Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- how to find GoToMyPC's network
September 21, 2006, 2:45 am
rate this thread
I am trying to stop unauthorized traffic to and from GoToMyPC (and
of others). How to I figure out GoToMyPC's network for my iptables
"-d xxx.xxx.xxx.0/24" entry? (...0/24 may not always be the case,
on subnet mask.)
I can get a particuar IP with "hostgotomypc.com" (220.127.116.11)
that only gives me one address. I what to block their entire domain,
poll.gotomypc.com (18.104.22.168). Somehow I think that
"-d 22.214.171.124/24" would be overkill and may actually block some
Is there some network command that will tell me this? (Then I can
grep, sed, and awk my heart out!)
Re: how to find GoToMyPC's network
Well, a 'whois' on the domain returns
5385 Hollister Ave
Santa Barbara, CA 93111
Domain Name: GOTOMYPC.COM
and then asking about the address at ARIN, I find
Internap Network Services PNAP-06-2001 (NET-66-150-0-0-1)
126.96.36.199 - 188.8.131.52
Expertcity PNAP-SJE-EXPERT-RM-02 (NET-66-151-158-0-1)
184.108.40.206 - 220.127.116.11
and asking about 'NET-66-151-158-0-1' does indeed return the same
postal address information.
I can't say - we're blocking the /15, and none of my users are complaining
about missing anything - YMMV. Looking at
http://www.TQMcube.com/rblcheck.htm , 18.104.22.168/24 doesn't appear to be
listed directly, but if you google for specific address ranges in the
newsgroups "news.admin.net-abuse.*" you'll probably turn up some hints
about who "owns" an address range, and any problems others are reporting.
Most distributions come with a 'whois' tool - there are quite a number of
them. Try 'locate whois' and see if one is installed on your system.
Some RFCs to look at:
1834 Whois and Network Information Lookup Service, Whois++. J.
Gargano, K. Weiss. August 1995. (Format: TXT=14429 bytes) (Status:
2167 Referral Whois (RWhois) Protocol V1.5. S. Williamson, M. Kosters,
D. Blacka, J. Singh, K. Zeilstra. June 1997. (Format: TXT=136355
bytes) (Obsoletes RFC1714) (Status: INFORMATIONAL)
3912 WHOIS Protocol Specification. L. Daigle. September 2004. (Format:
TXT=7770 bytes) (Obsoletes RFC0954, RFC0812) (Status: DRAFT STANDARD)
The major problem is knowing who to ask. For IP addresses, you would start
with the five Regional Internet Registry (AFRINIC, APNIC, ARIN, LACNIC, and
RIPE). See http://www.iana.org/assignments/ipv4-address-space to get a clue
as to which to ask. They _might_ refer you to other registrars, or they
might refer you to a 'rwhois' server.
For domain names, it's a LOT more complicated. ISO-3166 (two letter country
code) domains can often be found using the five RIRs. Dot coms/net/org/edu
(meaning .com, .net, and so on) should start at IANA, which will identify
the whois server of the domain registrar to contact. .org, .info, .biz, and
the like are much more fun.
[compton ~]$ grep -v '^[A-Z][A-Z] ' domains | column
AERO BIZ COM EDU INFO JOBS MOBI NAME ORG TRAVEL
ARPA CAT COOP GOV INT MIL MUSEUM NET PRO
http://www.iana.org/gtld/gtld.htm provides a miniscule more information on
these domains, and what they are used for.
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security