[131509] in North American Network Operators' Group
Re: DDOS attack via as702 87.118.210.122
daemon@ATHENA.MIT.EDU (James Hess)
Tue Oct 26 13:41:02 2010
In-Reply-To: <AANLkTinsr_S_jKo=Eg3s2qFhnzRVR39XpVF2DgEChwRT@mail.gmail.com>
Date: Tue, 26 Oct 2010 12:40:52 -0500
From: James Hess <mysidia@gmail.com>
To: Jack Carrozzo <jack@crepinc.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, Oct 26, 2010 at 9:12 AM, Jack Carrozzo <jack@crepinc.com> wrote:
> Well, I whois'd 702, got no match, said "hm, I see 701 all over the place=
,
> lemmy take a look" and found:
There is a match... I think "WHOIS as702" is erroneous WHOIS query synt=
ax,
typing "asXXXXX" not being the way to search for an AS number.
See the full WHOIS help for the details about how to use all the flags,
Try searching for the number and use an 'a' search type instead of
searching for 'as702'.
Try
telnet whois.arin.net nicname
Escape character is '^]'.
a 702
"a 702" Gives a match...
"as702" does not.
"as701" does; probably because there is the "ASHANDLE" field
or something else in the record that matches that query other than the
AS number itself.
> ASNumber: =A0 =A0 =A0 701 - 705
> ASName: =A0 =A0 =A0 =A0 UUNET
--
-JH
