Re: [HACKERS] [CORE] Attack against postgresql.org ...
Marc G. Fournier [EMAIL PROTECTED] writes: The attacking IP, from the logs, appears to be 87.230.6.96 ... Perhaps a complaint to their ISP is in order --- RIPE suggests [EMAIL PROTECTED] regards, tom lane ---(end of broadcast)--- TIP 4: Have you searched our list archives? http://archives.postgresql.org
Re: [HACKERS] [CORE] Attack against postgresql.org ...
On Fri, 2006-07-28 at 17:37, Tom Lane wrote: Marc G. Fournier [EMAIL PROTECTED] writes: The attacking IP, from the logs, appears to be 87.230.6.96 ... Perhaps a complaint to their ISP is in order --- RIPE suggests [EMAIL PROTECTED] That looks 1 level too high, the immediate source seems to be http://www.ehost.pl/onas.php They could probably act faster and more at the source... down on the page from the link above you can find [EMAIL PROTECTED] for complaints. Cheers, Csaba. $ nslookup 87.230.6.96 Server: 192.168.1.4 Address:192.168.1.4#53 Non-authoritative answer: 96.6.230.87.in-addr.arpaname = vpsdws.xip.pl. Authoritative answers can be found from: 6.230.87.in-addr.arpa nameserver = dns.hosteurope.de. 6.230.87.in-addr.arpa nameserver = dns2.hosteurope.de. dns.hosteurope.de internet address = 80.237.128.156 dns2.hosteurope.de internet address = 80.237.129.61 $ whois xip.pl [Querying whois.dns.pl] [whois.dns.pl] % This is the NASK WHOIS Server. % This server provides information only for PL domains. % For more info please see http://www.dns.pl/english/whois.html Domain object: domain: xip.pl registrant's handle: dinz5du40 (CORPORATE) nservers: ns1.ehost.pl.[80.237.184.22] ns2.ehost.pl.[83.149.119.142] created:2003.10.06 last modified: 2005.09.19 registrar: Dinfo Systemy Internetowe ul. Mostowa 5 43-300 Bielsko-Biala Polska/Poland +48.33 8225471 [EMAIL PROTECTED] option: the domain name has not option Subscribers Contact object: company: eHost s.c. organization: eHost.pl street: Cichockiego 13/6 city: 24-100 Pulawy location: PL handle: dinz5du40 phone: +48.50253 last modified: 2004.11.03 registrar: Dinfo Systemy Internetowe ul. Mostowa 5 43-300 Bielsko-Biala Polska/Poland +48.33 8225471 [EMAIL PROTECTED] Technical Contact: company: eHost s.c. organization: eHost.pl street: Cichockiego 13/6 city: 24-100 Pulawy location: PL handle: dinz5du40 phone: +48.50253 last modified: 2004.11.03 registrar: Dinfo Systemy Internetowe ul. Mostowa 5 43-300 Bielsko-Biala Polska/Poland +48.33 8225471 [EMAIL PROTECTED] ---(end of broadcast)--- TIP 9: In versions below 8.0, the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match
Re: [HACKERS] [CORE] Attack against postgresql.org ...
On Fri, 28 Jul 2006 17:51:11 +0200 Csaba Nagy [EMAIL PROTECTED] wrote: Perhaps a complaint to their ISP is in order --- RIPE suggests [EMAIL PROTECTED] That looks 1 level too high, the immediate source seems to be http://www.ehost.pl/onas.php I would go to both. ehost.pl could very well be some kid in his parent's basement and may be the problem. RIPE says that hosteurope.de is responsible for that IP. You have to take them at their word. -- D'Arcy J.M. Cain darcy@druid.net | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner. ---(end of broadcast)--- TIP 6: explain analyze is your friend
Re: [HACKERS] [CORE] Attack against postgresql.org ...
I have email'd both, thanks ... On Fri, 28 Jul 2006, Csaba Nagy wrote: On Fri, 2006-07-28 at 17:37, Tom Lane wrote: Marc G. Fournier [EMAIL PROTECTED] writes: The attacking IP, from the logs, appears to be 87.230.6.96 ... Perhaps a complaint to their ISP is in order --- RIPE suggests [EMAIL PROTECTED] That looks 1 level too high, the immediate source seems to be http://www.ehost.pl/onas.php They could probably act faster and more at the source... down on the page from the link above you can find [EMAIL PROTECTED] for complaints. Cheers, Csaba. $ nslookup 87.230.6.96 Server: 192.168.1.4 Address:192.168.1.4#53 Non-authoritative answer: 96.6.230.87.in-addr.arpaname = vpsdws.xip.pl. Authoritative answers can be found from: 6.230.87.in-addr.arpa nameserver = dns.hosteurope.de. 6.230.87.in-addr.arpa nameserver = dns2.hosteurope.de. dns.hosteurope.de internet address = 80.237.128.156 dns2.hosteurope.de internet address = 80.237.129.61 $ whois xip.pl [Querying whois.dns.pl] [whois.dns.pl] % This is the NASK WHOIS Server. % This server provides information only for PL domains. % For more info please see http://www.dns.pl/english/whois.html Domain object: domain: xip.pl registrant's handle: dinz5du40 (CORPORATE) nservers: ns1.ehost.pl.[80.237.184.22] ns2.ehost.pl.[83.149.119.142] created:2003.10.06 last modified: 2005.09.19 registrar: Dinfo Systemy Internetowe ul. Mostowa 5 43-300 Bielsko-Biala Polska/Poland +48.33 8225471 [EMAIL PROTECTED] option: the domain name has not option Subscribers Contact object: company: eHost s.c. organization: eHost.pl street: Cichockiego 13/6 city: 24-100 Pulawy location: PL handle: dinz5du40 phone: +48.50253 last modified: 2004.11.03 registrar: Dinfo Systemy Internetowe ul. Mostowa 5 43-300 Bielsko-Biala Polska/Poland +48.33 8225471 [EMAIL PROTECTED] Technical Contact: company: eHost s.c. organization: eHost.pl street: Cichockiego 13/6 city: 24-100 Pulawy location: PL handle: dinz5du40 phone: +48.50253 last modified: 2004.11.03 registrar: Dinfo Systemy Internetowe ul. Mostowa 5 43-300 Bielsko-Biala Polska/Poland +48.33 8225471 [EMAIL PROTECTED] Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ---(end of broadcast)--- TIP 4: Have you searched our list archives? http://archives.postgresql.org