On Friday 22 July 2005 02:49, Herman Robak wrote: > On Fri, 22 Jul 2005 02:55:27 +0200, Helen Faulkner <helen@debian.org> > > wrote: > > Incase anyone is wondering,we are working to ban this person > > Maybe somebody should make him a call, or pay > him a visit, to his door? Failing that, have a > talk with his ISP; he has probably violated their > Terms of Service. If anyone is interested in taking a peek, Yahoo puts the IP address of the user of their web interface in a received line, e.g.: Received: from [24.190.58.202] by web34007.mail.mud.yahoo.com via HTTP; Thu, 21 Jul 2005 16:21:35 PDT Date: Thu, 21 Jul 2005 16:21:35 -0700 (PDT) A lot of them are from 64.74.207.33: $ host 64.74.207.33 Name: ftp-mirror.irlab.pnap.net Address: 64.74.207.33 But there are several others: $ host 24.190.58.202 Name: ool-18be3aca.dyn.optonline.net Address: 24.190.58.202 $ host 60.36.181.86 60.36.181.86 does not exist, try again $ ping 60.36.181.86 PING 60.36.181.86 (60.36.181.86) 56(84) bytes of data. 64 bytes from 60.36.181.86: icmp_seq=1 ttl=41 time=234 ms 64 bytes from 60.36.181.86: icmp_seq=2 ttl=41 time=215 ms $ nmap 60.36.181.86 Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-07-23 09:21 MDT Interesting ports on 60.36.181.86: (The 1647 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 113/tcp open auth 135/tcp filtered msrpc 136/tcp filtered profile 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 443/tcp open https 445/tcp filtered microsoft-ds 631/tcp open ipp 3306/tcp open mysql 5432/tcp open postgres 6699/tcp filtered napster There might have been others, but I saw those three when I checked 20 of the sent messages. -- Wesley J. Landaker <wjl@icecavern.net> OpenPGP FP: 4135 2A3B 4726 ACC5 9094 0097 F0A9 8A4C 4CD6 E3D2
Attachment:
pgpiitjg669OS.pgp
Description: PGP signature