Récemment, Iain Craig a écrit :
>
> There was a LOT of those, all very fast like a DoS attempt. Other
> usernames I was seeing in a similar DoS fashion from the same time
> and IP were Ogpuserhome.com, Kgpuserhome.com, and Lgpuserhome.com
>
> Anyone know of a kiddie tool that uses these names?
>
> Incidentally, from the WHOIS on that IP:
>
> inetnum: 81.64.0.0 - 81.67.255.255
> netname: FR-CYBERCABLE-20020103
> descr: LYONNAISE COMMUNICATIONS
> PROVIDER Local Registry
> country: FR
> admin-c: LC220-RIPE
> tech-c: LC224-RIPE
> status: ALLOCATED PA
> mnt-by: RIPE-NCC-HM-MNT
> mnt-lower: AS6678-MNT
> mnt-routes: AS6678-MNT
> changed: hostmasterripe.net 20020103
> changed: hostmasterripe.net 20020108
> source: RIPE
>
> That's not the only IP these DoS-ish requests came from; going
> through the others now. Wondering if I'm dealing with two seperate
> incidents here, the defacement and a seperate DoS or DDoS.
>
> Any advice or guidance appreciated.

I've the same provider.

I would suggest that you report the incident to him abusecybercable.fr or
abusenoos.fr (actualy the same provider)

Jean-Luc Cavey
65, bd Brune
75014 Paris, France
+33 (0) 1 45 43 45 62
+33 (0) 6 15 93 77 96
E-Mail : Jean-LucCavey.org
ICQ/UIN : 122785712

================================
La presence de ce texte prouve que ce message
electronique a ete verifie par un logiciel anti-virus
à jour au moment de l'envoi.

The presence of this text proves that this e-mail
has been verified by an up-to-date anti-virus
software at the time of the sending.
================================

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]