List Info

Thread: FW: alert: New event: BLEEDING-EDGE POLICY Reserved IP Space Traffic - Bogon Nets 2
FW: alert: New event: BLEEDING-EDGE POLICY Reserved IP Space Traffic - Bogon Nets 2
country flaguser name
United States		 2007-03-30 06:06:13 

  


  

    fp.  allocated in january 07.

 





-----Original Message-----
From: Curagen 
[mailto:securitycuragen.com] 
Sent: Thursday, March 29, 2007 10:49 
PM
To: security-alertcuragen.hackertrap.net
Subject: alert: 
New event: BLEEDING-EDGE POLICY Reserved IP Space Traffic - Bogon Nets 
2



03/29-21:45:00 TCP 116.18.2.136:4862 --> 172.16.4.9:25
[1:2002750:7] BLEEDING-EDGE POLICY Reserved IP Space Traffic - 
Bogon Nets 2
[Classification: Potentially Bad Traffic] [Priority: 2] 



 


 



OrgName:    Asia Pacific Network Information 
Centre
OrgID:   ;   
APNIC
Address: ;   PO Box 
2131
City:       Milton
StateProv:  
QLD
PostalCode: 4064
Country:    AU


 


ReferralServer: whois://whois.apnic.net


 ;


NetRange:   116.0.0.0 - 
116.255.255.255
CIDR:       
116.0.0.0/8
NetName:    APNIC-116
NetHandle:  
NET-116-0-0-0-1
Parent:
NetType:    Allocated to 
APNIC
NameServer: NS1.APNIC.NET
NameServer: NS3.APNIC.NET
NameServer: 
NS4.APNIC.NET
NameServer: TINNIE.ARIN.NET
NameServer: 
NS.LACNIC.NET
NameServer: NS-SEC.RIPE.NET
Comment:    This 
IP address range is not registered in the ARIN 
database.
Comment:    For details, refer to the APNIC Whois 
Database via
Comment:    WHOIS.APNIC.NET or http://www.apnic.net/apnic-bin/whois2.pl
Comment:    
** IMPORTANT NOTE: APNIC is the Regional Internet 
Registry
Comment:    for the Asia Pacific region. APNIC does 
not operate networks
Comment:    using this IP address range 
and is not able to investigate
Comment:    spam or abuse 
reports relating to these addresses. For more
Comment:    
help, refer to http://www.apnic.net/info/faq/abuse
RegDate:    
2007-01-17
Updated:  ;  2007-01-24


 


OrgTechHandle: AWC12-ARIN
OrgTechName:   APNIC Whois 
Contact
OrgTechPhone:  +61 7 3858 3100
OrgTechEmail:  apnic.net">search-apnic-not-arinapnic.net


 


# ARIN WHOIS database, last updated 2007-03-29 19:10
# Enter ? for 
additional hints on searching ARIN's WHOIS database.
% [whois.apnic.net 
node-1]
% Whois data copyright terms ;   http://www.apnic.net/db/dbcopyright.html



 


inetnum:      116.16.0.0 - 
116.31.255.255
netname:     ; 
CHINANET-GD
descr:    ;    CHINANET 
Guangdong province network
descr:     ;   
China Telecom
descr:     ;   No.31,jingrong 
street
descr:   ;     Beijing 
100032
country:      
CN
admin-c:      
CH93-AP
tech-c:       
IC83-AP
mnt-by:       
APNIC-HM
mnt-lower:  ;  
MAINT-CHINANET-GD
mnt-routes:   
MAINT-CHINANET-GD
status: ;      ALLOCATED 
PORTABLE
remarks:      
-+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks:    ;  
This object can only be updated by APNIC 
hostmasters.
remarks:      To update this object, 
please contact APNIC
remarks:     ; hostmasters and 
include your organisation's account
remarks: ;     
name in the subject line.
remarks:     ; 
-+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed:    ;  
 hm-changedapnic.net">hm-changedapnic.net 
20070307
source:       APNIC


 


person:   ;    Chinanet 
Hostmaster
nic-hdl:  ;    
CH93-AP
e-mail:       ns.chinanet.cn.net">anti-spamns.chinanet.cn.net
address:      
No.31 ,jingrong street,beijing
address:      
100032
phone:   ;     
+86-10-58501724
fax-no:     ;  
+86-10-58501724
country:   ;   
CN
changed:      chinatelecom.com.cn">lqingchinatelecom.com.cn 
20051212
mnt-by:       
MAINT-CHINANET
source:       APNIC


 


person:   ;    IPMASTER 
CHINANET-GD
nic-hdl:      
IC83-AP
e-mail:       gddc.com.cn">ipadmgddc.com.cn
address:  ;    
NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
phone: ;       
+86-20-83877223
fax-no:     ;  
+86-20-83877223
country:   ;   
CN
changed:      gddc.com.cn">ipadmgddc.com.cn 
20040902
mnt-by:       
MAINT-CHINANET-GD
remarks:      IPMASTER is not for 
spam complaint,please send spam complaint to gddc.com.cn">abusegddc.com.cn
source:    ;   
APNIC
 





This email has been scanned and certified safe by SpammerTrap™.

For Information please see 
www.spammertrap.com







  

  
  
   
     
    

  

    Re:  FW: alert: New event: BLEEDING-EDGE
POLICY Reserved IP Space Traffic - Bogon
Net
  


  

     country flaguser name
United States		
     2007-03-30 10:58:41
  


  

    
THanks Michael. Anyone know what the current allocated range
is for
112.0.0.0/5 then?

Matt

Michael Scheidell wrote:
> fp.  allocated in january 07.
>  
> -----Original Message-----
> *From Curagen
[mailto:securitycuragen.com]
> *Sent Thursday,
March 29, 2007 10:49 PM
> *To
security-alertcuragen.hackertrap.net
> *Subject alert: New
event: BLEEDING-EDGE POLICY Reserved IP Space
> Traffic - Bogon Nets 2
> 
> 03/29-21:45:00 TCP 116.18.2.136:4862
> <https://curagen.hackertrap.net/base/
base_stat_ipaddr.php?ip=116.18.2.136>
> --> 172.16.4.9:25
> <https://curagen.hackertrap.net/base/ba
se_stat_ipaddr.php?ip=172.16.4.9>
> [1:2002750:7] <http://www.snort.org/pub-bin/sigs.cgi?sid=2002750>
> BLEEDING-EDGE POLICY Reserved IP Space Traffic - Bogon
Nets 2
> [Classification: Potentially Bad Traffic] [Priority: 2]

>  
>  
> 
> OrgName:    Asia Pacific Network Information Centre
> OrgID:      APNIC
> Address:    PO Box 2131
> City:       Milton
> StateProv:  QLD
> PostalCode: 4064
> Country:    AU
>  
> ReferralServer: whois://whois.apnic.net
>  
> NetRange:   116.0.0.0 - 116.255.255.255
> CIDR:       116.0.0.0/8
> NetName:    APNIC-116
> NetHandle:  NET-116-0-0-0-1
> Parent:
> NetType:    Allocated to APNIC
> NameServer: NS1.APNIC.NET
> NameServer: NS3.APNIC.NET
> NameServer: NS4.APNIC.NET
> NameServer: TINNIE.ARIN.NET
> NameServer: NS.LACNIC.NET
> NameServer: NS-SEC.RIPE.NET
> Comment:    This IP address range is not registered in
the ARIN database.
> Comment:    For details, refer to the APNIC Whois
Database via
> Comment:    WHOIS.APNIC.NET or http://www.a
pnic.net/apnic-bin/whois2.pl
> Comment:    ** IMPORTANT NOTE: APNIC is the Regional
Internet Registry
> Comment:    for the Asia Pacific region. APNIC does not
operate networks
> Comment:    using this IP address range and is not able
to investigate
> Comment:    spam or abuse reports relating to these
addresses. For more
> Comment:    help, refer to http://www.apnic.
net/info/faq/abuse
> RegDate:    2007-01-17
> Updated:    2007-01-24
>  
> OrgTechHandle: AWC12-ARIN
> OrgTechName:   APNIC Whois Contact
> OrgTechPhone:  +61 7 3858 3100
> OrgTechEmail:  search-apnic-not-arinapnic.net
> <mailto:search-apnic-not-arinapnic.net>
>  
> # ARIN WHOIS database, last updated 2007-03-29 19:10
> # Enter ? for additional hints on searching ARIN's
WHOIS database.
> % [whois.apnic.net node-1]
> % Whois data copyright terms    http://www.a
pnic.net/db/dbcopyright.html
>  
> inetnum:      116.16.0.0 - 116.31.255.255
> netname:      CHINANET-GD
> descr:        CHINANET Guangdong province network
> descr:        China Telecom
> descr:        No.31,jingrong street
> descr:        Beijing 100032
> country:      CN
> admin-c:      CH93-AP
> tech-c:       IC83-AP
> mnt-by:       APNIC-HM
> mnt-lower:    MAINT-CHINANET-GD
> mnt-routes:   MAINT-CHINANET-GD
> status:       ALLOCATED PORTABLE
> remarks:     
-+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> remarks:      This object can only be updated by APNIC
hostmasters.
> remarks:      To update this object, please contact
APNIC
> remarks:      hostmasters and include your
organisation's account
> remarks:      name in the subject line.
> remarks:     
-+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> changed:      hm-changedapnic.net
<mailto:hm-changedapnic.net> 20070307
> source:       APNIC
>  
> person:       Chinanet Hostmaster
> nic-hdl:      CH93-AP
> e-mail:       anti-spamns.chinanet.cn.net
> <mailto:anti-spamns.chinanet.cn.net>
> address:      No.31 ,jingrong street,beijing
> address:      100032
> phone:        +86-10-58501724
> fax-no:       +86-10-58501724
> country:      CN
> changed:      lqingchinatelecom.com.cn
> <mailto:lqingchinatelecom.com.cn> 20051212
> mnt-by:       MAINT-CHINANET
> source:       APNIC
>  
> person:       IPMASTER CHINANET-GD
> nic-hdl:      IC83-AP
> e-mail:       ipadmgddc.com.cn
<mailto:ipadmgddc.com.cn>
> address:      NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
> phone:        +86-20-83877223
> fax-no:       +86-20-83877223
> country:      CN
> changed:      ipadmgddc.com.cn
<mailto:ipadmgddc.com.cn> 20040902
> mnt-by:       MAINT-CHINANET-GD
> remarks:      IPMASTER is not for spam complaint,please
send spam
> complaint to abusegddc.com.cn <mailto:abusegddc.com.cn>
> source:       APNIC
>  
> 
>
------------------------------------------------------------
------------
> This email has been scanned and certified safe by
SpammerTrap^(TM).
> For Information please see www.spammertrap.com <http://www.spammertrap
.com>
>
------------------------------------------------------------
------------
> 
> 
>
------------------------------------------------------------
------------
> 
> _______________________________________________
> Bleeding-sigs mailing list
> Bleeding-sigsbleedingthreats.net
> http://lists.bleedingthreats.net/cgi-bin/
mailman/listinfo/bleeding-sigs

-- 
--------------------------------------------
Matthew Jonkman
Bleeding Edge Threats
765-429-0398
765-807-3060 fax
http://www.bleedingthr
eats.net
--------------------------------------------

PGP: http:/
/www.bleedingthreats.com/mattjonkman.asc


_______________________________________________
Bleeding-sigs mailing list
Bleeding-sigsbleedingthreats.net
http://lists.bleedingthreats.net/cgi-bin/
mailman/listinfo/bleeding-sigs



  


  

    
  

  
  
   
     
    






 [1-2]











   
 





about | contact  Other archives ( Real Estate discussion Medical topics )