Solved

NSLOOKUP ON IP ADDRESS

Posted on 2004-04-15
2
289 Views
Last Modified: 2010-04-11
i did an nslookup of an ip address of someone trying to hack me and i get the following:

adsl-xxx-xxx-xxx.sdf.bellsouth.net

the x's represent the partial ip address

i would like to know the following:

is there any way this could be a proxy server?

what does the sdf portion stand for?

i did an ip2location on this address.  what is the probability that the state is accurate?  or could this be some main server?

any information would be greatly appreciated.  
0
Comment
Question by:abstractionz
2 Comments
 
LVL 6

Expert Comment

by:dedy_djajapermana
ID: 10840260
it can be a proxy server, but most likely it's a pc connected through DSL broadband connection to bellsouth.net ISP
Try to contact the ISP (of that hacking address), i think you should be able to file complain to them.
http://www.bellsouth.net
0
 
LVL 11

Accepted Solution

by:
PennGwyn earned 50 total points
ID: 10844453
> is there any way this could be a proxy server?

Yes.  Or some poor shmuck's box that has been hacked to function as a proxy.

> what does the sdf portion stand for?

It's a subdomain of bellsouth.net.  It stands for anything BellSouth decided they needed to structure a subdomain for.  You might have to ask them, and they might not want to tell you.

> i did an ip2location on this address.  
> what is the probability that the state is accurate?  

50-50.  IF BellSouth allocates addresses by region (probably a good idea, but there could be exceptions) AND IF the ip2location database knows about their allocations (and is up to date), THEN it might be possible.  But there's every chance that this just found the location of the administrator who registered the net block.

> or could this be some main server?

Fairly unlikely -- it looks like an ADSL client name.

Have you tried a traceroute to the address?  These kinds of client names often don't show geographical info, but router names often do, and so you may get a general sense that way of where the machine is located.  (ip2location may do this internally, or may not.)
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now