is: whois tricks was : Publishing Nimda Logs

From: Matthew McGehrin (mcgehrinat_private)
Date: Wed May 08 2002 - 10:44:55 PDT

Next message: Andy Wood: "RE: Publishing Nimda Logs"

Previous message: zeno: "Re: Publishing Nimda Logs"
In reply to: Laurence Brockman: "Re: Publishing Nimda Logs"
Next in thread: Steve Zenone: "RE: whois tricks was : Publishing Nimda Logs"
Next in thread: Bernie Cosell: "Re: Publishing Nimda Logs"
Next in thread: zeno: "Re: Publishing Nimda Logs"
Reply: Steve Zenone: "RE: whois tricks was : Publishing Nimda Logs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On FreeBSD you can use the -a flag with the same results. Linux still uses
the older format.

i.e.: whois -a 204.70.128.1

command supports the -a flag for arin lookups.

matthew@monkey:/usr/home/matthew> whois -a 204.70.128.1
Cable & Wireless USA (MCI-HST)  NS.CW.NET
204.70.128.1
Cable & Wireless USA (NETBLK-CW-BACKBONE) CW-BACKBONE
                                                   204.70.0.0 -
204.70.255.255
-- Matthew

----- Original Message -----
From: "Laurence Brockman" <laurenceat_private>
To: "ash" <ashcrowat_private>
Cc: <vuln-devat_private>
Sent: Wednesday, May 08, 2002 9:09 AM
Subject: Re: Publishing Nimda Logs


> Whois works great. Try the following:
>
> whois -h whois.arin.net x.x.x.x
>
> where x.x.x.x is the attacking IP. Or you can visit www.arin.net and look

Next message: Andy Wood: "RE: Publishing Nimda Logs"
Previous message: zeno: "Re: Publishing Nimda Logs"
In reply to: Laurence Brockman: "Re: Publishing Nimda Logs"
Next in thread: Steve Zenone: "RE: whois tricks was : Publishing Nimda Logs"
Next in thread: Bernie Cosell: "Re: Publishing Nimda Logs"
Next in thread: zeno: "Re: Publishing Nimda Logs"
Reply: Steve Zenone: "RE: whois tricks was : Publishing Nimda Logs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 08 2002 - 11:00:33 PDT