> <quote who="Andrew Fries">
>
> > ... I don't know what any of this means, but I don't like it! cmd.exe?
> > winnt? Who is 210.23.229.57 anyway, and why is he accessing my system,
>
> Twits running IIS who have been infected with nimda and codered. You can't
> do much else but ignore it, or block them.
This particular twit is a company called Faxtrack Technologies based in
Manila PI and it appears to have been taken off line:
inetnum: 210.23.229.48 - 210.23.229.63
netname: FAXTRACKTECH-PH
descr: Faxtrack Technologies
country: PH
admin-c: FL111-AP
tech-c: FL111-AP
mnt-by: PIPL-NOC-AP
changed: [EMAIL PROTECTED] 20010206
source: APNIC
person: Felipe Laurente
address: 3/F Taipan Place, Emerald Ave.Ortigas
address: Center, Pasig City
phone: +632-8729677
fax-no: +632- 850777
e-mail: [EMAIL PROTECTED]
nic-hdl: FL111-AP
mnt-by: PIPL-NOC-AP
changed: [EMAIL PROTECTED] 20010206
source: APNIC
Rights restricted by copyright. See http://www.apnic.net/db/dbcopyright.html
(whois6.apnic.net)
Cheers.
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
