This topic has been archived. It cannot be replied.
-
工作学习 / 学科技术讨论 / How to find out who is under the attempt IP address? (recently, found this IP address attacked our site too often)
-whereismyid(到处找ID);
2009-3-2
(#5086342@0)
-
I don't know whether this information is helpful. use whois command you can find out the phisical location of the IP address, but you may not locate it acutratelty.
-qwertyasd(东北人);
2009-3-2
(#5086643@0)
-
who.is only can provide ISP info. No more detail about such user
-whereismyid(到处找ID);
2009-3-2
(#5086939@0)
-
you may need to contact the ISP of the IP for details, --joke.
-qwertyasd(东北人);
2009-3-2
(#5087011@0)
-
Those ISP companies will ask the investigation letter which is issued from police dept. or court..etc.
-whereismyid(到处找ID);
2009-3-2
(#5087154@0)
-
There are lots of free visual trace program on the Internet and some of them can provide whois and network registration info. At least you can find out which ISP the IP is allocated from, in most cases.
-liquid(豆泡松果 之 松果豆泡);
2009-3-2
(#5086810@0)
-
How about some one use proxy -proxy-.... ?
-whereismyid(到处找ID);
2009-3-2
(#5086942@0)
-
Whenever find out the request from that suspetious IP, re-route the request to ..
-nicetomeetyou(_);
2009-3-2
(#5086844@0)
-
no police involved until we make sure....
-whereismyid(到处找ID);
2009-3-2
(#5086948@0)
-
If you have a user registration table, you do have some strategy to dig that IP's owner out,.... huh?
-nicetomeetyou(_);
2009-3-2
(#5086979@0)
-
研究发现牛皮入药--治疗自卑,胆怯,增进自信。
-qwertyasd(东北人);
2009-3-2
(#5087034@0)
-
If this guy comes from our existing customer table, I can search IP to match up. But if this guy comes from external, I only can search public stop forum blacklist database etc.
-whereismyid(到处找ID);
2009-3-2
(#5087166@0)
-
If those famous / active public forums, websites can be associated on those online abuse cases, searching them without police help is a technical mission possible. We can also build pattern model on those cases.
-nicetomeetyou(_);
2009-3-2
(#5087227@0)
-
FYI, some sites are using those DB as first filter to comb out suspecious attempt IPs then check UID/PWD for login.
-whereismyid(到处找ID);
2009-3-2
(#5087599@0)
-
What kind of page or function does the attacker try to crack? What is he trying to do?
-nicetomeetyou(_);
2009-3-2
(#5088420@0)
-
Credit Info
-whereismyid(到处找ID);
2009-3-3
(#5088645@0)