IP ADDRESS - WHO IS IT ?
#1
BANNED
BANNED
Thread Starter
iTrader: (1)
Join Date: Jul 2003
Location: Wiltshire
Posts: 12,483
Likes: 0
Received 0 Likes
on
0 Posts
IP ADDRESS - WHO IS IT ?
Does anyone know how to trace an IP address to a user please ?
217.41.61.178
Tried the RIPE data base without much success as it only shows this....
RIPE SITE: http://www.ripe.net/perl/whois
This IP address has continuously attempted to hack my server over the last few days !!!
Luckily my new firewall has stopped it !
217.41.61.178
Tried the RIPE data base without much success as it only shows this....
RIPE SITE: http://www.ripe.net/perl/whois
inetnum: 217.41.0.0 - 217.41.63.255
remarks: ************************************************** *****
remarks: * Please send abuse reports to abuse@btopenworld.com *
remarks: ************************************************** *****
remarks: * USED FOR CUSTOMERS WITH SINGLE STATIC IP ADDRESSES *
remarks: ************************************************** *****
netname: BT-ADSL
descr: Single Static IP Addresses
country: GB
admin-c: BTOW1-RIPE
tech-c: BTOW1-RIPE
status: ASSIGNED PA
mnt-by: BTNET-MNT
mnt-lower: BTNET-MNT
mnt-routes: BTNET-MNT
changed: ipaddman@bt.com 20040319
changed: ipaddman@bt.com 20050120
changed: ipaddman@bt.com 20050202
changed: ipaddman@bt.com 20050209
source: RIPE
remarks: ************************************************** *****
remarks: * Please send abuse reports to abuse@btopenworld.com *
remarks: ************************************************** *****
remarks: * USED FOR CUSTOMERS WITH SINGLE STATIC IP ADDRESSES *
remarks: ************************************************** *****
netname: BT-ADSL
descr: Single Static IP Addresses
country: GB
admin-c: BTOW1-RIPE
tech-c: BTOW1-RIPE
status: ASSIGNED PA
mnt-by: BTNET-MNT
mnt-lower: BTNET-MNT
mnt-routes: BTNET-MNT
changed: ipaddman@bt.com 20040319
changed: ipaddman@bt.com 20050120
changed: ipaddman@bt.com 20050202
changed: ipaddman@bt.com 20050209
source: RIPE
This IP address has continuously attempted to hack my server over the last few days !!!
Luckily my new firewall has stopped it !
#6
PassionFord Post Whore!!
Join Date: May 2003
Location: Northants
Posts: 9,076
Likes: 0
Received 0 Likes
on
0 Posts
Simon, I think the key thing here is this bit:
remarks: ************************************************** *****
remarks: * USED FOR CUSTOMERS WITH SINGLE STATIC IP ADDRESSES *
remarks: ************************************************** *****
netname: BT-ADSL
descr: Single Static IP Addresses
remarks: ************************************************** *****
remarks: * USED FOR CUSTOMERS WITH SINGLE STATIC IP ADDRESSES *
remarks: ************************************************** *****
netname: BT-ADSL
descr: Single Static IP Addresses
#7
BANNED
BANNED
Thread Starter
iTrader: (1)
Join Date: Jul 2003
Location: Wiltshire
Posts: 12,483
Likes: 0
Received 0 Likes
on
0 Posts
Billabong,
It tells me its someone who uses BT ADSL and has a static IP address.
Which isnt really much at all
I want to know the name of the person/company who uses this before I call in the FEDS
It tells me its someone who uses BT ADSL and has a static IP address.
Which isnt really much at all
I want to know the name of the person/company who uses this before I call in the FEDS
Trending Topics
#8
PassionFord Post Whore!!
dont these hackers hide there adress by mirroring of someone elses, think about it iof there that clued up to HACK somones website i'm sure they will have the brains to hide there identity.
#9
PassionFord Post Whore!!
Join Date: May 2003
Location: Northants
Posts: 9,076
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by SECS
Billabong,
It tells me its someone who uses BT ADSL and has a static IP address.
Which isnt really much at all
I want to know the name of the person/company who uses this before I call in the FEDS
It tells me its someone who uses BT ADSL and has a static IP address.
Which isnt really much at all
I want to know the name of the person/company who uses this before I call in the FEDS
Did your firewall give you any idea of what they were attempting, or was it just pinging your machine? Not all firewall alerts are genuine hacking attempts.
#10
BANNED
BANNED
Thread Starter
iTrader: (1)
Join Date: Jul 2003
Location: Wiltshire
Posts: 12,483
Likes: 0
Received 0 Likes
on
0 Posts
Here are 5 of the 200+ logs I have for the last 2 days ....
TCP Packet - Source:217.41.61.178,2333 Destination:edited- [DOS]
TCP Packet - Source:217.41.61.178,2331 Destination:edited- [DOS]
TCP Packet - Source:217.41.61.178,2329 Destination:edited- [DOS]
TCP Packet - Source:217.41.50.234,4923 Destination:edited- [DOS]
TCP Packet - Source:195.66.109.228,3486 Destination:edited- [DOS]
As you can see its a little bit more than a port scan
TCP Packet - Source:217.41.61.178,2333 Destination:edited- [DOS]
TCP Packet - Source:217.41.61.178,2331 Destination:edited- [DOS]
TCP Packet - Source:217.41.61.178,2329 Destination:edited- [DOS]
TCP Packet - Source:217.41.50.234,4923 Destination:edited- [DOS]
TCP Packet - Source:195.66.109.228,3486 Destination:edited- [DOS]
As you can see its a little bit more than a port scan
#15
Too many posts.. I need a life!!
Join Date: Jul 2003
Location: Liverpool
Posts: 788
Likes: 0
Received 0 Likes
on
0 Posts
hmm if it's from a BB bt user my router has stacks and stacks of DOS attemps!! it's all the script kidies out there!!! ye got to love em I guess....
#20
BANNED
BANNED
Thread Starter
iTrader: (1)
Join Date: Jul 2003
Location: Wiltshire
Posts: 12,483
Likes: 0
Received 0 Likes
on
0 Posts
Phil, scuttle away and dream of your make believe DIY engine.
If indeed it does exist, you will get someone else to map it and pretend you did it
all yourself like you did the last engine !
If indeed it does exist, you will get someone else to map it and pretend you did it
all yourself like you did the last engine !
#24
Too many posts.. I need a life!!
Join Date: Jul 2003
Location: Liverpool
Posts: 788
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by * Rudey *
eleborate dead and gone yor talking like a hacker mate speak english boy
Script Kidies = kids (where the kiddies bit comes from ) download DOS and other hacking tools and use them, it's not the "propper" way to hack so they are refered to as Script Kidies because they don't know how the hack works but they just use a program to do it!
#25
PassionFord Post Whore!!
Join Date: Aug 2004
Location: Kent
Posts: 4,364
Likes: 0
Received 0 Likes
on
0 Posts
SECS words cant hurt anyone...a punch in the face however can cause massive scarring....think about that before acussations..if it was me i wouldnt hide as i beleive you deserve all you get you fooking weirdo
#27
BANNED
BANNED
Thread Starter
iTrader: (1)
Join Date: Jul 2003
Location: Wiltshire
Posts: 12,483
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by SECS
Phil, scuttle away and dream of your make believe DIY engine.
If indeed it does exist, you will get someone else to map it and pretend you did it
all yourself like you did the last engine !
If indeed it does exist, you will get someone else to map it and pretend you did it
all yourself like you did the last engine !
Phil, I guess this touched a nerve as I have never heard you threaten anyone before !!
#28
PassionFord Post Whore!!
Join Date: Aug 2004
Location: Kent
Posts: 4,364
Likes: 0
Received 0 Likes
on
0 Posts
Yes its all make beleive i do nothing i am a con man...oh abit like YOU
PS i aint mapping my new engine Mark is..and teaching me at the same time...i aint got nothing to hide..i am the truth...learn.
PS i aint mapping my new engine Mark is..and teaching me at the same time...i aint got nothing to hide..i am the truth...learn.
#29
just finding my feet
london , simon i live no where near there untill ya find this person, dont want ya thinking it me with all my computer knowlage
i cant even spell IPS , what chance i got at hacking it
i cant even spell IPS , what chance i got at hacking it
#33
just finding my feet
simon im not kidding but i did have CID at the door when i got home from work
some fookers used my address and skipped bail , tossers where gonna arrest me until me missus got home as i couldnt find me drivers licence
there gonna come again then illstick the kettel on
spry to hear about the dessision about tradding ect btw
some fookers used my address and skipped bail , tossers where gonna arrest me until me missus got home as i couldnt find me drivers licence
there gonna come again then illstick the kettel on
spry to hear about the dessision about tradding ect btw
#39
Just before you call any feds in (and because the original log has been edited), post the destination port (source port shows nothing, needs to be the destination port at your end) that the DoS has been hitting......I deal with this kind of thing in work, and I find that 99% of any "X is hacking me" reports I get sent in are due to virus-activity, and the owner of the infected machine doesn't even have a clue what their machine is doing in the background.
[Edit/Addition]: Forgot to say, the only way you'll find out who that is from BT (if there's no matching IP in the PF-login database) is by going through the Police in the event of it being intentionally malicious, and by the Police High Tech Crimes Unit issuing BT with a RIPA request (basically, asking for further information on the customer the IP address is assigned to, to further their investigation). The Data Protection Act prevents BT from giving this information out in any other circumstances (apart from possibly a court-order, I think).
[Edit/Addition]: Forgot to say, the only way you'll find out who that is from BT (if there's no matching IP in the PF-login database) is by going through the Police in the event of it being intentionally malicious, and by the Police High Tech Crimes Unit issuing BT with a RIPA request (basically, asking for further information on the customer the IP address is assigned to, to further their investigation). The Data Protection Act prevents BT from giving this information out in any other circumstances (apart from possibly a court-order, I think).
#40
10K+ Poster!!
Join Date: May 2003
Location: Handcuffed to the Mrs' Bed ;-)
Posts: 10,089
Likes: 0
Received 2 Likes
on
1 Post
Re: IP ADDRESS - WHO IS IT ?
Originally Posted by SECS
Does anyone know how to trace an IP address to a user please ?
217.41.61.178
Tried the RIPE data base without much success as it only shows this....
RIPE SITE: http://www.ripe.net/perl/whois
This IP address has continuously attempted to hack my server over the last few days !!!
Luckily my new firewall has stopped it !
217.41.61.178
Tried the RIPE data base without much success as it only shows this....
RIPE SITE: http://www.ripe.net/perl/whois
inetnum: 217.41.0.0 - 217.41.63.255
remarks: ************************************************** *****
remarks: * Please send abuse reports to abuse@btopenworld.com *
remarks: ************************************************** *****
remarks: * USED FOR CUSTOMERS WITH SINGLE STATIC IP ADDRESSES *
remarks: ************************************************** *****
netname: BT-ADSL
descr: Single Static IP Addresses
country: GB
admin-c: BTOW1-RIPE
tech-c: BTOW1-RIPE
status: ASSIGNED PA
mnt-by: BTNET-MNT
mnt-lower: BTNET-MNT
mnt-routes: BTNET-MNT
changed: ipaddman@bt.com 20040319
changed: ipaddman@bt.com 20050120
changed: ipaddman@bt.com 20050202
changed: ipaddman@bt.com 20050209
source: RIPE
remarks: ************************************************** *****
remarks: * Please send abuse reports to abuse@btopenworld.com *
remarks: ************************************************** *****
remarks: * USED FOR CUSTOMERS WITH SINGLE STATIC IP ADDRESSES *
remarks: ************************************************** *****
netname: BT-ADSL
descr: Single Static IP Addresses
country: GB
admin-c: BTOW1-RIPE
tech-c: BTOW1-RIPE
status: ASSIGNED PA
mnt-by: BTNET-MNT
mnt-lower: BTNET-MNT
mnt-routes: BTNET-MNT
changed: ipaddman@bt.com 20040319
changed: ipaddman@bt.com 20050120
changed: ipaddman@bt.com 20050202
changed: ipaddman@bt.com 20050209
source: RIPE
This IP address has continuously attempted to hack my server over the last few days !!!
Luckily my new firewall has stopped it !
Who did it ?
Where they did it from ?
How they did it ?
Why they did it ?