NeoTrace Trace Version 3.25 Results Target: 210.155.134.241 Date: 28/02/2002 (Thursday), 02:18:38 Nodes: 18 Node Data Node Net Reg IP Address Location Node Name 18 1 - 210.155.134.241 TOKYO Packet Data Node High Low Avg Tot Lost 18 255 255 255 1 0 Network Data Network id#: 1 Rights restricted by copyright. See http://www.apnic.net/db/dbcopyright.html (whois7.apnic.net) inetnum: 210.144.0.0 - 210.159.255.255 netname: JPNIC-NET-JP descr: Japan Network Information Center country: JP admin-c: JNIC1-AP tech-c: JNIC1-AP remarks: JPNIC Allocation Block remarks: Authoritative information regarding assignments and remarks: allocations made from within this block can also be remarks: queried at whois.nic.ad.jp. To obtain an English remarks: output query whois -h whois.nic.ad.jp x.x.x.x/e mnt-by: MAINT-JPNIC changed: apnic-ftp@xxxxxxxxx 19991208 source: APNIC role: Japan Network Information Center address: Kokusai-Kougyou-Kanda Bldg 6F, 2-3-4 Uchi-Kanda address: Chiyoda-ku, Tokyo 101-0047, Japan country: JP phone: +81-3-5297-2311 fax-no: +81-3-5297-2312 e-mail: hostmaster@xxxxxxxxx admin-c: NM6-AP tech-c: YM15-AP tech-c: IK6-AP tech-c: KM19-AP nic-hdl: JNIC1-AP mnt-by: MAINT-JPNIC changed: apnic-ftp@xxxxxxxxx 19990629 changed: hostmaster@xxxxxxxxx 20011011 source: APNIC inetnum: 210.155.128.0 - 210.155.131.255 netname: MEX-CIDR-BLK-JP descr: Media Exchange Co., Inc. country: JP admin-c: SY294JP tech-c: YI001JP remarks: This information has been partially mirrored by APNIC from remarks: JPNIC. To obtain more specific information, please use the remarks: JPNIC whois server at whois.nic.ad.jp. (This defaults to remarks: Japanese output, use the /e switch for English output) changed: apnic-ftp@xxxxxxxxx 20020227 source: JPNIC inetnum: 210.155.128.0 - 210.155.131.255 netname: MEX-ATM-BB1 descr: Media EXchange Co.,Inc. country: JP admin-c: SY294JP tech-c: YI001JP tech-c: HT5100JP remarks: This information has been partially mirrored by APNIC from remarks: JPNIC. To obtain more specific information, please use the remarks: JPNIC whois server at whois.nic.ad.jp. (This defaults to remarks: Japanese output, use the /e switch for English output) remarks: This information has been partially mirrored by APNIC from remarks: JPNIC. To obtain more specific information, please use the remarks: JPNIC whois server at whois.nic.ad.jp. (This defaults to remarks: Japanese output, use the /e switch for English output) changed: apnic-ftp@xxxxxxxxx 19970829 changed: apnic-ftp@xxxxxxxxx 20020227 Thats all the info I can find from here in the UK Julian -----Original Message----- From: Marco Sin [mailto:msin@xxxxxxxx] Sent: 28 February 2002 02:07 To: [ISAserver.org Discussion List] Subject: [isalist] port scan attack ISA Server name: FIREWALL ISA Server detected an all port scan attack from Internet Protocol (IP) address 210.155.134.241. For more information about this event, see ISA Server Help. All port scan attack from this IP at 1:27am-1:35am(HK+8),total detected 17 times. I checked the IP come from Japan .Any body help me to check in detail.Thank a lot!