RE: [CentOS] Re: I've been hacked -- what should I do next?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Scott Silva wrote:
> Aleksandar Milivojevic spake the following on 12/1/2006 12:43 PM:
>> Quoting Alfred von Campe <alfred@xxxxxxx>:
>> 
>>> FWIW, the IP addresses are 172.178.63.167 (acb23fa7.ipt.aol.com) and
>>> 61.43.153.30.  There is no reverse entry for the latter, so I don't
>>> know who to contact.  I'll fire off an email to AOL (not that I
>>> think anything will happen).
>> 
>> You can use a whois database to find the info (for example, there's
>> web interface on www.ripe.net).  Info for 61.43.153.30 indicates
>> that this IP address is alocated to an provider in South Korea. 
>> Contact addresses included: 
>> 
>> inetnum:         61.32.0.0 - 61.43.255.255
>> netname:         BORANET-1
>> descr:           DACOM Corp.
>> descr:           Facility-based Telecommunication Service Provider
>> descr:           providing Internet leased-ine, on-line service, BLL
>> etc. country:         KR admin-c:         DB50-AP
>> tech-c:          DB50-AP
>> status:          ALLOCATED PORTABLE "status:" definitions
>> mnt-by:          APNIC-HM
>> mnt-lower:       MNT-KRNIC-AP
>> changed:         hostmaster@xxxxxxxxx
>> 20000918
>> source:          APNIC
>> 
>> role:            DACOM BORANET
>> address:         DACOM Bldg., 706-1, Yoeksam-dong, Kangnam-ku, Seoul
>> country:         KR phone:           +82-2-2089-7755
>> fax-no:          +82-2-2089-0706
>> e-mail:          ipadm@xxxxxxxxxxxx
>> e-mail:          abuse@xxxxxxxx
>> e-mail:          security@xxxxxxxx
>> admin-c:         EC115-AP
>> tech-c:          SIJ1-AP
>> nic-hdl:         DB50-AP
>> remarks:         IP address administrator group of NIC team, DACOM
>> Corp. remarks:         If related with spam, send mail to
>> abuse@xxxxxxxx
>> remarks:         If related with security, send mail to
>> security@xxxxxxxx remarks:         Only for whois information
>> correction, send mail to ipadm@xxxxxxxxxxxx mnt-by:         
>> MNT-KRNIC-AP 
>> changed:         jeonsi@xxxxxxxx 20041105
>> source:          APNIC
> Hacked from Korea! There is a surprise!! ;-D

We're all assuming that the IP address wasn't spoofed...

Mark
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux