htcz Posted May 8, 2012 Share Posted May 8, 2012 Hey I have a IP that is trying to access a restricted area. His IP is logged. How do I know who it is? Its not a petition because he tries to log in with default usernames knowing them. Link to comment Share on other sites More sharing options...
watchthisspace Posted May 8, 2012 Share Posted May 8, 2012 Chances are the person who is trying to access your network will not have a static IP. However you could try entering the ip here: http://ip-lookup.net/ and where it says host, it should tell you the ISP who owns that IP address. Then you can just give the ISP an email saying the IP address was trying to access my network at this time. I doubt they will do anything about it, but you never know. Link to comment Share on other sites More sharing options...
htcz Posted May 9, 2012 Author Share Posted May 9, 2012 Seems the IP is from Russia and (since Ive caught it pretty quick last time it tried) its still alive (I can ping it). Ill file a complaint with their ISP. Thank you. Link to comment Share on other sites More sharing options...
htcz Posted May 9, 2012 Author Share Posted May 9, 2012 ERTELECOM.RU seems to be the owner. Filed a complaint. Link to comment Share on other sites More sharing options...
The_Decryptor Veteran Posted May 9, 2012 Veteran Share Posted May 9, 2012 It probably won't have any affect, either way block the IP (or a range encompassing the IP) via your firewall Link to comment Share on other sites More sharing options...
remixedcat Posted May 9, 2012 Share Posted May 9, 2012 Do you use Cloudflare... you can block IPs from there as well. It's a free CDN (Content Delivery Network) as well. They provide many security tools as well as tons of site enhancements! Quick CDN tip: CDNs cache content close to the user. For example, if I am in Tokyo and you are in Pittsburg and the server is in SF bay area,CA I would get the static content from the Tokyo node and you would get one from Pittsburg node. Typically CDNs cost a lot, well cloudflare makes it free and it's been excellent for me and has saved a lot of bandwidth! here's a screenshot of the Threat Control on Cloudflare: Link to comment Share on other sites More sharing options...
htcz Posted May 10, 2012 Author Share Posted May 10, 2012 I believe they are using a proxy :( As now its from the US and it seems to be a company with a VOiP and everything (I cant resolve their ip to anything readable) Link to comment Share on other sites More sharing options...
remixedcat Posted May 10, 2012 Share Posted May 10, 2012 Any pattern in IP ranges??? Link to comment Share on other sites More sharing options...
xendrome Posted May 10, 2012 Share Posted May 10, 2012 Secure your network properly and it won't matter... if you only knew how many people were scanning your ports and bruteforce'ing your open services every hour... remixedcat 1 Share Link to comment Share on other sites More sharing options...
htcz Posted May 11, 2012 Author Share Posted May 11, 2012 Any pattern in IP ranges??? Some: US and russia.... Secure your network properly and it won't matter... if you only knew how many people were scanning your ports and bruteforce'ing your open services every hour... Im not a fan of "Secure and be done". I think these people should not be allowed these actions further. Link to comment Share on other sites More sharing options...
Recommended Posts