unknown user
Results 1 to 10 of 10

Thread: unknown user

  1. #1
    Junior Member
    Join Date
    Feb 2002
    Posts
    3

    Question unknown user

    hey, i couldn't find an appropriate answer on the web so i thought i would ask ya'll. a few days ago i did a finger on my solaris 7 box and found something that puzzled me

    jobrien ???
    cdemoss Craig R. Demoss *pts/6 3:13 Mon 16:40 12.105.102.231

    my question is do any of ya'll know why user jobrien has the question marks for real name and nothing for pts, date, or location. also jobrien is not a valid user name. have i been hacked or can this sort of thing happen? i checked my syslogs and messages files to see if there was any unusual activity, and there wasn't. any help would be appreciated

    thanks,
    britfanjr

  2. #2
    Senior Member
    Join Date
    Apr 2002
    Posts
    204
    I don't know who that would be but maybe run a whois on them and see what the IP comes up as, I mess with Windows so I really would know that log means...sorry
    Beware the quiet ones...

  3. #3
    Senior Member
    Join Date
    Apr 2002
    Posts
    204
    AT&T ITS (NET-ATT) ATT 12.0.0.0 - 12.255.255.255
    MORGAN KEEGAN COMPANY (NETBLK-MORGAN-KEE247-102) MORGAN-KEE247-102
    12.105.102.0 - 12.105.102.255

    That is who it comes back as so if you were hacked you may want to call these people....for more info goto...

    http://www.arin.net
    Beware the quiet ones...

  4. #4
    Junior Member
    Join Date
    Feb 2002
    Posts
    3
    thanks cybermagellan i will start there

  5. #5
    Senior Member
    Join Date
    Apr 2002
    Posts
    204
    Remember that I said I mess with Windows not Linux so I don't know if you have been hacked I am just saying that is a good site and that is who it is.....may want to ask some linux people before you go accusing....
    Beware the quiet ones...

  6. #6
    Junior Member
    Join Date
    Feb 2002
    Posts
    3
    yeah, i'll wait until i know for certain before i accuse anyone. thanks again for the help

  7. #7
    Senior Member
    Join Date
    Apr 2002
    Posts
    204
    NP, anything to help
    Beware the quiet ones...

  8. #8
    AntiOnline Newbie
    Join Date
    Apr 2002
    Posts
    91
    Don't forget that with Klez, not only is the "From" address spoofed, it typically comes from an infected machine where the owner is unaware of the infection. Not only that, but we had a lengthy discussion a week or so ago about whether or not other aspects of the header had been mangled enough by the virus that one may or may not be able to tell the source of the infected machine. You can read the discussion here

  9. #9
    Member
    Join Date
    Mar 2002
    Posts
    84
    d00d its freakin ATT that owns the netblock.
    freedom is a road seldom traveled by the multitude

    freedom aint free

  10. #10
    Member
    Join Date
    Mar 2002
    Posts
    84
    Microsoft Windows XP [Version 5.1.2600]
    (C) Copyright 1985-2001 Microsoft Corp.

    C:\Documents and Settings\Justin Cianci>ping www.morgankeegan.com

    Pinging www.morgankeegan.com [12.104.221.150] with 32 bytes of data:

    Reply from 12.104.221.150: bytes=32 time=95ms TTL=237
    Reply from 12.104.221.150: bytes=32 time=101ms TTL=237
    Reply from 12.104.221.150: bytes=32 time=94ms TTL=237
    Reply from 12.104.221.150: bytes=32 time=92ms TTL=237

    Ping statistics for 12.104.221.150:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 92ms, Maximum = 101ms, Average = 95ms

    C:\Documents and Settings\Justin Cianci>cd..

    C:\Documents and Settings>cd..

    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>ping www.morgankeegan.com

    Pinging www.morgankeegan.com [12.104.221.150] with 32 bytes of data:

    Reply from 12.104.221.150: bytes=32 time=91ms TTL=237
    Reply from 12.104.221.150: bytes=32 time=87ms TTL=237
    Reply from 12.104.221.150: bytes=32 time=87ms TTL=237
    Reply from 12.104.221.150: bytes=32 time=108ms TTL=237

    Ping statistics for 12.104.221.150:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 87ms, Maximum = 108ms, Average = 93ms

    C:\>
    freedom is a road seldom traveled by the multitude

    freedom aint free

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •