[CLUE-Tech] root kit checker
Jed S. Baer
thag at frii.com
Thu May 6 10:59:38 MDT 2004
On Thu, 06 May 2004 10:26:37 -0600
Mike Staver <staver at fimble.com> wrote:
> 65.54.164.101
>
> The reverse dns on this is wrong I think, it claims it's part of
> msn.com, which I find hard to believe since it has no forward dns
> pointer record assigned to it.
$ whois 65.54.164.101 at whois.arin.net
OrgName: Microsoft Corp
OrgID: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
NetRange: 65.52.0.0 - 65.55.255.255
CIDR: 65.52.0.0/14
NetName: MICROSOFT-1BLK
NetHandle: NET-65-52-0-0-1
Parent: NET-65-0-0-0-0
NetType: Direct Assignment
NameServer: DNS1.CP.MSFT.NET
NameServer: DNS2.CP.MSFT.NET
NameServer: DNS1.TK.MSFT.NET
NameServer: DNS1.DC.MSFT.NET
NameServer: DNS1.SJ.MSFT.NET
Comment:
RegDate: 2001-02-14
Updated: 2002-12-05
TechHandle: ZM23-ARIN
TechName: Microsoft Corporation
TechPhone: +1-425-882-8080
TechEmail: noc at microsoft.com
If your machine has been compromised, perhaps it's part of a DDOS against
M$.
jed
--
http://s88369986.onlinehome.us/freedomsight/
... it is poor civic hygiene to install technologies that could someday
facilitate a police state. -- Bruce Schneier
More information about the clue-tech
mailing list