what a scary subject line....i thought moviepass had died.
----- Original Message -----
From: TJ Trout
To: af@afmug.com
Sent: Sunday, February 18, 2018 1:20 PM
Subject: Re: [AFMUG] To good to be true... it was...
You sound like a paranoid flat earther :)
On Sun, Feb 18, 2018 at 8:12 AM, Robert <i...@avantwireless.com> wrote:
Could be phoning home, but now I've got s/w trying to phone into my DNS
servers...
On 2/18/18 8:04 AM, Chuck McCown wrote:
You sure it is not just the camera phoning home for a software update?
-----Original Message----- From: Robert
Sent: Sunday, February 18, 2018 8:43 AM
To: af@afmug.com
Subject: [AFMUG] To good to be true... it was...
Frick'n peoples republic. So I bought a couple of those $300 PTZ
cameras. & my monitoring system saw some attempts to intrude from
inside my network. So I am now on the alert and when the cameras start
up I see some traffic when there shouldn't be. It's the cameras
reaching out from the 10 net... To this address....
Now I have to consider part of my core compromised...
whois 112.124.0.188
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#
#
# Query terms are ambiguous. The query is assumed to be:
# "n 112.124.0.188"
#
# Use "?" to get help.
#
#
# The following results may also be obtained via:
#
https://whois.arin.net/rest/nets;q=112.124.0.188?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#
NetRange: 112.0.0.0 - 112.255.255.255
CIDR: 112.0.0.0/8
NetName: APNIC-112
NetHandle: NET-112-0-0-0-1
Parent: ()
NetType: Allocated to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2008-05-26
Updated: 2010-07-30
Comment: This IP address range is not registered in the ARIN
database.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate
networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For
more
Comment: help, refer to
http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://whois.arin.net/rest/net/NET-112-0-0-0-1
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://whois.arin.net/rest/org/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-a...@apnic.net
OrgTechRef: https://whois.arin.net/rest/poc/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-a...@apnic.net
OrgAbuseRef: https://whois.arin.net/rest/poc/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '112.124.0.0 - 112.127.255.255'
% Abuse contact for '112.124.0.0 - 112.127.255.255' is 'i...@cnnic.cn'
inetnum: 112.124.0.0 - 112.127.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
country: CN
admin-c: ZM1015-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
status: ALLOCATED PORTABLE
last-modified: 2014-07-30T03:22:02Z
source: APNIC
irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: i...@cnnic.cn
abuse-mailbox: i...@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
last-modified: 2017-11-01T08:57:39Z
source: APNIC
person: Li Jia
address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
country: CN
phone: +86-0571-85022088
e-mail: jiali...@alibaba-inc.com
nic-hdl: ZM1015-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2014-07-30T02:02:01Z
source: APNIC
person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: anti-s...@list.alibaba-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2014-07-30T01:56:01Z
source: APNIC
person: security trouble
e-mail: cloud-cc-sqcl...@list.alibaba-inc.com
address: 5th,floor,Building D,the West Lake International Plaza
of S&T,391#Wen’er Road
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
last-modified: 2013-07-08T02:56:02Z
source: APNIC
person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: guowei.pa...@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2013-07-09T01:34:02Z
source: APNIC
% Information related to '112.124.0.0/14AS37963'
route: 112.124.0.0/14
descr: Addresses from CNNIC
country: CN
origin: AS37963
mnt-by: MAINT-CNNIC-AP
last-modified: 2016-07-20T02:08:03Z
source: APNIC
