The original problem statement:
On one of Inference's gateway machines, /var/adm/messages contains the
following lines:
Dec 1 04:58:30 gabor inetd[141]: ftp[7052] from 131.126.81.211 1627
Dec 1 04:58:47 gabor inetd[141]: ftp[7053] from 131.126.81.211 1628
Dec 1 04:59:20 gabor inetd[141]: ftp[7055] from 131.126.81.211 1629
My reverse-map-ip utility doesn't find a name for that IP address. What
should I do to find out who it belongs to?
The specific answer is: that class B address belongs to MOBIL.COM.
Answers on how to solve the general problem of identifying IP numbers:
1. Use "dig".
2. TELNET to NIC.INTERNIC.NET, log in as "whois", follow directions.
3. Use nslookup on 126.131.in-addr.arpa.
4. FTP or TELNET to the node and look at the banner.
5. Use "whois 131.126"
6. Use traceroute.
7. Install software to screen connections by reverse mapping.
It so happens I didn't have to use any of the above, because many of the
respondents provided the output of their suggested solutions, including the
domain of the unknown node.
Thanks to the following folks for their replies:
Gene Rackow <rackow@mcs.anl.gov>
"Richard Murphy, DSR Inc." <murphy@dsr.com>
Claus Assmann <ca@informatik.uni-kiel.de>
Stephen Miller <miller_stephen@jpmorgan.com>
"Kevin A. Noll" <knoll@csl-emh2.army.mil>
Ian MacPhedran <Ian_MacPhedran@dvinci.usask.ca>
stuart@TO.mobil.com (Stuart Pearlman - RDR)
danny@esaserv1.dseg.ti.com (Danny Johnson)
stanley@oce.orst.edu (John Stanley)
Andy_Feldt@phyast.nhn.uoknor.edu (Andy Feldt)
brian@cyrix.com (Brian Holgate)
Dan Stromberg - OAC-DCS <strombrg@hydra.acs.uci.edu>
Michael Myers <mmyers@willamette.edu>
Dave Fetrow <fetrow@biostat.washington.edu>
anthony baxter <anthony.baxter@aaii.oz.au>
tap116@nocc.minsy.navy.mil (Tom Plesha)
leach@oce.orst.edu
wzhu@cse.unl.edu (Weibin Zhu)
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:09:17 CDT