    10
    Views:
    779
    [ Doc Jeff ]
    Dec 19, 2003
Loading...

Share This Page