[nsp-sec] popped routers? via irc-security list
Jose Nazario
jose at arbor.net
Thu Mar 12 15:57:28 EDT 2009
michael tanner on weds noted to the irc-security list that a few cisco
routers popped on to his channels. may be worth looking at to see if these
are indeed popped cisco routers.
reverse dns not compelling:
Host 194.245.216.200.in-addr.arpa not found: 3(NXDOMAIN)
36.75.20.216.in-addr.arpa domain name pointer
216-20-75-36.client.mecnet.net.
Host 70.194.217.200.in-addr.arpa not found: 3(NXDOMAIN)
Host 42.111.1.69.in-addr.arpa not found: 2(SERVFAIL)
but anyhow ...
7738 | 200.216.245.194 | Telecomunicacoes da Bahia S.A.
5718 | 216.20.75.36 | MECNET - Merrimack Education Center
7738 | 200.217.194.70 | Telecomunicacoes da Bahia S.A.
36222 | 69.1.111.42 | WINDWAVE-COMMUNICATIONS - WindWave
Communications
--
-------------------------------------------------------------
jose nazario, ph.d. <jose at arbor.net>
manager of security research arbor networks
v: (734) 821 1427 http://asert.arbor.net/
More information about the nsp-security
mailing list