mailbombed from very closeto home IP
Brian Cluff
plug-discuss@lists.PLUG.phoenix.az.us
Sat, 14 Apr 2001 18:34:59 -0700
More than likely, it's a spoofed address. That address is indeed assigned
in the same chunk of IP's, but there is currently no machine on that IP at
all, and never has been. There are only 2 machines on that chunk of
bandwidth and both of them are completely intact and running smooth as ever.
Whatever it was that you got, it didn't actually come from us.
Brian
----- Original Message -----
> I received a mailbomb on a private e-mail account (I and 4others are the
only ones
> that know it) and it originated from IP 24.221.10.186.
>
> Now, I reviewed my connection logs from the plug meeting (I ssh'edin here
to check
> something and discovered that they are very similar (the last group of
numbers only
> being different.).
>
> A traceroute reveals that the machine is located at:
> cpe-24-221-10-186.az.sprintbbd.net.
>
> Now this sounds wierd why I am posting it here, but I thought
> I would bring it tothe attention of the technical people in here.
>
> is not that IP also located in the same building or service area that the
plug mailing lists
> has their fascilities?
>
> makes one wonder....
>
> in any case, might not be a bad idea to look at security onthe boxes we
use a little closer.
>
> Hawke
>
>
> Signup for your free USWEST.mail Email account http://www.uswestmail.net
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't
post to the list quickly and you use Netscape to write mail.
>
> PLUG-discuss mailing list - PLUG-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss