How to locate and contact attacker?
Bill Campbell
linux-sxs
Mon Aug 14 21:11:21 PDT 2006
On Mon, Aug 14, 2006, Ken Moffat wrote:
>Chong Yu Meng wrote:
>>
>> Here's my question: if I know the IP address, how do I get information
>> about this system--
>
>Have you tried "whois" ?
That's sometimes useful, depending on the accuracy of the whois
information.
Another technique that I use when there's no reverse DNS (e.g. not
hostname related to the IP address) is do dns queries for the name servers
for the rDNS (in-addr.arpa). That is, if the IP addres is 1.2.3.4, lookup
the NS record for 4.3.2.1.in-addr.arpa. If there's no NS for that, try the
NS for 3.2.1.in-addr.arpa, 2.1.in-addr.arpa. etc. until something returns
an NS entry.
Bill
--
INTERNET: bill at Celestial.COM Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way
FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676
``UNIX was not designed to stop you from doing stupid things, because that
would also stop you from doing clever things.'' -- Doug Gwyn
More information about the Linux-users
mailing list