Hi Paul, don't be surprised if you keep getting them. There's another
round of automatic ssh scanning tools going around the net at the
moment. Started going around in late August. ~26th.

An example is here:
http://www.angelfire.com/linux/0wn3r/sshblaster2.c

Essentially another script kiddy toy, but you may (and others on the
list) want to skim and/or harden up passwords. It's got about 2000 odd
in it by default, but that could of course be expanded, so if it's in
the dictionary, change it. ;p or at least mince the hell outta it. : )

PS: for IP lookups: http://www.geektools.com/whois.php is quite
good. Also yeah, if you have a linux box or something, just throw the
ip past a whois, and it should spit back the data. That partic IP you
queried is a chinanet.cn.net, one of the more prolific spam carrying
ISP's as far as the email I get goes.

Jp.

paul warner wrote:

> At 03:26 PM 9/13/2004, Drew Broadley wrote:
>
>> http://nzip.meta.net.nz/
>>
>> Hopefully people find a use for this. It is still in a BETA stage and
>> I have only had to add one non
>> existant subnet into the database.
>>
>> Suggestion and/or Testing is welcome
>>
>> - Drew
>
>
> Great little program.
>
> Is there one for a larger look up.
>
> I constantly look at my email security server logs and see
> unsuccessful attempts to hack in. Today they are from
> 222.183.144.145. Tried for 30 minutes
>
> Generally the come from addresses starting with 211 or 222
>
>
> Regards,
>
> Paul Warner
>
> paul.warner@bigfoot.com
>
>

-- 
This message is part of the NZ ADSL mailing list. 
see http://unixathome.org/adsl/ for archives, FAQ, 
and various documents. 
To unsubscribe: send mail to majordomo@lists.unixathome.org 
with "unsubscribe adsl" in the body of the message