Re: HS: How to ban some IP's to connect to apache server
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thierry Chatelet wrote:
> On Tuesday 22 April 2008 08:46:40 Bob Cox wrote:
>> On Tue, Apr 22, 2008 at 08:35:17 +0200, Thierry Chatelet (tchatelet@free.fr)
> wrote:
>> bob@trantor:~$ host 88.131.106.6
>> 6.106.131.88.in-addr.arpa is an alias for
>> 6.0-26.106.131.88.in-addr.arpa.
>> 6.0-26.106.131.88.in-addr.arpa domain name pointer c06.entireweb.com.
>>
>>
>> A 'whois' on entireweb.com shows it belongs to someone in Sweden.
>
>
> This is what I get from networksolutions.com/whois/
> 88.131.106.6
> Record Type: IP Address
>
> OrgName: RIPE Network Coordination Centre
> OrgID: RIPE
> Address: P.O. Box 10096
> City: Amsterdam
> StateProv:
> PostalCode: 1001EB
> Country: NL
IIC, this is the registration agency that registers all IP adresses in
the European/Asian Region. That means all IPs located in Europe, the
Middle East and parts of Central Asia are registered at these servers.
1. http://en.wikipedia.org/wiki/RIPE_NCC
> ReferralServer: whois://whois.ripe.net:43
[snip]
> remarks: This network is assigned to se.tele1 customers
> remarks: in Sweden. In case of routing problem, please
> remarks: contact peering@sn.net, in case of inappropriate
> remarks: usage or attacks please mail abuse@tdcsong.se
> mnt-by: TELE1-SE-MNT
> source: RIPE # Filtered
Apparently some customer of a swedish ISP is causing these connections
(or someone who hijacked a computer of the ISP or a customer).
HTH,
Johannes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIDZN1C1NzPRl9qEURAl/VAJ9bDD6arnOhUgNiBAehrndOPb5W5gCaAy4B
zDxWdW7emIZu2zaDI74Ejdg=
=rdlk
-----END PGP SIGNATURE-----
Reply to: