[Fwd: Re: [SWLUG] How I deal with Bank phishing]
Steve Anderson
steve at twindx.com
Wed Dec 14 17:21:09 UTC 2005
Neil Jones wrote:
> Of course that is an obvious thing to do but these guys have got it
> worked so they get the info before they get shut down. They know they're
> going to get reported. Quite often anyway they are running sites with no
> domain name and only and IP address which is a bit more difficult to
> trace down with absolute certainty.
Um, am I missing something? Running whois from a shell will tell you who
the IP block is registered to. There's an element of certainty there,
surely?
Try whois-ing an IP address like, ooh, 82.68.12.142 and there's my name
there together with all my ISP's contact details.
Steve
More information about the Swlug
mailing list