based on bell's naming scheme that should be San Francisco, California to be more precise. I'm sure with a little foot work you can have it down to a pedestal and then down to a home. I find clubs/bats/etc work a lot better than abuse@ when you can nail it down. --rat On Thu, 2003-05-01 at 10:12, Paulo Abrantes wrote: > Oh and also I don't get it why you are saying > that the source is South-America or Spain. > Reverse lookup from the IP points to a dsl line > > adsl-67-121-92-80.dsl.snfc21.pacbell.net > > doing a whois to pacbell.net > > (...) > > Registrant: > SBC Internet Services, Inc. (PACBELL2-DOM) > PO Box 940972 > Plano, TX 75075 > US > > Domain Name: PACBELL.NET > > Administrative Contact: > PBI DNS Administration (PDA-ORG) dnsadmin@xxxxxxx > Pacific Bell Internet > 940972 > Plano, TX 75075 > US > 800-463-8724 > Fax- - - - - 415-442-4999 > Technical Contact: > Pacific Bell Internet NetCenter (PB401-ORG) trouble@xxxxxxx > P.O. Box 940972 > Plano, TX 75075 > US > 1-800-4NETPBI (463-8724) > Fax- - - (415) 442-4999 > > (...) > > > So it's from the US. You could always try to email to their abuse email. > > Regards, > > Paulo > > On 01 May 2003 16:30:55 +0200 > ctino.schmitt@xxxxxxxxxxx (SchmiTTT) wrote: > > > > > > > Hi ! > > > > Here an outprint of snort: > > > > =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ > > > > 05/01-16:26:42.686237 < l/l len: 0 l/l type: 0x200 0:0:0:0:0:0 > > pkt type:0x0 proto: 0x800 len:0x5E > > 67.121.92.180:1025 -> 217.230.71.240:137 UDP TTL:111 TOS:0x0 ID:27498 > > IpLen:20 DgmLen:78 > > Len: 50 > > 01 00 00 10 00 01 00 00 00 00 00 00 20 43 4B 41 ............ CKA > > 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA > > 41 41 41 41 41 41 41 41 41 41 41 41 41 00 00 21 AAAAAAAAAAAAA..! > > 00 01 .. > > > > =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ > > > > > > This guy seems to repeat it over and over at my PC. > > from all parts of world. I assume he is in South-America or Spain. > > > > What does CKAAAA... mean ??? What kind of scan is this ??? > > > > For hint tuvm ! > > > > Regards > > Tino. > > > > ------------------------------------------------------------------------ > > To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx > > with "unsubscribe" in the subject of the message. > > > > > P. Abrantes > > ++++++++++++++++++++++++++++++++++++++++ > > Computer Science Student @ > Instituto Superior Tecnico > (http://www.ist.utl.pt) > > This email fortune cookie: > > Let's call it an accidental feature. -- Larry Wall > > ++++++++++++++++++++++++++++++++++++++++ > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx > with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message.
