Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

NSLOOKUP ON IP ADDRESS

Posted on 2004-04-15
2
Medium Priority
?
356 Views
Last Modified: 2010-04-11
i did an nslookup of an ip address of someone trying to hack me and i get the following:

adsl-xxx-xxx-xxx.sdf.bellsouth.net

the x's represent the partial ip address

i would like to know the following:

is there any way this could be a proxy server?

what does the sdf portion stand for?

i did an ip2location on this address.  what is the probability that the state is accurate?  or could this be some main server?

any information would be greatly appreciated.  
0
Comment
Question by:abstractionz
2 Comments
 
LVL 6

Expert Comment

by:dedy_djajapermana
ID: 10840260
it can be a proxy server, but most likely it's a pc connected through DSL broadband connection to bellsouth.net ISP
Try to contact the ISP (of that hacking address), i think you should be able to file complain to them.
http://www.bellsouth.net
0
 
LVL 11

Accepted Solution

by:
PennGwyn earned 200 total points
ID: 10844453
> is there any way this could be a proxy server?

Yes.  Or some poor shmuck's box that has been hacked to function as a proxy.

> what does the sdf portion stand for?

It's a subdomain of bellsouth.net.  It stands for anything BellSouth decided they needed to structure a subdomain for.  You might have to ask them, and they might not want to tell you.

> i did an ip2location on this address.  
> what is the probability that the state is accurate?  

50-50.  IF BellSouth allocates addresses by region (probably a good idea, but there could be exceptions) AND IF the ip2location database knows about their allocations (and is up to date), THEN it might be possible.  But there's every chance that this just found the location of the administrator who registered the net block.

> or could this be some main server?

Fairly unlikely -- it looks like an ADSL client name.

Have you tried a traceroute to the address?  These kinds of client names often don't show geographical info, but router names often do, and so you may get a general sense that way of where the machine is located.  (ip2location may do this internally, or may not.)
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question