But 172.162.95.36 is not between the ranges of 172.16.0.0 and
172.31.255.255, therefore 172162.95.36 is NOT in the private IP range. It
is a public IP address within the America Online subnet block.
-----Original Message-----
From: Arthur Sherman [mailto:arturs (at mark) netvision.net.il]
Sent: Saturday, March 10, 2007 11:37 AM
To: coba-e (at mark) bluequartz.org
Subject: [coba-e:09073] Re: CentOS+BQ hacked?
> >> If you ping aca25f24.ipt.aol.com
> >> You get back this IP 172.162.95.36
> >>
> >> It sounds a lot like a private IP address or an automatic
> >> address that the
> >> NIC takes automatically after not finding a DHCP server.
>
> AS> Ooops. It is private in the range 172.16.0.0 -
> 172.31.255.255 , as per
> AS> http://en.wikipedia.org/wiki/Private_network
>
> AS> It seems to me to be Akamai cache server, but I may be wrong.
> AS> Anyway, it seems suspicious. Did you run chkrootkit and
> all that stuff?
> AS> Or, check for changed/created files with 'find'...
>
>
> AS> Best,
>
> AS> --
> AS> Arthur Sherman
>
> AS> +972-52-4878851
> AS> http://www.cpt.co.il/
>
> 172.162.95.36 is NOT within the range of 172.16.0.0 - 172.31.255.255
> !!!!
> Had it been a reserved address, then there would not be a reverse name
> lookup.
> It's a dynamically assigned address (usually some customer premises)
> by AOL.
>
> --
> Best regards,
> Chris mailto:C.Hemsing (at mark) gmx.net
That's exactly what I am saying, Chris.
I meant 'the range is private...'
:)
Best,
--
Arthur Sherman
+972-52-4878851
http://www.cpt.co.il/