[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] IP spoof? Where do I go now?
- Subject: Re: [cobalt-users] IP spoof? Where do I go now?
- From: "Dan Mahoney, System Admin" <danm@xxxxxxxxxxxxxxx>
- Date: Thu Mar 22 16:37:32 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
On Sun, 18 Mar 2001, [iso-8859-1] Jens Kristian Søgaard wrote:
> Hi Dan,
>
> > For the past two weeks someone using IP Address 192.168.0.1 has been
> > portscanning me on various ports. I went to the Arin website and punched
> in
> > the IP and got this:
>
> The ip-address "192.168.0.1" is not "owned" by anyone. This means, that you
> cannot use the traditional means to find the administrator of that
> IP-address.
>
> Instead you should be looking at the LAN, that your server is attached to.
> Somewhere on that LAN is "something" that is contacting your port 67. As
> port 67 is the bootp port, you most probably have either a remote booting
> pc, a printer, or something similar on your network. The address 192.168.0.1
> is _not_ routed over the internet -- so you must look on your own network to
> find the device in case.
Any computer set to "assign an address automatically" would cause this.
-Dan
--
"She's been getting attacked by these leeches, they're leaving these marks
all over her neck. You gotta keep her out of those woods. If one more
leech gets her, she's gonna get a smack."
-Someone's Mother, December 18th, 1998
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Web: http://prime.gushi.org
finger danm@xxxxxxxxxxxxxxx
for pgp public key and tel#
---------------------------