Jump to content

request info search on an ip where number is known

Guest GorGor

By Guest GorGor
in Everything Linux

 Share

Recommended Posts

Guest GorGor

Guest GorGor

Posted
Posted

Hi

 

I can't remember the keyword, but I remember someone said you can search info on a web address if you know the number.

 

I thought it may have been WHOIS but I am often mistaken.

 

any clues or links would be appreciated.

Link to comment
Share on other sites
Steve Scrimpshire Mandriva Guru

Steve Scrimpshire

Posted
Posted

Something like this?

# whois 66.218.71.198



OrgName:    Yahoo! 

OrgID:      YAOO

Address:    701 First Avenue

City:       Sunnyvale

StateProv:  CA

PostalCode: 94089

Country:    US



NetRange:   66.218.64.0 - 66.218.95.255 

CIDR:       66.218.64.0/19 

NetName:    A-YAHOO-U23

NetHandle:  NET-66-218-64-0-1

Parent:     NET-66-0-0-0-0

NetType:    Direct Allocation

NameServer: NS1.YAHOO.COM

NameServer: NS2.YAHOO.COM

NameServer: NS3.YAHOO.COM

NameServer: NS4.YAHOO.COM

NameServer: NS5.YAHOO.COM

Comment:    ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE

RegDate:    2002-01-15

Updated:    2002-06-27



TechHandle: NA258-ARIN

TechName:   Netblock Admin 

TechPhone:  +1-408-349-7183

TechEmail:  netblockadmin@yahoo-inc.com 



OrgTechHandle: NA258-ARIN

OrgTechName:   Netblock Admin 

OrgTechPhone:  +1-408-349-7183

OrgTechEmail:  netblockadmin@yahoo-inc.com



# ARIN WHOIS database, last updated 2003-09-22 19:15

# Enter ? for additional hints on searching ARIN's WHOIS database.

Link to comment
Share on other sites
Guest GorGor

Guest GorGor

Posted
Posted

Steve,

 

That was quick, once I configured guarddog firewall to allow whois I got to see a site that I had never heard of. However, when I typed the address in by numbers I got a porn site.

 

Naughty me.

 

What had me puzzled was my test of my firewall showed I was stealthed at www.pcflank.com and it detected no trojans and my rootkit etc was also clean

BUT I had a new message in my syslog when I did a keyword search for PPP saying the kernel was trying to go to this site after modem handshake.

 

uh-oh. I am not actually worried about it as I deliberately did not update my kernel cos I was waiting for the 2.6 to come out of test or 9.2 arrive.

 

Once I have updated to 9.2 I will only post if I get naughty messages again.

Naturally I am now blocking this site range with my trusty guarddog.

 

Submitted for others to know they should consider leaving their syslog on and read it

 

Once again Steve thanks.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...