Re: determining the block an IP belongs to ( was Re: Connection Attempt to TCP Port 2000)

2002-02-12 Thread Ed Wilts
On Tue, Feb 12, 2002 at 11:40:57AM -0800, Rob Saul wrote: > > I've heard of being able to do this, finding the block an IP belongs to, > but I've never found a reference on how to do it. How is it done? And > is it possible to find the 'owner' of the block once it is determined? > > I get the f

Re: determining the block an IP belongs to ( was Re: Connection Attempt to TCP Port 2000)

2002-02-12 Thread G. T. Francisco, III
On Tue, Feb 12, 2002 at 11:40:57AM -0800, Rob Saul said: > > On Tuesday 12 February 2002 03:08, Fred Herman wrote: > > Well, whatever was going on, there were 5 outside connections within 40 > > minutes from ip's in net blocks belonging to Turkey, Kuwait, Belgium, > > Canada, and one US isp. >

determining the block an IP belongs to ( was Re: Connection Attempt to TCP Port 2000)

2002-02-12 Thread Rob Saul
On Tuesday 12 February 2002 03:08, Fred Herman wrote: > Well, whatever was going on, there were 5 outside connections within 40 > minutes from ip's in net blocks belonging to Turkey, Kuwait, Belgium, > Canada, and one US isp. I've heard of being able to do this, finding the block an IP belongs

Re: Connection Attempt to TCP Port 2000

2002-02-12 Thread Fred Herman
Mike Burger wrote: > > There are legitimate uses for port 2000. > > In my case, it's for a middleware program called Webcit. Webcit is a > mini-web server of sorts, which is used to connect to Citadel/UX BBS > systems. > > Before killing the user, make sure nobody was running a Citadel/UX syst

Re: Connection Attempt to TCP Port 2000

2002-02-12 Thread Mike Burger
Happy to help. On Tue, 12 Feb 2002, Fred Herman wrote: > Well, whatever was going on, there were 5 outside connections within 40 > minutes from ip's in net blocks belonging to Turkey, Kuwait, Belgium, > Canada, and one US isp. That in itself seems pretty bizarre. I'll take > a look at Citadel/

Re: Connection Attempt to TCP Port 2000

2002-02-12 Thread Fred Herman
Well, whatever was going on, there were 5 outside connections within 40 minutes from ip's in net blocks belonging to Turkey, Kuwait, Belgium, Canada, and one US isp. That in itself seems pretty bizarre. I'll take a look at Citadel/UX to see what that's about. Thanks for your info. F. Mike Bu

Re: Connection Attempt to TCP Port 2000

2002-02-12 Thread Mike Burger
There are legitimate uses for port 2000. In my case, it's for a middleware program called Webcit. Webcit is a mini-web server of sorts, which is used to connect to Citadel/UX BBS systems. Before killing the user, make sure nobody was running a Citadel/UX system and/or Webcit, first. On Mon

Connection Attempt to TCP Port 2000

2002-02-11 Thread Fred Herman
I have suddenly seen connection attempts to port 2000 (TCP) from outside a NAT box on a network I support. The disturbing thing is that I also saw a connection attempt from the other (Local) side of the NAT box in the middle of these attempts. I searched security advisories, but didn't see anyth