This stuff strikes me as obvious enough - as a sysadmin I would expect a lot of this is fairly logical proceedure for dealing with network abuse. Ever heard of whois? Try browsing www.arin.net to start with. If the whois results are only what you quoted below, you can also perform a whos on the results as they are in the brackets and get further information (eg whois -h whois.arin.net NET-148-210-0-0-1) You have a domain? abuse(a)domain, postmaster(a)domain are good starting points. You could also whois the domain and obtain contact details. Whois via IP or domain will generally generate contact details including name, address and telephone. Mark. At 12:41 p.m. 17/10/2002 +1300, you wrote:

Hi there guys,

Hope you can possibly help. I have a situation where a member using a yahoo email account has located a credit card list and is utilizing it on our website. The person has used over 200 credit card numbers and many have been successful.

I have log's of IP addresses and traced it to the following IP block owner.

Instituto Tecnologico y de Estudios Superiores de Monterrey REDMEX-BNETS (NET-148-203-0-0-1) 148.203.0.0 - 148.250.255.255 Universidad Autonoma De Ciudad Juarez UACJ (NET-148-210-0-0-1) 148.210.0.0 - 148.210.255.255

Some of the IP addresses are as follows: 148.210.126.238 148.210.126.228 146.210.116.193

Doing a traceroute only gave me their ISP's uplink reverse, AT&T. How can I get in touch with this ISP to ensure this person is caught.

Kindest Regards Barry Murphy Systems Administrator http://www.cashevolution.com/http://www.cashevolution.com

- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog