Friday, May 22, 2009

an irc server - part 0.1

Hi there,
during a survey activities it was been found the following irc server:

main.updateserver.cn (67.202.89.34)

Searching by google the only infornatuib about is from threatexpert.com:
http://www.threatexpert.com/report.aspx?md5=f699946ecde2c669adfbbaf4f019fc03
it seems related to pushbot.

The following mirc screen shots show the irc server banner:




whois:

$ whois 67.202.89.34

OrgName: NoZone, Inc.
OrgID: NOZON
Address: 350 E. Cermak Rd.
Address: Suite 240
City: Chicago
StateProv: IL
PostalCode: 60616
Country: US
ReferralServer: rwhois://rwhois.steadfast.net:4321
NetRange: 67.202.64.0 - 67.202.127.255
CIDR: 67.202.64.0/18
OriginAS: AS32748
NetName: STEADFAST-3
NetHandle: NET-67-202-64-0-1
Parent: NET-67-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.STEADFAST.NET
NameServer: NS2.STEADFAST.NET
NameServer: NS3.STEADFAST.NET
NameServer: NS4.STEADFAST.NET
Comment: Please submit all reports of abuse to
Comment: abuse@steadfast.net. Reports sent to other
Comment: addresses will not be processed.
RegDate: 2007-08-09
Updated: 2008-07-15
RAbuseHandle: ABUSE959-ARIN
RAbuseName: Steadfast Networks Abuse Department
RAbusePhone: +1-312-602-2689
RAbuseEmail: abuse@steadfast.net
RNOCHandle: NOG3-ARIN
RNOCName: Steadfast Networks Network Operations Center
RNOCPhone: +1-312-602-2689
RNOCEmail: noc@steadfast.net
RTechHandle: NOG3-ARIN
RTechName: Steadfast Networks Network Operations Center
RTechPhone: +1-312-602-2689
RTechEmail: noc@steadfast.net
OrgAbuseHandle: ABUSE959-ARIN
OrgAbuseName: Steadfast Networks Abuse Department
OrgAbusePhone: +1-312-602-2689
OrgAbuseEmail: abuse@steadfast.net
OrgNOCHandle: NOG3-ARIN
OrgNOCName: Steadfast Networks Network Operations Center
OrgNOCPhone: +1-312-602-2689
OrgNOCEmail: noc@steadfast.net
OrgTechHandle: NOG3-ARIN
OrgTechName: Steadfast Networks Network Operations Center
OrgTechPhone: +1-312-602-2689
OrgTechEmail: noc@steadfast.net
# ARIN WHOIS database, last updated 2009-05-21 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
Found a referral to rwhois.steadfast.net:4321.
%rwhois V-1.0,V-1.5:00090h:00 manage.steadfast.net (Ubersmith RWhois Server V-1.0)
autharea=67.202.64.0/18
xautharea=67.202.64.0/18
network:Class-Name:network
network:Auth-Area:67.202.64.0/18
network:ID:NET-3622.67.202.88.0/22
network:Network-Name:IP Pool
network:IP-Network:67.202.88.0/22
network:IP-Network-Block:67.202.88.0 - 67.202.91.255
network:Org-Name:Verity LLC
network:Street-Address:8622 Merlin Dr.
network:City:Houston
network:State:TX
network:Postal-Code:77055
network:Country-Code:US
network:Tech-Contact:MAINT-3622.67.202.88.0/22
network:Created:20080714202141000
network:Updated:20080714202141000
network:Updated-By:admin@steadfast.net
network:POC-Name:Steadfast Networks
network:POC-Email:admin@steadfast.net
network:POC-Phone:312-602-2689
network:Tech-Name:Steadfast Networks
network:Tech-Email:admin@steadfast.net
network:Tech-Phone:312-602-2689


Cymru whois:

AS |IP |BGPPrefix |CC |Allocated|ASName
32748 |67.202.89.34 |67.202.64.0/19 |US |2007-08-09|STEADFAST-NoZone,Inc.

No comments:

Post a Comment