microsoft please contact me off list

Thomas_P_Galla · March 12, 2009, 7:23pm

Can a person in charge contact me off list

mail:~ $ whois -h whois.arin.net 131.107.65.41

OrgName: Microsoft Corp
OrgID: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US

NetRange: 131.107.0.0 - 131.107.255.255
CIDR: 131.107.0.0/16
NetName: MICROSOFT
NetHandle: NET-131-107-0-0-1
Parent: NET-131-0-0-0-0
NetType: Direct Assignment
NameServer: NS1.MSFT.NET
NameServer: NS5.MSFT.NET
NameServer: NS2.MSFT.NET
NameServer: NS3.MSFT.NET
NameServer: NS4.MSFT.NET
Comment:
RegDate: 1988-11-11
Updated: 2004-12-09

RTechHandle: ZM39-ARIN
RTechName: Microsoft
RTechPhone: +1-425-882-8080
RTechEmail: noc@microsoft.com

OrgAbuseHandle: ABUSE231-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@msn.com

OrgAbuseHandle: HOTMA-ARIN
OrgAbuseName: Hotmail Abuse
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@hotmail.com

OrgAbuseHandle: MSNAB-ARIN
OrgAbuseName: MSN ABUSE
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@msn.com

OrgNOCHandle: ZM23-ARIN
OrgNOCName: Microsoft Corporation
OrgNOCPhone: +1-425-882-8080
OrgNOCEmail: noc@microsoft.com

OrgTechHandle: MSFTP-ARIN
OrgTechName: MSFT-POC
OrgTechPhone: +1-425-882-8080
OrgTechEmail: iprrms@microsoft.com

# ARIN WHOIS database, last updated 2009-03-11 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
mail:~ $ whois -h whois.arin.net 131.107.65.41

Thomas P Galla
tpg@bluegrass.net
BluegrassNet
Voice (502) 589.INET [4638]
Fax 502-315-0581
321 East Breckinridge St
Louisville KY 40203

Thomas_P_Galla · March 12, 2009, 7:35pm

Sorry I am getting dos attacked from below and it would be nice if microsoft working abuse ph# or noc# or a name ?

Thomas P Galla
tpg@bluegrass.net
BluegrassNet
Voice (502) 589.INET [4638]
Fax 502-315-0581
321 East Breckinridge St
Louisville KY 40203

Charles_N_Wyble3 · March 12, 2009, 7:40pm

You are getting dossed from a Microsoft network range? Really? Perhaps they got bit by a worm targeting windows systems?

Thomas P. Galla wrote:

chris.ranch · March 12, 2009, 7:54pm

More likely spoofed sources.

Good luck.

Joey_Boyer · March 12, 2009, 8:00pm

He's gonna need it!

Charles_N_Wyble3 · March 12, 2009, 8:11pm

Yes I agree. I forgot to do the *raises an incredulous eyebrow* bit.

By the way.... try calling that number and reaching an operator then asking for the NOC.

Valdis_Kletnieks · March 12, 2009, 8:14pm

You mean like this?

http://www.theregister.co.uk/2001/07/20/code_red_bug_hits_microsoft/

(To be fair, screw-ups happen at *all* vendors eventually - the RedHat/Fedora
crew had a small "whoops!" with the system that digitally signs their RPM
packages a while ago. Just proves that security is harder to get right than
a lot of people think...)

Jeff_Shultz2 · March 12, 2009, 9:16pm

In our case we didn't bother with where it was coming from - our router guy figured out where it was going to - and had that IP shut down a couple levels away from us.

Thomas P. Galla wrote:

Thomas_P_Galla · March 12, 2009, 10:24pm

Here is what I got back.... OBTW thanx

Thomas

Charles_N_Wyble3 · March 12, 2009, 10:36pm

What were the traffic characteristics that lead you to believe you were under a DDOS attack?

Thomas P. Galla wrote: