> According to traceroute, the IP address 210.74.*.* are owned by > [EMAIL PROTECTED] > I don't know what country "cn" is. > > btw: you need to use the -O option in traceroute to see the owner. > > Yuri
no -O option in mine. I prefer whois -h geektools.com. I have seen scripts which find attacks in logs then fire off an email based on the whois result advising of the infection. whois -h geektools.com 210.74.146.190" Query: 210.74.146.190 Registry: whois.apnic.net Results: % Rights restricted by copyright. See http://www.apnic.net/db/dbcopyright.html % (whois7.apnic.net) inetnum: 210.74.128.0 - 210.74.159.255 netname: NJJTNET descr: Jitong Communications Co.,Ltd country: CN admin-c: QW8-AP tech-c: QW8-AP mnt-by: MAINT-CNNIC-AP changed: [EMAIL PROTECTED] 19990902 source: APNIC person: Qiong Wu address: 1st Floor,JINBAO PLAZA,No.185 Andingmenwai Street country: CN phone: +010-64262690 fax-no: +010-64262685 e-mail: [EMAIL PROTECTED] nic-hdl: QW8-AP mnt-by: MAINT-CNNIC-AP changed: [EMAIL PROTECTED] 19990719 source: APNIC Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission." -- Nick Rout <[EMAIL PROTECTED]>
