Posted 03 December 2008 - 11:38 PM
Posted 04 December 2008 - 12:01 AM
OrgName: BellSouth.net Inc.
Address: 575 Morosgo Drive
NetRange: 184.108.40.206 - 220.127.116.11
NetType: Direct Allocation
Comment: For Abuse Issues, email firstname.lastname@example.org. NO ATTACHMENTS. Include IP
Comment: address, time/date, message header, and attack logs.
Comment: For Subpoena Request, email email@example.com with "SUBPOENA" in
Comment: the subject line. Law Enforcement Agencies ONLY, please.
RAbuseName: Abuse Group
RTechName: Geurin, Joe
OrgAbuseName: Abuse Group
OrgTechName: Geurin, Joe
# ARIN WHOIS database, last updated 2008-12-02 19:10
Posted 04 December 2008 - 12:23 AM
THIS IS AN AUTO-RESPONSE MESSAGE - PLEASE DO NOT REPLY - AT&T WILL
NOT SEE ANY REPLY SENT TO THIS MESSAGE
This message confirms that your report has been received by the
AT&T Internet Services Security Center.
The AT&T Internet Services Acceptable Use Policy is located at
Please note that we can only take action on reports that implicate
the AT&T network as a source of abuse. As we are unable to take
any action on reports not involving AT&T's network, we recommend
that you send those reports directly to the abuse address of the
originating domain or service provider. You can identify the
originator by reading the expanded e-mail headers. If you need
help with reading headers, visit the following:
For any abuse report involving e-mail, it is essential that the
report include the full original expanded headers containing the
source IP address and time stamp, along with the complete unedited
subject line and message. A report cannot be investigated without
this information. Please send one report at a time, as combining
multiple reports only detracts from our ability to effectively and
efficiently address abuse issues.
For abuse reports involving security incidents, please include
relevant log excerpts of the incident directly in the body of your
message. Logs must be in plain text or ASCII format and include
the time zone, source IP address, destination IP, timestamps, and
If you are an AT&T customer and have a specific question related to
spam, including how to report messages you received as spam to
AT&T, please visit http://helpme.att.net, enter your email id and
domain, and use the help search box to search for "spam" to
reference Spam FAQs for your service type.
For Copyright, Trademark, or DMCA allegations of Infringement,
If your report involves a threat, please take steps to protect
yourself and your property by reporting the incident to your local
law enforcement agency. We will investigate your complaint and
cooperate fully with any requests from law enforcement.
You will receive no further contact from us, unless there are
special circumstances or we require additional information to
complete our investigation.
AT&T Internet Services Security Center
Posted 04 December 2008 - 01:57 AM
For hours the IP 18.104.22.168 trying to portscan, has been blocked by my Norton AV several times. Is their anyway to fully block it, cuz I'm getting annoyed knowing spam/hacker is trying to pick and prod in my Imac. PLEASE HELP
Using the builtin host.deny should do it...
sudo nano /etc/hosts.deny ALL: 22.214.171.124, xxx.xxx.xxx.xxx
something simpler :- sudo echo 'ALL: 126.96.36.199' >> /etc/hosts.deny check to see if it is there :- cat /etc/hosts.deny
Posted 04 December 2008 - 03:06 AM
Posted 04 December 2008 - 05:22 PM
Recently the attacks have stopped, so i hope I don't have to do that
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users