If I have an outward facing server that gets hit with any break in attempts the first thing to do is whois the address. You then have some admin contact info. If its in the states you may even be able to contact them to let them go after the user on their network behind it. Most times this isn't the case and the ip originates from china or russia. You are mostly out of luck in getting outside assistance in those cases. It will give you the entire ip block that the connections originates from, which will allow you to block their entire ISP if that is feasable for the situation. On Feb 17, 2011 4:08 PM, "Paul Saenz" <forensicneoph...@gmail.com> wrote: > I'm gonna mirrir my gmail in Thunderbird anyways, when I get a round > tuit. That's a neat trick I didn't know about: whois 204.69.4.20 > When I tried to navigat to that IP in my browser address, the > connection timed out, so I stopped there and asked the question. > > On Thu, Feb 17, 2011 at 4:00 PM, Paul Saenz <forensicneoph...@gmail.com> wrote: >> Sorry guys, I was the one who accessed my gmail at RCC. I forgot that >> I did that yesterday. But there is some good and interesting comments >> about how to find and IP in the comments. >> >> Thanks >> Paul >> >> On Thu, Feb 17, 2011 at 3:56 PM, Chris Penn <cantorm...@gmail.com> wrote: >>> "I'm also not aware of Google sending messages alerting you to this >>> unless they do this if you are logged at two places at the same time." >>> >>> Sounds like spam... >>> >>> On Thu, Feb 17, 2011 at 5:54 PM, Chris Louden <ch...@chrislouden.com> wrote: >>>> Log into gmail and at the bottom look for "Last account activity... >>>> Details". click on details and see any IP that logged in. It will have >>>> some location info. >>>> >>>> I'm also not aware of Google sending messages alerting you to this >>>> unless they do this if you are logged at two places at the same time. >>>> >>>> That IP belongs to the Riverside Community College. http://tinyurl.com/66cp4s7 >>>> >>>> -Chris >>>> >>>> >>>> >>>> On Thu, Feb 17, 2011 at 4:42 PM, Paul Saenz <forensicneoph...@gmail.com> wrote: >>>>> I got a message that my account was accessed from the following IP: >>>>> 204.69.4.20 on Febuary 16 2011. >>>>> >>>>> I did open my gmail account from the Loma LInda S.B. Library, but I >>>>> think that was about a week ago. >>>>> >>>>> How do I find out where this IP is, and/or who is behind it? >>>>> >>>>> If someone got into my gmail account, then it means that they either >>>>> broke my 9 digit password with punctuation, >>>>> upper and lower caps and number, or they sniffed in from the hardline >>>>> (not using wireless), or they somehow got a >>>>> key logger on my machine. What is are suggestions on handling this if >>>>> someone has access to my machine? My biggest >>>>> problem is that I'm not running behind a nat router or dedicated >>>>> firewall. I have been planning to get one of those ASUS WL-520GC >>>>> routers, because I want to run DDWRT on it. I may just go get it today >>>>> and reinstall my OS, which is on a separate partition from my data. My >>>>> biggest concern is that I use this account strictly for this LuG, and >>>>> I don't want to loose all those emails with a wealth of tech info. Any >>>>> info, or suggestions would be appreciated. >>>>> >>>>> I think I'm going to change my gmail to IMAP so I can mirror it in Thunderbird. >>>>> I found this documentation: >>>>> http://mail.google.com/support/bin/answer.py?hl=en&answer=75725 >>>>> >>>>> If anyone has a link to a good tutorial (I've never done anything with >>>>> IMAP) or helpful information on how to mirror my gmail in Thunderbird, >>>>> I would greatly appreciate it. >>>>> >>>>> >>>>> Thanks >>>>> Paul >>>>> _______________________________________________ >>>>> LinuxUsers mailing list >>>>> LinuxUsers@socallinux.org >>>>> http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers >>>>> >>>> _______________________________________________ >>>> LinuxUsers mailing list >>>> LinuxUsers@socallinux.org >>>> http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers >>>> >>> >>> >>> >>> -- >>> "As we open our newspapers or watch our television screens, we seem to >>> be continually assaulted by the fruits of Mankind's stupidity." >>> -Roger Penrose >>> _______________________________________________ >>> LinuxUsers mailing list >>> LinuxUsers@socallinux.org >>> http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers >>> >> > _______________________________________________ > LinuxUsers mailing list > LinuxUsers@socallinux.org > http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers
_______________________________________________ LinuxUsers mailing list LinuxUsers@socallinux.org http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers
