[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Richard Coupe wrote: > > I was interested to see where all of my pet brute force login guys were > from. Korea and Hong Kong, as it turns out (thanks James). You can derive block owners from IP address using "whois". The whois data does need to be maintained, as the TLD do change slowly. I'd use "whois" data over geographical IP data for reporting abuse. I did on one occasion find a lot of abusive Korean allocated IP address space was traffic tunnelled from Georgia, in the good old US of A. Although that would have been impossible to figure out, without someone on the ground in Korea sorting out the people who were assisting the spammers. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html