[Dshield] Gathering information on an IP address

Deb Hale haled at pionet.net
Wed Sep 24 16:47:47 GMT 2003


I use ARIN for lookup.  www.arin.net  

Deborah F Hale
Certified Business Continuity Professional/Computer Security Specialist
BCP Enterprise, Inc
Telephone: (712) 252-0361
www.bcpenterprise.com
 


-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org] On Behalf
Of Brad Morgan
Sent: Wednesday, September 24, 2003 11:18 AM
To: 'General DShield Discussion List'
Subject: [Dshield] Gathering information on an IP address


In addition to sending my Netfilter logs to Dshield, I am also storing them
in a MySQL database and using IPTables Logger to view the data.

There's a piece of PHP that is called with a numeric IP address (a DNS
lookup has already been performed returning no answer) that attempts to do a
whois on that address.  There's no useful information returned.

A while ago, I remember a post to this list about a procedure, web page, or
something at DShield that presented lots of useful information about an IP
address.  I remember at the time saying I should use this and I thought I
saved the message but I can't find it now.  Can anyone help me with a
pointer?

Can you suggest any other things I can do with this numeric IP address that
would return useful information.  My guess is that the whois command that's
being used hasn't got the correct switches, but there may be better
solutions.

Regards,

Brad Morgan


_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list





More information about the list mailing list