To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
It's been pwned:
85.255.115.22 --> 85.255.115.22-xbox.dedi.inhoster.com
85.255.112.101 --> 85.255.112.101-xbox.dedi.inhoster.com
[whois.ripe.net]
% This is the RIPE Whois query server #2.
% The objects are in RPSL format.
%
% Note: the default output of the RIPE Whois server
% is changed. Your tools may need to be adjusted. See
% http://www.ripe.net/db/news/abuse-proposal-20050331.html
% for more details.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Information related to '85.255.112.0 - 85.255.127.255'
inetnum: 85.255.112.0 - 85.255.127.255
netname: inhoster
descr: Inhoster hosting company
descr: OOO Inhoster, Poltavskij Shliax 24, Kharkiv, 61000, Ukraine
remarks: -----------------------------------
remarks: Abuse notifications to: [EMAIL PROTECTED]
remarks: Network problems to: [EMAIL PROTECTED]
remarks: Peering requests to: [EMAIL PROTECTED]
remarks: -----------------------------------
country: UA
org: ORG-EST1-RIPE
admin-c: AK4026-RIPE
tech-c: AK4026-RIPE
tech-c: FWHS1-RIPE
notify: [EMAIL PROTECTED]
notify: [EMAIL PROTECTED]
status: ASSIGNED PI
mnt-by: RIPE-NCC-HM-PI-MNT
mnt-lower: RIPE-NCC-HM-PI-MNT
mnt-by: RECIT-MNT
mnt-routes: RECIT-MNT
mnt-domains: RECIT-MNT
mnt-by: DAV-MNT
mnt-routes: DAV-MNT
mnt-domains: DAV-MNT
changed: [EMAIL PROTECTED] 20050916
changed: [EMAIL PROTECTED] 20051026
source: RIPE
organisation: ORG-EST1-RIPE
org-name: INHOSTER
org-type: NON-REGISTRY
remarks: *************************************
remarks: * Abuse contacts: [EMAIL PROTECTED] *
remarks: *************************************
address: OOO Inhoster
address: Poltavskij Shliax 24, Xarkov,
address: 61000, Ukraine
phone: +38 066 4633621
e-mail: [EMAIL PROTECTED]
admin-c: AK4026-RIPE
tech-c: AK4026-RIPE
ref-nfy: [EMAIL PROTECTED]
ref-nfy: [EMAIL PROTECTED]
mnt-ref: DAV-MNT
notify: [EMAIL PROTECTED]
notify: [EMAIL PROTECTED]
mnt-by: DAV-MNT
changed: [EMAIL PROTECTED] 20050725
source: RIPE
person: Andrei Kislizin
address: OOO Inhoster,
address: ul.Antonova 5, Kiev,
address: 03186, Ukraine
phone: +38 044 2404332
nic-hdl: AK4026-RIPE
notify: [EMAIL PROTECTED]
notify: [EMAIL PROTECTED]
changed: [EMAIL PROTECTED] 20050725
source: RIPE
person: Fast Web Hosting Support
address: 01110, Ukraine, Kiev, 20Á, Solomenskaya street. room 201.
address: UA
phone: +35 79 91 17 759
e-mail: [EMAIL PROTECTED]
nic-hdl: FWHS1-RIPE
changed: [EMAIL PROTECTED] 20060813
source: RIPE
- ferg
-- "John Holan" <[EMAIL PROTECTED]> wrote:
Hi
Found a Laptop that had got its DNS redirected to the following addresses
85.255.115.22
85.255.112.101
Any request is resolved back to this two addresses.
Are looking for the source of it. Will keep you all posted.
(Kol ha kavod Gadi)
John Holan
IS Analyst
ASTAC
Phone # (907)563-3989
Fax # (907)563-1932
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg(at)netzero.net
ferg's tech blog: http://fergdawg.blogspot.com/
_______________________________________________
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
