ONniE

Whois scanning my machine???

by ONniE
on 03.05.07
Linux
Digg
Del.icio.us

wadaw!!!
mesin ku kena scan!!!!
:(( huwaaaaaaaaaaaaaaaa

Mar 5 21:12:01 serv-slack01 sshd[954]: Did not receive identification string from 222.90.73.206
Mar 5 21:16:00 serv-slack01 sshd[956]: Invalid user 64studio from 222.90.73.206
Mar 5 21:16:00 serv-slack01 sshd[956]: Failed password for invalid user 64studio from 222.90.73.206 port 54991 ssh2
Mar 5 21:16:01 serv-slack01 sshd[959]: Invalid user 64studio from 222.90.73.206
Mar 5 21:16:02 serv-slack01 sshd[959]: Failed password for invalid user 64studio from 222.90.73.206 port 55307 ssh2
Mar 5 21:16:03 serv-slack01 sshd[962]: Invalid user aaliyah from 222.90.73.206
Mar 5 21:16:03 serv-slack01 sshd[962]: Failed password for invalid user aaliyah from 222.90.73.206 port 55511 ssh2
Mar 5 21:16:04 serv-slack01 sshd[965]: Invalid user aaliyah from 222.90.73.206
Mar 5 21:16:04 serv-slack01 sshd[965]: Failed password for invalid user aaliyah from 222.90.73.206 port 55664 ssh2
Mar 5 21:16:06 serv-slack01 sshd[968]: Invalid user aaliyah from 222.90.73.206
Mar 5 21:16:06 serv-slack01 sshd[968]: Failed password for invalid user aaliyah from 222.90.73.206 port 55824 ssh2
Mar 5 21:16:07 serv-slack01 sshd[971]: Invalid user aaliyah from 222.90.73.206
â€¦ â€¦ â€¦

Mar 5 21:21:45 serv-slack01 sshd[1692]: Failed password for invalid user sales from 61.78.36.229 port 38280 ssh2
Mar 5 21:21:46 serv-slack01 sshd[1695]: Invalid user admin from 222.90.73.206
Mar 5 21:21:46 serv-slack01 sshd[1695]: Failed password for invalid user admin from 222.90.73.206 port 57210 ssh2
Mar 5 21:21:47 serv-slack01 sshd[1698]: Invalid user admin from 61.78.36.229
Mar 5 21:21:47 serv-slack01 sshd[1698]: Failed password for invalid user admin from 61.78.36.229 port 38412 ssh2
Mar 5 21:21:48 serv-slack01 sshd[1701]: Invalid user admin from 222.90.73.206
Mar 5 21:21:48 serv-slack01 sshd[1701]: Failed password for invalid user admin from 222.90.73.206 port 57697 ssh2
Mar 5 21:21:49 serv-slack01 sshd[1704]: Invalid user andrea from 61.78.36.229
Mar 5 21:21:49 serv-slack01 sshd[1704]: Failed password for invalid user andrea from 61.78.36.229 port 38493 ssh2
Mar 5 21:21:51 serv-slack01 sshd[1708]: Invalid user admin from 222.90.73.206
Mar 5 21:21:51 serv-slack01 sshd[1708]: Failed password for invalid user admin from 222.90.73.206 port 57999 ssh2
Mar 5 21:21:51 serv-slack01 sshd[1710]: Invalid user backup from 61.78.36.229
Mar 5 21:21:51 serv-slack01 sshd[1710]: Failed password for invalid user backup from 61.78.36.229 port 38608 ssh2
Mar 5 21:21:53 serv-slack01 sshd[1714]: Invalid user admin from 222.90.73.206
Mar 5 21:21:53 serv-slack01 sshd[1714]: Failed password for invalid user admin from 222.90.73.206 port 58562 ssh2
Mar 5 21:21:53 serv-slack01 sshd[1715]: Invalid user guest from 61.78.36.229
Mar 5 21:21:53 serv-slack01 sshd[1715]: Failed password for invalid user guest from 61.78.36.229 port 38713 ssh2
Mar 5 21:21:55 serv-slack01 sshd[1723]: Invalid user guest1 from 61.78.36.229
Mar 5 21:21:55 serv-slack01 sshd[1721]: Invalid user admin from 222.90.73.206
â€¦ â€¦ â€¦

ada 2 IP yang scanning, 222.90.73.206 + 61.78.36.229

root@serv-slack01:~# whois 222.90.73.206
% [whois.apnic.net node-1]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 222.90.0.0 - 222.91.255.255
netname: CHINANET-SN
descr: CHINANET shanxi(SN) province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: XC10-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-SHAANXI
mnt-routes: MAINT-CHINANET-SHAANXI
remarks: This object can only modify by APNIC hostmaster
remarks: If you wish to modify this object details please
remarks: send email to hostmaster@apnic.net with your
remarks: organisation account name in the subject line.
changed: hm-changed@apnic.net 20040224
status: ALLOCATED PORTABLE
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: lqing@chinatelecom.com.cn 20051212
mnt-by: MAINT-CHINANET
source: APNIC

person: Xianghong Cao
address: Shaanxi province data communication Bureau
address: 8# guangde Road west development zone
address: Xiâ€™an city, Shanxi province 710075
address: CN
phone: +8629-837-1049
fax-no: +8629-837-1049
e-mail: IPADM@PUBLIC.XA.SN.CN
nic-hdl: XC10-AP
mnt-by: MAINT-CHINANET-SHAANXI
changed: IPADM@PUBLIC.XA.SN.CN 20011203
source: APNIC
root@serv-slack01:~# whois 61.78.36.229
Ã‡Ã‘Â±Â¹Ã€ÃŽÃ…ÃÂ³ÃÃÃ¸ÃˆÃ¯Â¿Ã¸(NIDA)Ã€Ã‡ Ã€ÃŽÃ…ÃÂ³ÃÃÂ¤ÂºÂ¸Â¼Â¾Ã…Ã(KRNIC)Â°Â¡ ÃÂ¦Â°Ã¸Ã‡ÃÂ´Ã‚ Whois Â¼ÂÂºÃ±Â½Âº Ã€Ã”Â´ÃÂ´Ã™.

query: 61.78.36.229

# KOREAN

ÃÂ¶ÃˆÂ¸Â°Ã¡Â°ÃºÂ´Ã‚ Â¾Ã†Â·Â¡Â¿Ã Â°Â°Ã€Â¸Â¸Ã§, Â½Ã‡ÃÂ¦ ÃÂ¤ÂºÂ¸Â¿Ã Â»Ã³Ã€ÃŒÃ‡Ã’ Â¼Ã¶ Ã€Ã–Â½Ã€Â´ÃÂ´Ã™.

IPv4 ÃÃ–Â¼Ã’ : 61.78.36.0-61.78.36.255
Â³Ã—Ã†Â®Â¿Ã¶Ã…Â© Ã€ÃŒÂ¸Â§ : KORNET-INFRA000001
Â¿Â¬Â°Ã¡ ISPÂ¸Ã : KORNET
Ã‡Ã’Â´Ã§Â³Â»Â¿Âª ÂµÃ®Â·ÃÃ€Ã : 20060405
Ã‡Ã’Â´Ã§ÃÂ¤ÂºÂ¸Â°Ã¸Â°Â³Â¿Â©ÂºÃŽ : N

[ IPv4 Â»Ã§Â¿Ã« Â±Ã¢Â°Ã¼ ÃÂ¤ÂºÂ¸ ]
Â±Ã¢Â°Ã¼Â°ÃÃ€Â¯Â¹Ã¸ÃˆÂ£ : ORG1600
Â±Ã¢Â°Ã¼Â¸Ã : (ÃÃ–)Ã„Ã‰Ã€ÃŒÃ†Â¼
ÃÃ–Â¼Ã’ : Â¼ÂºÂ³Â²Â½Ãƒ ÂºÃÂ´Ã§Â±Â¸ ÃÂ¤Ã€ÃšÂµÂ¿
Â¿Ã¬Ã†Ã Â¹Ã¸ÃˆÂ£ : 463-711

[ Â³Ã—Ã†Â®Â¿Ã¶Ã…Â© Â´Ã£Â´Ã§Ã€Ãš Ã€ÃŽÂ¹Â° ÃÂ¤ÂºÂ¸ ]
Â±Ã¢Â°Ã¼Â¸Ã : KORNET
ÃÃ–Â¼Ã’ : Â¼ÂºÂ³Â²Â½Ãƒ ÂºÃÂ´Ã§Â±Â¸ ÃÂ¤Ã€ÃšÂµÂ¿
Â¿Ã¬Ã†Ã Â¹Ã¸ÃˆÂ£ : 463-711
Ã€Ã¼Ã€Ãš Â¿Ã¬Ã†Ã : ip@krnic.kornet.net

â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€“

Â¸Â¸Â¾Ã  Ã€Â§Ã€Ã‡ IPv4ÃÃ–Â¼Ã’ Â»Ã§Â¿Ã«Â±Ã¢Â°Ã¼ ÃÂ¤ÂºÂ¸Â°Â¡ Â¿ÃƒÂ¹Ã™Â¸Â£ÃÃ¶ Â¾ÃŠÃ€Â» Â°Ã¦Â¿Ã¬
Â¾Ã†Â·Â¡Ã€Ã‡ Ã‡Ã˜Â´Ã§ Â¿Â¬Â°Ã¡ ISP Â´Ã§Â´Ã§Ã€ÃšÂ¿Â¡Â°Ã” Â¹Â®Ã€Ã‡Ã‡ÃÂ½ÃƒÂ±Ã¢ Â¹Ã™Â¶Ã¸Â´ÃÂ´Ã™.

[ Â¿Â¬Â°Ã¡ISPÃ€Ã‡ IPv4ÃÃ–Â¼Ã’ ÃƒÂ¥Ã€Ã“Ã€Ãš ÃÂ¤ÂºÂ¸ ]
Ã€ÃŒÂ¸Â§ : IPÃÃ–Â¼Ã’Â°Ã¼Â¸Â®Ã€Ãš
Ã€Ã¼ÃˆÂ Â¹Ã¸ÃˆÂ£ : +82-2-3674-5708
Ã€Ã¼Ã€Ãš Â¿Ã¬Ã†Ã : ip@krnic.kornet.net

[ Â¿Â¬Â°Ã¡ISPÃ€Ã‡ IPv4ÃÃ–Â¼Ã’ Â°Ã¼Â¸Â®Ã€Ãš ÃÂ¤ÂºÂ¸ ]
Ã€ÃŒÂ¸Â§ : IPÃÃ–Â¼Ã’Â´Ã£Â´Ã§Ã€Ãš
Ã€Ã¼ÃˆÂ Â¹Ã¸ÃˆÂ£ : +82-2-3674-5708
Ã€Ã¼Ã€Ãš Â¿Ã¬Ã†Ã : ip@krnic.kornet.net

[ Â¿Â¬Â°Ã¡ISPÃ€Ã‡ Network Abuse Â´Ã£Â´Ã§Ã€Ãš ÃÂ¤ÂºÂ¸ ]
Ã€ÃŒÂ¸Â§ : Â½ÂºÃ†Ã”/Ã‡Ã˜Ã…Â·Â´Ã£Â´Ã§
Ã€Ã¼ÃˆÂ Â¹Ã¸ÃˆÂ£ : +82-2-100-0000
Ã€Ã¼Ã€Ãš Â¿Ã¬Ã†Ã : abuse@kornet.net

# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.
The followings is organization information that is using the IPv4 address.

IPv4 Address : 61.78.36.0-61.78.36.255
Network Name : KORNET-INFRA000001
Connect ISP Name : KORNET
Registration Date : 20060405
Publishes : N

[ Organization Information ]
Organization ID : ORG1600
Org Name : Korea Telecom
Address : Jungja-dong, Bundang-gu, Sungnam-ci
Zip Code : 463-711

[ Technical Contact Information ]
Org Name : Korea Telecom
Address : Jungja-dong, Bundang-gu, Sungnam-ci
Zip Code : 463-711
E-Mail : ip@krnic.kornet.net

â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€”â€“

If the above contacts are not reachable, please contact following ISP
for further information.

[ ISP IPv4 Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-3674-5708
E-Mail : ip@krnic.kornet.net

[ ISP IPv4 Tech Contact Information ]
Name : IP Manager
Phone : +82-2-3674-5708
E-Mail : ip@krnic.kornet.net

[ ISP Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-100-0000
E-Mail : abuse@kornet.net

Asem asem asem!!!
Kopeds!!!
Asuw!!!
Anjeeeeng!!!

Whois scanning my machine???

Leave a Reply

Pages

Categories

Recent Posts

Recent Comments

Hunter

ONniE @

Ragnarok

WordPress

Stat Visitor

Top Posts

Last referers

Visitors Online

Spam Blocked