Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
comp.os.linux.networking
+ new post
About this group
Subscribe to this group
This is a Usenet group - learn more
Does nslookup show hacker's location?
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   7 messages - Collapse all  -  Translate all to Translated (View all originals)
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
no.top.p...@gmail.com  
View profile  
 More options Sep 29 2012, 2:22 pm
Newsgroups: comp.os.linux.networking
From: no.top.p...@gmail.com
Date: Sat, 29 Sep 2012 18:22:11 +0000 (UTC)
Local: Sat, Sep 29 2012 2:22 pm
Subject: Does nslookup show hacker's location?
Print | Individual message | Show original | Report this message | Find messages by this author
I've got some false <email warnings from my bank> that I should <klik>
http://capeziodance.com.ve/contacto/use/web/form1.html
http://capeziodance.com.ve/contacto/use/file/form1.html

And `nslookup capeziodance.com.ve` ==
Formatting page, please wait...
root@darkstar:~# nslookup capeziodance.com.ve
Server:         41.160.0.36
Address:        41.160.0.36#53

Non-authoritative answer:
Name:   capeziodance.com.ve
Address: 63.246.145.80
-------------------

Does '63.246' indicate the country?

Part of the mail header looks like:----
To: undisclosed-recipients:;
From: warn...@absamail.co.za
Subject: FINAL WARNING
Reply-To: nonre...@absamail.co.zabfm.hr
Organization: Your Email Account Will Be Terminated
Message-ID: <20120929084213.80dca2e2@bio.bg.ac.rs>
Date: Sat, 29 Sep 2012 10:42:13 +0200
X-Mailer: Kerio Connect 7.4.2 WebMail
X-User-Agent: Opera/9.80 (Windows NT 5.1; U; Edition Next; en) Presto/2.8.131
---------------------

BTW, what's a better group to discuss this?

== TIA.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Bit Twister  
View profile  
 More options Sep 29 2012, 2:47 pm
Newsgroups: comp.os.linux.networking
From: Bit Twister <BitTwis...@mouse-potato.com>
Date: Sat, 29 Sep 2012 18:47:22 +0000 (UTC)
Local: Sat, Sep 29 2012 2:47 pm
Subject: Re: Does nslookup show hacker's location?
Print | Individual message | Show original | Report this message | Find messages by this author

On Sat, 29 Sep 2012 18:22:11 +0000 (UTC), no.top.p...@gmail.com wrote:
> I've got some false <email warnings from my bank> that I should <klik>

> And `nslookup capeziodance.com.ve` ==
> root@darkstar:~# nslookup capeziodance.com.ve
> Server:         41.160.0.36
> Address:        41.160.0.36#53

> Does '63.246' indicate the country?

Not always. If you want country, try

whois capeziodance.com.ve

That assumes you have whois installed.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
unruh  
View profile  
 More options Sep 29 2012, 4:46 pm
Newsgroups: comp.os.linux.networking
From: unruh <un...@invalid.ca>
Date: Sat, 29 Sep 2012 20:46:53 GMT
Local: Sat, Sep 29 2012 4:46 pm
Subject: Re: Does nslookup show hacker's location?
Print | Individual message | Show original | Report this message | Find messages by this author
On 2012-09-29, no.top.p...@gmail.com <no.top.p...@gmail.com> wrote:

> I've got some false <email warnings from my bank> that I should <klik>
> http://capeziodance.com.ve/contacto/use/web/form1.html
> http://capeziodance.com.ve/contacto/use/file/form1.html

> And `nslookup capeziodance.com.ve` ==

.ve is the country.

And "whois" will give you information about the web address and who owns
it.
But phishing operators make use of machines around the world which have
been hijacked. Ie, there is no reason to expect that the cracker is at
any of the addresses listed. You could let them know that their machines
hae been hijacked if you wished.

> Formatting page, please wait...
> root@darkstar:~# nslookup capeziodance.com.ve
> Server:         41.160.0.36
> Address:        41.160.0.36#53

> Non-authoritative answer:
> Name:   capeziodance.com.ve
> Address: 63.246.145.80
> -------------------

> Does '63.246' indicate the country?

no.

> Part of the mail header looks like:----
> To: undisclosed-recipients:;
> From: warn...@absamail.co.za
> Subject: FINAL WARNING
> Reply-To: nonre...@absamail.co.zabfm.hr
> Organization: Your Email Account Will Be Terminated
> Message-ID: <20120929084213.80dca...@bio.bg.ac.rs>
> Date: Sat, 29 Sep 2012 10:42:13 +0200
> X-Mailer: Kerio Connect 7.4.2 WebMail
> X-User-Agent: Opera/9.80 (Windows NT 5.1; U; Edition Next; en) Presto/2.8.131

That is not the full header. Try Looking at the ReceivedFrom lines.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Allodoxaphobia  
View profile  
 More options Sep 29 2012, 10:30 pm
Newsgroups: comp.os.linux.networking
From: Allodoxaphobia <knock_yourself_...@example.net>
Date: 30 Sep 2012 02:30:39 GMT
Local: Sat, Sep 29 2012 10:30 pm
Subject: Re: Does nslookup show hacker's location?
Print | Individual message | Show original | Report this message | Find messages by this author

On Sat, 29 Sep 2012 18:22:11 +0000 (UTC), no.top.p...@gmail.com wrote:

> BTW, what's a better group to discuss this?

  news.admin.net-abuse.email

 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Discussion subject changed to "Re (2): Does nslookup show hacker's location?" by no.top.p...@gmail.com
no.top.p...@gmail.com  
View profile  
 More options Sep 29 2012, 10:44 pm
Newsgroups: comp.os.linux.networking
From: no.top.p...@gmail.com
Date: Sun, 30 Sep 2012 02:44:12 +0000 (UTC)
Local: Sat, Sep 29 2012 10:44 pm
Subject: Re (2): Does nslookup show hacker's location?
Print | Individual message | Show original | Report this message | Find messages by this author

Thanks; it gives a big story about Venezuella.
But can you belive any thing?

My ISP2's pop & smtp and my ISP1's smtp failed
about 2 months ago. As if MicroSoft had made a
new change, which my old software doesn't satisfy.

Or is there something bad with email GLOBALLY
recently? Since the phone enquiries don't reply,
as if they're attenting to a crisis on their server.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Discussion subject changed to ": Does nslookup show hacker's location?" by Bit Twister
Bit Twister  
View profile  
 More options Sep 30 2012, 12:52 am
Newsgroups: comp.os.linux.networking
From: Bit Twister <BitTwis...@mouse-potato.com>
Date: Sun, 30 Sep 2012 04:52:45 +0000 (UTC)
Local: Sun, Sep 30 2012 12:52 am
Subject: Re: [OT] : Does nslookup show hacker's location?
Print | Individual message | Show original | Report this message | Find messages by this author

On Sun, 30 Sep 2012 02:44:12 +0000 (UTC), no.top.p...@gmail.com wrote:
> In article <slrnk6eghq.879.BitTwis...@wb.home.test>, Bit Twister <BitTwis...@mouse-potato.com> wrote:

> Thanks; it gives a big story about Venezuella.
> But can you belive any thing?

All I can say is the provided information is what was
provide/maintained by the entity who is leasing that ip range from the
indicated vendor.

> My ISP2's pop & smtp and my ISP1's smtp failed
> about 2 months ago. As if MicroSoft had made a
> new change, which my old software doesn't satisfy.

Your not providing much information there. If you are talking about
your MTA (qmail, postfix, sendmail, exim,..), upgrade it.
If it's your MUA (thunderbird, kontact, kwrite. knode..), upgrade it.

My ISP wanted an encrypted connection to their incoming server so I
had to install stunnel.
http://freecode.com/projects/stunnel

> Or is there something bad with email GLOBALLY
> recently?

No such thing as "email GLOBALLY".
email is routed to the indicated MTA given in the sender's email
address.

The only "GLOBALLY" requirement is a path to target after translating
the domain into an ip address.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Discussion subject changed to "Does nslookup show hacker's location?" by Rick Jones
Rick Jones  
View profile  
 More options Oct 1 2012, 8:18 pm
Newsgroups: comp.os.linux.networking
From: Rick Jones <rick.jon...@hp.com>
Date: Tue, 2 Oct 2012 00:18:19 +0000 (UTC)
Local: Mon, Oct 1 2012 8:18 pm
Subject: Re: Does nslookup show hacker's location?
Print | Individual message | Show original | Report this message | Find messages by this author

unruh <un...@invalid.ca> wrote:
> On 2012-09-29, no.top.p...@gmail.com <no.top.p...@gmail.com> wrote:
> > I've got some false <email warnings from my bank> that I should <klik>
> > http://capeziodance.com.ve/contacto/use/web/form1.html
> > http://capeziodance.com.ve/contacto/use/file/form1.html

> > And `nslookup capeziodance.com.ve` ==
> .ve is the country.

Well, it is the two character country code used for the domain in DNS.
However, it would be up to the folks running com.ve (or just .ve) as
to whether or not all names registered therein must actually reside in
that country.  For example, I suspect that by far most of the names
registered in ".tv" are not for systems actually residing in Tuvalu.

> But phishing operators make use of machines around the world which
> have been hijacked. Ie, there is no reason to expect that the
> cracker is at any of the addresses listed. You could let them know
> that their machines hae been hijacked if you wished.

Agreed.

rick jones
--
firebug n, the idiot who tosses a lit cigarette out his car window
these opinions are mine, all mine; HP might not want them anyway... :)
feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google