Results 1 to 4 of 4

Thread: Unknown host on network.

  1. December 8th, 2002, 04:42 PM #1
    detoxsmurf
    detoxsmurf is offline
    Senior Member
    Join Date
    Jul 2002
    Posts
    167

    Unknown host on network.

    I am running a samba file sharing server on one of my linux servers. I went into the mandrake control center and did a scan of hosts on my network. It was able to detect all my computers plus an unknown IP address (172.136.106.146). I tired to do a reverse IP lookup but samspade.org was down. I have a linksys router which blocks open ports before stuff gets into my network. I am wondering what others might think this is?
    Reply With Quote Reply With Quote
  2. December 8th, 2002, 04:50 PM #2
    magnoon
    magnoon is offline
    Senior Member
    Join Date
    Oct 2002
    Posts
    112
    Here is the NEO Trace results for that IP
    ===============================

    NeoTrace Version 3.01 - (December 20 2000) Trace Results
    Target: 172.136.106.146
    Date: Sun Dec 08 08:35:27 2002
    Nodes: 20


    Node Data
    Node Net Who IP Address Location Node Name
    20 1 1 172.136.106.146 39.017N, 77.417W ac886a92.ipt.aol.com


    Packet Data
    Node High Low Avg Tot Lost
    20 ---- ---- ---- 2 2


    Network Data
    Network id#: 1

    OrgName: America Online
    OrgID: AOL

    NetRange: 172.128.0.0 - 172.191.255.255
    CIDR: 172.128.0.0/10
    NetName: AOL-172BLK
    NetHandle: NET-172-128-0-0-1
    Parent: NET-172-0-0-0-0
    NetType: Direct Allocation
    NameServer: DAHA-01.NS.AOL.COM
    NameServer: DAHA-02.NS.AOL.COM
    Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
    RegDate: 2000-03-24
    Updated: 2002-08-09

    TechHandle: AOL-NOC-ARIN
    TechName: America Online, Inc.
    TechPhone: +1-703-265-4670
    TechEmail: [email protected]

    OrgAbuseHandle: AOL382-ARIN
    OrgAbuseName: America Online, Inc.
    OrgAbusePhone: +1-703-265-4662
    OrgAbuseEmail: [email protected]

    OrgNOCHandle: AOL236-ARIN
    OrgNOCName: America Online, Inc.
    OrgNOCPhone: +1-703-265-5431
    OrgNOCEmail: [email protected]

    OrgTechHandle: AOL-NOC-ARIN
    OrgTechName: America Online, Inc.
    OrgTechPhone: +1-703-265-4670
    OrgTechEmail: [email protected]

    ARIN Whois database, last updated 2002-12-07 20:00




    Access to America Online, Inc.'s WHOIS service is for information
    purposes. America Online, Inc. makes this service available AS
    IS and does not guarantee its accuracy or availability. By
    submitting a WHOIS query, you agree that you will use this service
    and the information we provide only for lawful purposes and that,
    under no circumstances will you use this service or the information
    we provide to: (1) allow, enable, or otherwise support the transmission
    of mass unsolicited, commercial advertising or solicitations via
    email (spam); or (2) enable high volume, automated, electronic
    processes that apply to America Online, Inc. (or its systems).
    America Online, Inc. reserves the right to modify these terms at any
    time. By accessing and using our WHOIS service, you agree to these terms.

    Domain Name: AOL.COM

    Registrant:
    America Online, Inc.
    22000 AOL Way
    Dulles, VA 20166
    US

    Created on..............: Jun 22 1995 12:00AM
    Expires on..............: Nov 23 2003 7:02AM
    Record Last Updated on..: Nov 24 2002 7:05PM
    Registrar...............: America Online, Inc.
    http://whois.registrar.aol.com/whois/

    Administrative, Technical Contact:
    AOL Domain Administration (America Online, Inc.)
    22000 AOL Way
    Dulles, VA 20166
    US
    Tel. 703 265 4670
    Email: [email protected]

    Domain servers:
    DNS-01.NS.AOL.COM
    152.163.159.232
    DNS-02.NS.AOL.COM
    205.188.157.232
    DNS-06.NS.AOL.COM
    149.174.211.8
    DNS-07.NS.AOL.COM
    64.12.51.132

    WHOIS data is only provided by this server for domains ending
    in .COM, .NET, and .ORG that were registered through
    America Online, Inc's Domain Registration Service.


    The previous information has been obtained either directly from the
    registrant or a registrar of the domain name other than VeriSign.
    _____
    NeoTrace Copyright ©1997-2000 NeoWorx Inc
    If you receive something that says \'Send this to everyone you know,\' pretend you don\'t know me.
    Reply With Quote Reply With Quote
  3. December 8th, 2002, 05:22 PM #3
    detoxsmurf
    detoxsmurf is offline
    Senior Member
    Join Date
    Jul 2002
    Posts
    167
    Thanks for the trace magnoon. I went to all the different computers on my network and was able to locate the cause of the unknown address. It was from an open AOL instant messenger programer running on a windows me computer. I don't know why Samba recognized it as a local computer on the network with a shared folder. I wonder if this opens up a security issue within the network.
    Reply With Quote Reply With Quote
  4. December 8th, 2002, 05:51 PM #4
    magnoon
    magnoon is offline
    Senior Member
    Join Date
    Oct 2002
    Posts
    112
    We block all instant messaging services on our network because they can lead to security breaches on a network.

    Take a look here overview of the risks:

    http://nativeintelligence.com/awareness/is-chat.asp

    http://www.usatoday.com/money/tech/2...m-security.htm

    If you allow instant messaging you are opening a door to a potential breach.
    If you receive something that says \'Send this to everyone you know,\' pretend you don\'t know me.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules