[Dshield] Re: Lots 'n' Lots of attacks...

Bruce Lilly blilly at erols.com
Wed Oct 3 11:30:31 GMT 2001


Note that the hackerwhacker web site provides an "abuse"
link (at both top and bottom of the page) which points to
http://208.179.251.103:80/sysadmin.dyn.  That provides a form
which permits one to request that an IP address be blocked
from hackerwhacker scans.  You can also submit your log
excerpts and ask what email address was given when the request
to scan your IP address was made.

Some other resources:
http://www.arin.net/cgi-bin/whois.pl is a web-based whois
lookup for the ARIN database. It will return both of the ARIN
records which have been in replies on this list. In the case
of an IP address outside of ARIN's jurisdiction, the script
returns a pointer to the appropriate registry (e.g. RIPE or
APNIC) which is a nice feature.

http://www.abuse.net/lookup.phtml accesses a database of contact
information. The contact returned for a query of "pajo.com" is
abuse at pajo.com.




More information about the list mailing list