Forum Moderators: DixonJones
Rule "Default Block NetBus Trojan horse" blocked (203.248.234.16,NetBus(12345)).
Inbound TCP connection.
Local address,service is (YOUR-6BVPXYZTOQ(12.77.187.122),NetBus(12345)).
Remote address,service is (203.248.234.16,28913).
Process name is "N/A".
Is it possible for me to trace this to a state or to the provider this person is using?
I am new to this and could use your help in a big way.
Thanks a Bunch.
inetnum: 203.248.128.0 - 203.248.255.255
netname: BORANET-NET-203-248-128
descr: DACOM Corp.
descr: Facility-based Telecommunication Service Provider
descr: providing Internet leased-ine, on-line service, BLL etc.
country: KR
admin-c: DB50-AP
tech-c: DB50-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-KR-DACOM
changed: hm-changed@apnic.net 20021025
status: ALLOCATED PORTABLE
source: APNIC
role: DACOM BORANET
address: DACOM Bldg., 706-1, Yoeksam-dong, Kangnam-ku, Seoul
country: KR
phone: +82-2-2089-7755
fax-no: +82-2-2089-0706
e-mail: ipadm@nic.bora.net
e-mail: abuse@bora.net
e-mail: security@bora.net
admin-c: EC115-AP
tech-c: SIJ1-AP
nic-hdl: DB50-AP
mnt-by: MAINT-KR-DACOM
remarks: IP address administrator group of NIC team, DACOM Corp.
remarks: If related with spam, send mail to abuse@bora.net
remarks: If related with security, send mail to security@bora.net
remarks: Only for whois information correction, send mail to ipadm@nic.bora.net
changed: jeonsi@bora.net 20041105
source: APNIC
