[Dshield] Port scan on 135 - 445 - 137

Deb Hale haled at pionet.net
Tue Aug 5 13:22:48 GMT 2003


I am also seeing scans from Texas - IP address - 216.203.226.10. 
OrgName:    Internet Allegiance, Inc.
OrgID:      IALG
Address:    1950 Stemmons Freeway
City:       Dallas
StateProv:  TX
PostalCode: 75207
Country:    US

NetRange:   216.203.128.0 - 216.203.255.255
CIDR:       216.203.128.0/17
NetName:    IALG-ALGX-2
NetHandle:  NET-216-203-128-0-1
Parent:     NET-216-0-0-0-0
NetType:    Direct Allocation
NameServer: NS1.ALGX.NET
NameServer: NS2.ALGX.NET
Comment:    ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate:    1999-08-24
Updated:    2001-03-28

Is this the one you are seeing? 

Deborah F Hale
Certified Business Continuity Professional/Computer Security Specialist
BCP Enterprise, Inc
Telephone: (712) 252-0361
www.bcpenterprise.com
 


-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org] On Behalf
Of Sue Young
Sent: Monday, August 04, 2003 9:46 PM
To: 'General DShield Discussion List'
Subject: RE: [Dshield] Port scan on 135 - 445 - 137


According to Sam Spade, it's 

whois -h magic 148.235.8.116
Trying whois -h whois.arin.net 148.235.8.116
Instituto Tecnologico y de Estudios Superiores de Monterrey REDMEX-BNETS
(NET-148-203-0-0-1) 
                                  148.203.0.0 - 148.250.255.255 Uninet S.A.
de C.V. UNINET-NET10 (NET-148-235-0-0-1) 
                                  148.235.0.0 - 148.235.255.255

# ARIN WHOIS database, last updated 2003-08-04 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.


Mexico.  This isn't just coming from China.  My network was scanned by a
site from Texas this 
afternoon.  It's all over.

Sue Young

-----Original Message-----
From: haled at longlines.com [mailto:haled at longlines.com] 
Sent: Monday, August 04, 2003 5:45 PM
To: list at dshield.org
Subject: [Dshield] Port scan on 135 - 445 - 137


For the last half hour I have been getting a lot of hits from 148.235.8.116.
Just wanted to let you know.  Deb
-------------------
Email sent using Long Lines Web Mail (http://www.longlines.com/)


_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list






More information about the list mailing list