[prev in list] [next in list] [prev in thread] [next in thread]
List: bleeding-sigs
Subject: Re: [Bleeding-sigs] FW: alert: New event: BLEEDING-EDGE POLICY
From: Matt Jonkman <jonkman () bleedingthreats ! net>
Date: 2007-03-30 15:58:41
Message-ID: 460D33B1.8030002 () bleedingthreats ! net
[Download RAW message or body]
THanks Michael. Anyone know what the current allocated range is for
112.0.0.0/5 then?
Matt
Michael Scheidell wrote:
> fp. allocated in january 07.
>
> -----Original Message-----
> *From:* Curagen [mailto:security@curagen.com]
> *Sent:* Thursday, March 29, 2007 10:49 PM
> *To:* security-alert@curagen.hackertrap.net
> *Subject:* alert: New event: BLEEDING-EDGE POLICY Reserved IP Space
> Traffic - Bogon Nets 2
>
> 03/29-21:45:00 TCP 116.18.2.136:4862
> <https://curagen.hackertrap.net/base/base_stat_ipaddr.php?ip=116.18.2.136>
> --> 172.16.4.9:25
> <https://curagen.hackertrap.net/base/base_stat_ipaddr.php?ip=172.16.4.9>
> [1:2002750:7] <http://www.snort.org/pub-bin/sigs.cgi?sid=2002750>
> BLEEDING-EDGE POLICY Reserved IP Space Traffic - Bogon Nets 2
> [Classification: Potentially Bad Traffic] [Priority: 2]
>
>
>
> OrgName: Asia Pacific Network Information Centre
> OrgID: APNIC
> Address: PO Box 2131
> City: Milton
> StateProv: QLD
> PostalCode: 4064
> Country: AU
>
> ReferralServer: whois://whois.apnic.net
>
> NetRange: 116.0.0.0 - 116.255.255.255
> CIDR: 116.0.0.0/8
> NetName: APNIC-116
> NetHandle: NET-116-0-0-0-1
> Parent:
> NetType: Allocated to APNIC
> NameServer: NS1.APNIC.NET
> NameServer: NS3.APNIC.NET
> NameServer: NS4.APNIC.NET
> NameServer: TINNIE.ARIN.NET
> NameServer: NS.LACNIC.NET
> NameServer: NS-SEC.RIPE.NET
> Comment: This IP address range is not registered in the ARIN database.
> Comment: For details, refer to the APNIC Whois Database via
> Comment: WHOIS.APNIC.NET or http://www.apnic.net/apnic-bin/whois2.pl
> Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
> Comment: for the Asia Pacific region. APNIC does not operate networks
> Comment: using this IP address range and is not able to investigate
> Comment: spam or abuse reports relating to these addresses. For more
> Comment: help, refer to http://www.apnic.net/info/faq/abuse
> RegDate: 2007-01-17
> Updated: 2007-01-24
>
> OrgTechHandle: AWC12-ARIN
> OrgTechName: APNIC Whois Contact
> OrgTechPhone: +61 7 3858 3100
> OrgTechEmail: search-apnic-not-arin@apnic.net
> <mailto:search-apnic-not-arin@apnic.net>
>
> # ARIN WHOIS database, last updated 2007-03-29 19:10
> # Enter ? for additional hints on searching ARIN's WHOIS database.
> % [whois.apnic.net node-1]
> % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
>
> inetnum: 116.16.0.0 - 116.31.255.255
> netname: CHINANET-GD
> descr: CHINANET Guangdong province network
> descr: China Telecom
> descr: No.31,jingrong street
> descr: Beijing 100032
> country: CN
> admin-c: CH93-AP
> tech-c: IC83-AP
> mnt-by: APNIC-HM
> mnt-lower: MAINT-CHINANET-GD
> mnt-routes: MAINT-CHINANET-GD
> status: ALLOCATED PORTABLE
> remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> remarks: This object can only be updated by APNIC hostmasters.
> remarks: To update this object, please contact APNIC
> remarks: hostmasters and include your organisation's account
> remarks: name in the subject line.
> remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> changed: hm-changed@apnic.net <mailto:hm-changed@apnic.net> 20070307
> source: APNIC
>
> person: Chinanet Hostmaster
> nic-hdl: CH93-AP
> e-mail: anti-spam@ns.chinanet.cn.net
> <mailto:anti-spam@ns.chinanet.cn.net>
> address: No.31 ,jingrong street,beijing
> address: 100032
> phone: +86-10-58501724
> fax-no: +86-10-58501724
> country: CN
> changed: lqing@chinatelecom.com.cn
> <mailto:lqing@chinatelecom.com.cn> 20051212
> mnt-by: MAINT-CHINANET
> source: APNIC
>
> person: IPMASTER CHINANET-GD
> nic-hdl: IC83-AP
> e-mail: ipadm@gddc.com.cn <mailto:ipadm@gddc.com.cn>
> address: NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
> phone: +86-20-83877223
> fax-no: +86-20-83877223
> country: CN
> changed: ipadm@gddc.com.cn <mailto:ipadm@gddc.com.cn> 20040902
> mnt-by: MAINT-CHINANET-GD
> remarks: IPMASTER is not for spam complaint,please send spam
> complaint to abuse@gddc.com.cn <mailto:abuse@gddc.com.cn>
> source: APNIC
>
>
> ------------------------------------------------------------------------
> This email has been scanned and certified safe by SpammerTrap^(TM).
> For Information please see www.spammertrap.com <http://www.spammertrap.com>
> ------------------------------------------------------------------------
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Bleeding-sigs mailing list
> Bleeding-sigs@bleedingthreats.net
> http://lists.bleedingthreats.net/cgi-bin/mailman/listinfo/bleeding-sigs
--
--------------------------------------------
Matthew Jonkman
Bleeding Edge Threats
765-429-0398
765-807-3060 fax
http://www.bleedingthreats.net
--------------------------------------------
PGP: http://www.bleedingthreats.com/mattjonkman.asc
_______________________________________________
Bleeding-sigs mailing list
Bleeding-sigs@bleedingthreats.net
http://lists.bleedingthreats.net/cgi-bin/mailman/listinfo/bleeding-sigs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic