Solved

NSLOOKUP ON IP ADDRESS

Posted on 2004-04-15
2
311 Views
Last Modified: 2010-04-11
i did an nslookup of an ip address of someone trying to hack me and i get the following:

adsl-xxx-xxx-xxx.sdf.bellsouth.net

the x's represent the partial ip address

i would like to know the following:

is there any way this could be a proxy server?

what does the sdf portion stand for?

i did an ip2location on this address.  what is the probability that the state is accurate?  or could this be some main server?

any information would be greatly appreciated.  
0
Comment
Question by:abstractionz
2 Comments
 
LVL 6

Expert Comment

by:dedy_djajapermana
ID: 10840260
it can be a proxy server, but most likely it's a pc connected through DSL broadband connection to bellsouth.net ISP
Try to contact the ISP (of that hacking address), i think you should be able to file complain to them.
http://www.bellsouth.net
0
 
LVL 11

Accepted Solution

by:
PennGwyn earned 50 total points
ID: 10844453
> is there any way this could be a proxy server?

Yes.  Or some poor shmuck's box that has been hacked to function as a proxy.

> what does the sdf portion stand for?

It's a subdomain of bellsouth.net.  It stands for anything BellSouth decided they needed to structure a subdomain for.  You might have to ask them, and they might not want to tell you.

> i did an ip2location on this address.  
> what is the probability that the state is accurate?  

50-50.  IF BellSouth allocates addresses by region (probably a good idea, but there could be exceptions) AND IF the ip2location database knows about their allocations (and is up to date), THEN it might be possible.  But there's every chance that this just found the location of the administrator who registered the net block.

> or could this be some main server?

Fairly unlikely -- it looks like an ADSL client name.

Have you tried a traceroute to the address?  These kinds of client names often don't show geographical info, but router names often do, and so you may get a general sense that way of where the machine is located.  (ip2location may do this internally, or may not.)
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port 808 is being blocked 9 99
New firewall implementation guidance 12 62
Local DNS and Home Routers 4 33
Claiming a Domain Name 7 35
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question