[Hackmeeting] [HackedTeam] List collector and anonymizer ser…

Nachricht löschen

Nachricht beantworten
Autor: pasky
Datum:  
To: hackmeeting
Betreff: [Hackmeeting] [HackedTeam] List collector and anonymizer server.
List collector and anonymizer server HT da mettere in black list.

Pane per il firewall, anche se cambieranno un pò tutto magari è meglio
bloccare questa lista di ip dal vostro firewall e fare una ricerca nei
file di log se sono arrivate connessioni in entrata o in uscita da
questo
elenco di ip.

https://wikileaks.org/hackingteam/emails/emailid/109655

E mettere in black list anche tutti gli ip che arrivano dai seguenti
ISP HOST:

http://www.sparknode.com/
https://www.vpscheap.net/
http://nqhost.com/

Whois è tuo amico

whois -a <IP Address>

Esempio (IP preso dalla lista "collector or anonymizer server?)

[root@kypck ~]# whois -a 88.49.232.172
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.


% Information related to '88.49.232.168 - 88.49.232.175'

% Abuse contact for '88.49.232.168 - 88.49.232.175' is
'abuse@???'

inetnum:        88.49.232.168 - 88.49.232.175
netname:        LOGISTICAINTEGRATA
descr:          LOGISTICA INTEGRATA
country:        IT
admin-c:        AN3013-RIPE
tech-c:         AN3015-RIPE
status:         ASSIGNED PA
mnt-by:         INTERB-MNT
created:        2007-03-20T10:41:07Z
last-modified:  2008-07-26T04:06:26Z
source:         RIPE # Filtered


[... il resto scopritelo da soli...]
_______________________________________________________________________

https://apps.db.ripe.net/search/query.html?searchtext=68.233.232.140


A chi è assegnato un determinato ip (RIPE query ip europei)
https://apps.db.ripe.net/search/query.html?searchtext=<IP ADDRESS>

Esempio (IP preso dalla lista "collector or anonymizer server?)
https://apps.db.ripe.net/search/query.html?searchtext=88.49.232.172

Tools RIPE stat
https://stat.ripe.net/ (ASXXX, IP, GEOLOC, ETC)

Happy Hacking!

--
P@sKy

Makkinista -⁠⁠ Fuokista
http://www.ecn.org/

GPG/⁠⁠PGP keys available via keyservers http://pgpkeys.mit.edu:11371/
         DSA: 6CBE 6982 5C10 CFF0 D676  6420 C1C5 B8EC 8690 0F88
         RSA: 40 6B 54 8C 20 A0 F6 0B  4C 96 AA 34 D3 FB DC 8C