On Fri, Mar 16, 2001 at 12:27:25AM +0100, Luc MAIGNAN wrote: > I've seen via iplog that someone had tried to access to my server. How can I > know who he is knowing his IP address ? > Well, you can do a 'whois -h whois.arin.net <IP>' which will tell you who own the netblock containing his IP. However, that doesn't necessarily mean much at all. Chances are the person who is actually attempting to access your machine is not a legitimate user of the source machine. In other words, the source machine was cracked, and the cracker is probing your server. The owners of the machine will most likely be interested in knowing that their machine is cracked, but there's not much they can do about it except try to get rid of the cracker. noah -- _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html
Attachment:
pgpQVuab6m47S.pgp
Description: PGP signature