[91205] in North American Network Operators' Group
Re: NANOG Spam?
daemon@ATHENA.MIT.EDU (William Allen Simpson)
Sun Jul 9 22:16:46 2006
Date: Sun, 09 Jul 2006 22:16:29 -0400
From: William Allen Simpson <william.allen.simpson@gmail.com>
To: nanog@merit.edu
In-Reply-To: <200607091815.k69IFbGj002034@antilope.in-berlin.de>
Errors-To: owner-nanog@merit.edu
Christian Seitz <chris@in-berlin.de> wrote:
> In article <44AC3493.6010705@gmail.com> you wrote:
>
>> oarwind.info.
>> AS | IP | Registry | AS Name
>> 6724 | 81.169.143.178 | ripencc | STRATO Strato AG
>
> How did you resolve this? Is there something wrong with
> my DNS or did you make a mistake resolving the adress?
>
> oarwind.info A 218.22.43.22
>
> inetnum: 218.22.0.0 - 218.23.255.255
> netname: CHINANET-AH
> country: CN
> descr: CHINANET Anhui province network
> descr: Data Communication Division
> descr: China Telecom
> admin-c: CH93-AP
> tech-c: AT318-AP
> status: ALLOCATED PORTABLE
> mnt-by: APNIC-HM
> mnt-lower: MAINT-CHINANET-AH
> changed: hm-changed@apnic.net 20060322
> source: APNIC
>
At the time of resolution 3 days ago, multiple persons on this list
resolved it to Strato.de. h613092.serverkompetenz.net (81.169.143.178)
Apparently, it has since moved to China. That's the kind of thing that
happens while you took a long weekend.
Are you in a position to quarantine the German server? Or otherwise
aid in investigating the problem? Such as getting German law
enforcement to confiscate the server as compromised and containing
personal identity theft?
