FYI, these are the IP's I've collected to date that are in the NZ domain, some of these will be on dynamic dialup accounts, if you would like the actual log entries which should include times they were online let me know, i'll probably clear off the log files and restart the collection at a later date as the time on the server was out by an hour <self fwap>
Date: Sat, 11 Aug 2001 18:57:54 +1200 From: root
To: steve(a)nz.asiaonline.net Subject: Code red infected customers Code Red Infected customers on our network trying to infect remote sites..
202.154.128.18 : 18.128.154.202.IN-ADDR.ARPA domain name pointer ak-d18.connections.net.nz 202.180.111.174 : 174.111.180.202.IN-ADDR.ARPA domain name pointer 202-180-111-174.nas3.chc.attica.net.nz 202.180.111.18 : 18.111.180.202.IN-ADDR.ARPA domain name pointer 202-180-111-18.nas3.chc.attica.net.nz 202.180.111.77 : 77.111.180.202.IN-ADDR.ARPA domain name pointer 202-180-111-77.nas3.chc.attica.net.nz 202.180.111.95 : 95.111.180.202.IN-ADDR.ARPA domain name pointer 202-180-111-95.nas3.chc.attica.net.nz 202.180.68.127 : 127.68.180.202.IN-ADDR.ARPA domain name pointer 202-180-68-127.nas1.wgn.attica.net.nz 202.180.68.40 : 40.68.180.202.IN-ADDR.ARPA domain name pointer 202-180-68-40.nas1.wgn.attica.net.nz 202.180.69.248 : 248.69.180.202.IN-ADDR.ARPA domain name pointer 202-180-69-248.ipn1.attica.net.nz 202.180.71.36 : 36.71.180.202.IN-ADDR.ARPA domain name pointer 202-180-71-36.nas4.akl.attica.net.nz 202.180.90.163 : 163.90.180.202.IN-ADDR.ARPA domain name pointer 202-180-90-163.nas7.akl.attica.net.nz 202.37.167.38 : 38.167.37.202.IN-ADDR.ARPA domain name pointer nwp-38.world-net.co.nz 202.37.68.193 : 193.68.37.202.IN-ADDR.ARPA domain name pointer nw3-193.world-net.co.nz 202.49.144.221 : 221.144.49.202.IN-ADDR.ARPA domain name pointer storefrontmail.viatx.com 202.49.144.225 : 225.144.49.202.IN-ADDR.ARPA domain name pointer stage.viatx.com 202.50.111.114 : 202.50.111.91 : 202.50.111.97 : 203.109.193.163 : 163.193.109.203.IN-ADDR.ARPA domain name pointer 203-109-193-163.ihug.net 203.109.203.103 : 103.203.109.203.IN-ADDR.ARPA domain name pointer 203-109-203-103.nzl.ihugultra.co.nz 203.167.132.64 : 64.132.167.203.IN-ADDR.ARPA domain name pointer 203-167-132-64.dialup.clear.net.nz 203.167.161.144 : 144.161.167.203.IN-ADDR.ARPA domain name pointer 203-167-161-144.dialup.clear.net.nz 203.167.164.208 : 208.164.167.203.IN-ADDR.ARPA domain name pointer 203-167-164-208.dialup.clear.net.nz 203.167.166.71 : 71.166.167.203.IN-ADDR.ARPA domain name pointer 203-167-166-71.dialup.clear.net.nz 203.167.171.155 : 155.171.167.203.IN-ADDR.ARPA domain name pointer 203-167-171-155.dialup.clear.net.nz 203.167.214.50 : 203.167.247.214 : 214.247.167.203.IN-ADDR.ARPA domain name pointer cf4-acld.auckland.clix.net.nz 203.167.254.136 : 136.254.167.203.IN-ADDR.ARPA domain name pointer napr-m36.dialup.inhb.co.nz 203.79.102.72 : 72.102.79.203.IN-ADDR.ARPA domain name pointer 203-79-102-72.tnt14.paradise.net.nz 203.79.103.179 : 179.103.79.203.IN-ADDR.ARPA domain name pointer 203-79-103-179.tnt14.paradise.net.nz 203.96.106.59 : 59.106.96.203.IN-ADDR.ARPA domain name pointer 203-96-106-59.dialup.xtra.co.nz 203.96.110.172 : 172.110.96.203.IN-ADDR.ARPA domain name pointer 203-96-110-172.dialup.xtra.co.nz 203.96.110.66 : 66.110.96.203.IN-ADDR.ARPA domain name pointer 203-96-110-66.dialup.xtra.co.nz 203.96.62.201 : 201.62.96.203.IN-ADDR.ARPA domain name pointer 203-96-62-201-tollfree.actrix.co.nz 203.96.62.53 : 53.62.96.203.IN-ADDR.ARPA domain name pointer 203-96-62-53-tollfree.actrix.co.nz 203.97.85.108 : 108.85.97.203.IN-ADDR.ARPA domain name pointer a004-m001-u108.chch.clear.net.nz 210.48.102.170 : 170.102.48.210.IN-ADDR.ARPA domain name pointer ip-210-48-102-170.iconz.net.nz 210.48.103.150 : 150.103.48.210.IN-ADDR.ARPA domain name pointer ip-210-48-103-150.iconz.net.nz 210.48.103.4 : 4.103.48.210.IN-ADDR.ARPA domain name pointer ip-210-48-103-4.iconz.net.nz 210.48.81.19 : 19.81.48.210.IN-ADDR.ARPA domain name pointer p19.pool1.staticadsl.iconz.net.nz 210.54.121.65 : 65.121.54.210.IN-ADDR.ARPA domain name pointer 210-54-121-65.adsl.xtra.co.nz 210.54.199.115 : 115.199.54.210.IN-ADDR.ARPA domain name pointer 210-54-199-115.dialup.xtra.co.nz 210.54.201.186 : 186.201.54.210.IN-ADDR.ARPA domain name pointer 210-54-201-186.dialup.xtra.co.nz 210.54.201.49 : 49.201.54.210.IN-ADDR.ARPA domain name pointer 210-54-201-49.dialup.xtra.co.nz 210.54.217.216 : 216.217.54.210.IN-ADDR.ARPA domain name pointer ppp-15.satlan.co.nz 210.54.221.186 : 186.221.54.210.IN-ADDR.ARPA domain name pointer 210-54-221-186.ipnets.xtra.co.nz 210.54.221.194 : 194.221.54.210.IN-ADDR.ARPA domain name pointer 210-54-221-194.ipnets.xtra.co.nz 210.54.224.235 : 235.224.54.210.IN-ADDR.ARPA domain name pointer 210-54-224-235.adsl.xtra.co.nz 210.54.229.174 : 174.229.54.210.IN-ADDR.ARPA domain name pointer 210-54-229-174.dialup.xtra.co.nz 210.54.233.174 : 174.233.54.210.IN-ADDR.ARPA domain name pointer 210-54-233-174.adsl.xtra.co.nz 210.54.242.194 : 194.242.54.210.IN-ADDR.ARPA domain name pointer 210-54-242-194.adsl.xtra.co.nz 210.54.247.251 : 251.247.54.210.IN-ADDR.ARPA domain name pointer smtp.carolineeve.co.nz 210.54.254.97 : 97.254.54.210.IN-ADDR.ARPA domain name pointer 210-54-254-97.adsl.xtra.co.nz 210.54.76.237 : 237.76.54.210.IN-ADDR.ARPA domain name pointer 210-54-76-237.dialup.xtra.co.nz 210.54.77.98 : 98.77.54.210.IN-ADDR.ARPA domain name pointer 210-54-77-98.dialup.xtra.co.nz 210.54.80.49 : 49.80.54.210.IN-ADDR.ARPA domain name pointer 210-54-80-49.adsl.xtra.co.nz 210.54.80.78 : 78.80.54.210.IN-ADDR.ARPA domain name pointer 210-54-80-78.adsl.xtra.co.nz 210.54.8.148 : 210.54.83.179 : 179.83.54.210.IN-ADDR.ARPA domain name pointer 210-54-83-179.adsl.xtra.co.nz 210.54.84.137 : 137.84.54.210.IN-ADDR.ARPA domain name pointer 210-54-84-137.adsl.xtra.co.nz 210.54.84.211 : 211.84.54.210.IN-ADDR.ARPA domain name pointer 210-54-84-211.adsl.xtra.co.nz 210.54.89.14 : 14.89.54.210.IN-ADDR.ARPA domain name pointer smtp.insteplimited.com 14.89.54.210.IN-ADDR.ARPA domain name pointer smtp.hanmerinstitute.com 210.54.98.43 : 43.98.54.210.IN-ADDR.ARPA domain name pointer 210-54-98-43.dialup.xtra.co.nz 210.54.99.167 : 167.99.54.210.IN-ADDR.ARPA domain name pointer 210-54-99-167.dialup.xtra.co.nz 210.55.103.213 : 213.103.55.210.IN-ADDR.ARPA domain name pointer port55-103-213.jetstart.win.co.nz 210.55.106.10 : 10.106.55.210.IN-ADDR.ARPA domain name pointer ip210-55-106-10.ip.maxnet.co.nz 210.55.106.136 : 136.106.55.210.IN-ADDR.ARPA domain name pointer ip210-55-106-136.ip.maxnet.co.nz 210.55.123.35 : 35.123.55.210.IN-ADDR.ARPA domain name pointer 210-55-123-35.dialup.xtra.co.nz 210.55.146.39 : 39.146.55.210.IN-ADDR.ARPA domain name pointer 210-55-146-39.dialup.xtra.co.nz 210.55.146.83 : 83.146.55.210.IN-ADDR.ARPA domain name pointer 210-55-146-83.dialup.xtra.co.nz 210.55.159.221 : 221.159.55.210.IN-ADDR.ARPA domain name pointer 210-55-159-221.ipnets.xtra.co.nz 210.55.159.222 : 222.159.55.210.IN-ADDR.ARPA domain name pointer 210-55-159-222.ipnets.xtra.co.nz 210.55.178.166 : 166.178.55.210.IN-ADDR.ARPA domain name pointer 210-55-178-166.dialup.xtra.co.nz 210.55.228.173 : 173.228.55.210.IN-ADDR.ARPA domain name pointer adsl-173.world-net.co.nz 210.55.57.45 : 45.57.55.210.IN-ADDR.ARPA domain name pointer 210-55-57-45.adsl.xtra.co.nz 210.55.9.105 : 210.86.24.203 : 203.24.86.210.IN-ADDR.ARPA domain name pointer 210-86-24-203.adsl.xtra.co.nz 210.86.24.254 : 254.24.86.210.IN-ADDR.ARPA domain name pointer 210-86-24-254.adsl.xtra.co.nz 210.86.25.142 : 142.25.86.210.IN-ADDR.ARPA domain name pointer 210-86-25-142.adsl.xtra.co.nz
Total customers Code Red infected so far counted at : 79
-- Steve Systems Admin, Asia Online (NZ) --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog