Lee,
I just tried http://208.225.214.81 - They are running webserver software on
that machine among other things, which allowed me to find out who they are:
RYC, Inc.
2729 Exposition Blvd.
Suite 190
Austin, Texas 78703
USA US Phone: 800.664.2421
International: +1.305.361.8585
Fax: +1.512.476.3930
E-mail: [EMAIL PROTECTED]
The IP address is registered by UUNET at ARIN (www.arin.net).
Hope this helps,
Tam.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: 25 October 2000 13:36
To: [EMAIL PROTECTED]
Subject: Unidentifiable Host
We have been having problems with SMTP through our firewall lately. Going
through the logs, I have found a specific IP address associated with most
SMTP errors in the log. When I try to do a traceroute or a whois on this
IP address I get an unknown host or an unknown network. It seems to be an
unassigned IP address, one that doesn't belong to an assigned block. I
have specifically blocked this IP address and have turned on block invalid
originators (we are already blocking relays), but I don't know if these
things will stop whoever from access this port on our firewall and causing
us problems. Time will tell. My questions are, how can we track down the
user of this IP address? Is it even possible? How many unassigned blocks
exist? Any suggestions on protecting ourselves from these IP addresses?
Our firewall is IBM SecureWay Firewall 4.11 and the IP address in question
is 208.225.214.81 (just in case I was doing something wrong in looking up
the address).
Thanks,
Lee Herbst
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
