On Wed, Nov 27, 2024 at 4:27 AM George at Clug wrote: > > Curiosity got the better of me, so I installed "whois" and gave it a try. > > Below are the responses I get, for "$whois 191.96.36.56" and I tried a whois > on the ip in "%ERROR:201: access denied for 190.112.52.14" > > I wonder what this information might mean to anyone? How would this > information be useful?
You get their tech contact, so you can ask about problems accessing something in their network or let them know about their open ntp server that can be used for DOS attacks or .. whatever. You also get their abuse contact info so you know where to direct emails about abusive behavior from that ip address range. If whois will look up handles you can lookup the abuse handle. I can't figure out how to do that so https://search.arin.net/rdap/?query=162.142.125.0 which gives me their abuse info https://about.censys.io/ which leads to https://support.censys.io/hc/en-us/articles/360043177092-Opt-Out-of-Data-Collection which allows me to "opt-out" of their abusive scanning by putting their list of subnets into my firewall block list. Regards, Lee
