Just idly watching * in console mode and saw that someone from 50.49.54.102 tried to register with my *. whois gives:- OrgName: Internet Assigned Numbers Authority OrgID: IANA Address: 4676 Admiralty Way, Suite 330 City: Marina del Rey StateProv: CA PostalCode: 90292-6695 Country: US NetRange: 50.0.0.0 - 50.255.255.255 CIDR: 50.0.0.0/8 NetName: RESERVED-50 NetHandle: NET-50-0-0-0-0 Parent: NetType: IANA Reserved Comment: RegDate: Updated: 2002-08-23 OrgTechHandle: IANA-ARIN OrgTechName: Internet Corporation for Assigned Names and Number OrgTechPhone: +1-310-823-9358 OrgTechEmail: res-ip@iana.org ? -- Dave Cotton <dcotton@linuxautrement.com>
Can you saw spoofed IP. the question is did/could your box route back to that IP ?? If so then someone has it in the routing table, which they shouldn't sh ip bgp 50.0.0.0 would tell you on a BGP connected router On Wed, Aug 20, 2003 at 07:49:48PM +0200, Dave Cotton wrote:> Just idly watching * in console mode and saw that someone from > 50.49.54.102 tried to register with my *. > > whois gives:- > > OrgName: Internet Assigned Numbers Authority > OrgID: IANA > Address: 4676 Admiralty Way, Suite 330 > City: Marina del Rey > StateProv: CA > PostalCode: 90292-6695 > Country: US > > NetRange: 50.0.0.0 - 50.255.255.255 > CIDR: 50.0.0.0/8 > NetName: RESERVED-50 > NetHandle: NET-50-0-0-0-0 > Parent: > NetType: IANA Reserved > Comment: > RegDate: > Updated: 2002-08-23 > > OrgTechHandle: IANA-ARIN > OrgTechName: Internet Corporation for Assigned Names and Number > OrgTechPhone: +1-310-823-9358 > OrgTechEmail: res-ip@iana.org > > ? > > -- > Dave Cotton <dcotton@linuxautrement.com> > > _______________________________________________ > Asterisk-Users mailing list > Asterisk-Users@lists.digium.com > http://lists.digium.com/mailman/listinfo/asterisk-users
>Just idly watching * in console mode and saw that someone from >50.49.54.102 tried to register with my *. > >whois gives:- > >OrgName: Internet Assigned Numbers Authority >OrgID: IANA >Address: 4676 Admiralty Way, Suite 330 >City: Marina del Rey >StateProv: CA >PostalCode: 90292-6695 >Country: US > >NetRange: 50.0.0.0 - 50.255.255.255 >CIDR: 50.0.0.0/8 >NetName: RESERVED-50 >NetHandle: NET-50-0-0-0-0 >Parent: >NetType: IANA Reserved >Comment: >RegDate: >Updated: 2002-08-23 > >OrgTechHandle: IANA-ARIN >OrgTechName: Internet Corporation for Assigned Names and Number >OrgTechPhone: +1-310-823-9358 >OrgTechEmail: res-ip@iana.org > >? > >-- >Dave Cotton <dcotton@linuxautrement.com>1) Using what protocol? 2) As John Brown mentions, do a tracroute to that IP from your location. My views show that the address you list is not in the global BGP tables. Spoofed single packets might hit your machines, but they have no way of getting back unless your local routers have static or locally learned routes to that destination. In short: don't worry about it, probably. JT