8. Internet Service Provider

Im vorerst letzten Schritt kontaktet man den ISP über die in dem "org"-Handle hinterlegten Erreichbarkeiten.

GNU/Linux (1/2)

$ whois -T aut-num AS8560
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to 'AS8560'

% Abuse contact for 'AS8560' is 'abuse@oneandone.net'

aut-num: AS8560
as-name: ONEANDONE-AS
descr: Brauerstrasse 48
descr: D-76135 Karlsruhe
descr: Germany

[...]
[... Lots of lines with import/export removed...]
[...]

remarks: ************************************************
remarks: Filtering:
remarks: prefixes with prefixlength > /24 are filtered
remarks: prefixes of IXes + more specifics are filtered
remarks: prefixes of AS8560 + more specifics are filtered
remarks: **********************************************************
remarks: Contact informations:
remarks: peering requests : peering(at)1und1.de
remarks: routing/performance issues : noc(at)1und1.de
remarks: network-abuse issues : net-abuse(at)1und1.de
remarks: mail-/web-abuse issues : abuse(at)1und1.de
remarks: **********************************************************
org: ORG-SA12-RIPE
admin-c: IPAD-RIPE
tech-c: IPOP-RIPE
status: ASSIGNED
mnt-by: RIPE-NCC-END-MNT
mnt-by: AS8560-MNT
created: 2002-08-16T18:29:00Z
last-modified: 2018-01-16T09:16:15Z
source: RIPE # Filtered

organisation: ORG-SA12-RIPE
org-name: 1&1 Internet SE
org-type: LIR
address: Brauerstra�e 48
address: 76135
address: Karlsruhe
address: GERMANY
phone: +49 721 91374 0
fax-no: +49 721 91374 212
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: AS8560-MNT
mnt-ref: SCHLUND-MNT
mnt-by: RIPE-NCC-HM-MNT
mnt-by: AS8560-MNT
admin-c: JR2342-RIPE
admin-c: IPAD-RIPE
admin-c: RME9-RIPE
admin-c: JD8719-RIPE
abuse-c: ABDE2-RIPE
created: 2004-04-17T11:11:55Z
last-modified: 2016-12-02T16:53:23Z
source: RIPE # Filtered

role: IP Administration
address: 1&1 Internet SE
admin-c: RME9-RIPE
admin-c: JR2342-RIPE
tech-c: RME9-RIPE
tech-c: JR2342-RIPE
nic-hdl: IPAD-RIPE
abuse-mailbox: abuse@oneandone.net
mnt-by: AS8560-MNT
created: 2009-05-20T17:24:09Z
last-modified: 2018-12-14T16:09:07Z
source: RIPE # Filtered

role: IP Operations
address: 1&1 Internet AG
admin-c: RME9-RIPE
admin-c: JR2342-RIPE
tech-c: RME9-RIPE
tech-c: JR2342-RIPE
nic-hdl: IPOP-RIPE
abuse-mailbox: abuse@oneandone.net
mnt-by: AS8560-MNT
created: 2009-05-28T16:25:04Z
last-modified: 2018-12-14T16:09:08Z
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.93.2 (ANGUS)

GNU/Linux (2/2)

$ whois -T organisation ORG-SA12-RIPE
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to 'ORG-SA12-RIPE'

organisation: ORG-SA12-RIPE
org-name: 1&1 Internet SE
org-type: LIR
address: Brauerstra�e 48
address: 76135
address: Karlsruhe
address: GERMANY
phone: +49 721 91374 0
fax-no: +49 721 91374 212
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: AS8560-MNT
mnt-ref: SCHLUND-MNT
mnt-by: RIPE-NCC-HM-MNT
mnt-by: AS8560-MNT
admin-c: JR2342-RIPE
admin-c: IPAD-RIPE
admin-c: RME9-RIPE
admin-c: JD8719-RIPE
abuse-c: ABDE2-RIPE
created: 2004-04-17T11:11:55Z
last-modified: 2016-12-02T16:53:23Z
source: RIPE # Filtered

role: IP Administration
address: 1&1 Internet SE
admin-c: RME9-RIPE
admin-c: JR2342-RIPE
tech-c: RME9-RIPE
tech-c: JR2342-RIPE
nic-hdl: IPAD-RIPE
abuse-mailbox: abuse@oneandone.net
mnt-by: AS8560-MNT
created: 2009-05-20T17:24:09Z
last-modified: 2018-12-14T16:09:07Z
source: RIPE # Filtered

person: Joerg Dulz
address: 1&1 Internet SE
address: Brauerstr. 48
address: D-76135 Karlsruhe
address: Germany
phone: +49 721 91374 6173
nic-hdl: JD8719-RIPE
mnt-by: AS8560-MNT
created: 2016-03-17T09:47:47Z
last-modified: 2017-10-30T23:10:32Z
source: RIPE # Filtered

person: Jan Rischmueller
address: 1&1 Internet SE
address: Brauerstr. 48
address: D-76135 Karlsruhe
address: Germany
phone: +49 721 91374 4685
nic-hdl: JR2342-RIPE
mnt-by: AS8560-MNT
created: 2005-01-25T13:50:09Z
last-modified: 2017-10-30T21:46:35Z
source: RIPE # Filtered

person: Roman Meyer
address: 1&1 Internet SE
address: Brauerstr. 48
address: D-76135 Karlsruhe
phone: +49 721 91374 0
nic-hdl: RME9-RIPE
mnt-by: AS8560-MNT
created: 2009-05-14T15:14:14Z
last-modified: 2017-10-30T22:05:36Z
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.93.2 (WAGYU)

Web-Whois

RIPE NCC - ASN

Nachdem man einen konkreten Ansprechpartner genannt bekommen hat, geht es an die Kunden-, Vertrags- und Produktdaten.

In diesem Zusammenhang sollten auch Zahlungsdaten (z. B. Kreditkartennummer) erfragt werden!

Wenn bereits beim DNR falsche Angaben gemacht wurden, wird es hier nicht anders sein!

Allerdings sollte der ISP physikalischen Zugang zum Server haben und entsprechende Daten gerichtsverwertbar sichern können.

Achtung Schleudergefahr Dank MaxMind gibt es auch hier die Möglichkeit, bestimmte ISP über die ASN rauszufiltern. (Für mehr Details bitte klicken!)

$ readonly ASN="AS3320"
$ while read IP ; do
    if /usr/bin/geoiplookup "${IP}" \
    | /bin/grep --fixed-strings "GeoIP ASNum Edition: ${ASN}" \
    > /dev/null 2>&1 ; then
       /usr/bin/printf "${IP}\n"
    fi
  done < ipliste.txt
2.163.27.10
79.210.217.243
79.211.37.154
79.211.37.31
79.211.37.63
79.211.38.145
79.211.38.193
79.211.39.232
79.247.224.12
80.136.31.113
[...]

(Hierbei möchte ich als Ergänzung auf "mein" Shell-Skript "geoipfilter" verweisen!)

weiter