close

Privacy guaranteed - Your email is not shared with anyone.

Who is this? Help me catch my online stalker.

Discussion in 'Tech Talk' started by 10 Ring Tao, Oct 4, 2004.

  1. 10 Ring Tao

    10 Ring Tao Red White Blue

    Messages:
    860
    Likes Received:
    0
    Joined:
    Sep 18, 2003
    Location:
    Southeast Michigan
    I've been getting harrassing messages from IP 12.167.152.126, if anyone can tell me more about it, than it is linked to mail.ericksonmail.com, I'd greatly appreciate it.

    After a bit further digging/googling, it seems ericksonmail.com is the domain email address of Erickson Retirement Communities, http://www.ericksoncommunities.com/contact .

    Maybe this person is harassing me from their work?

    Network-tools leads me to believe this IP is from texas? That would make sense as there is an Erickson community near houston.

    http://www.ericksoncommunities.com/locations.asp

    66.98.244.1 gphou-66-98-244-1.ev1.net
    66.98.240.4 gphou-66-98-240-4.ev1.net
    129.250.10.105 ge-0-1-0-50.r00.hstntx01.us.bb.verio.net
    129.250.5.42 p16-1-1-1.r21.dllstx09.us.bb.verio.net
    129.250.9.38 p16-0.att.dllstx09.us.bb.verio.net
    12.123.17.86 tbr2-p014001.dlstx.ip.att.net
    12.122.10.89 tbr2-cl6.sl9mo.ip.att.net
    12.122.9.141 tbr1-cl2.sl9mo.ip.att.net
    12.122.10.29 tbr1-cl4.wswdc.ip.att.net
    12.122.11.170 gbr5-p10.wswdc.ip.att.net
    12.123.194.65 ar1-p310.btmmd.ip.att.net
    12.126.170.54 -
    12.167.152.125 -
    Destination host unreachable

    After googling the IP, I found a few different people linked to it. Does googling the IP tell me anything?
     
  2. HerrGlock

    HerrGlock Scouts Out CLM

    Messages:
    23,801
    Likes Received:
    254
    Joined:
    Dec 28, 2000
    Be really careful here. It may not be anyone from that company at all.

    You might consider writing root@ericksonmail.com, admin@, abuse@, and tell them someone from their domain is misusing resources. Attach the log files that show the connections or attempted connections.

    Find who leases their IP addresses and send CC to the owner of the block.

    If they have been cracked, someone may just be screwing with the company via you and your mail would give the admins a head's up about it. If they're at fault, the owner comany of the IP block will want to know. Either way, don't expect to hear back from either of them, but odds are that you'll not hear from the miscreant again.

    DanH
     

  3. Anon1

    Anon1

    Messages:
    1,222
    Likes Received:
    276
    Joined:
    Aug 17, 2000
    The very last section has Tech Contact info and in the middle is abuse contact info.



    Server Used: [ whois.arin.net ]

    12.167.152.126 = [ mail.ericksonmail.com ]

    OrgName: AT&T WorldNet Services
    OrgID: ATTW
    Address: 400 Interpace Parkway
    City: Parsippany
    StateProv: NJ
    PostalCode: 07054
    Country: US
    NetRange: 12.0.0.0 - 12.255.255.255
    CIDR: 12.0.0.0/8
    NetName: ATT
    NetHandle: NET-12-0-0-0-1
    Parent:
    NetType: Direct Allocation
    NameServer: DBRU.BR.NS.ELS-GMS.ATT.NET
    NameServer: DMTU.MT.NS.ELS-GMS.ATT.NET
    NameServer: CBRU.BR.NS.ELS-GMS.ATT.NET
    NameServer: CMTU.MT.NS.ELS-GMS.ATT.NET
    Comment: For abuse issues contact abuse@att.net

    RegDate: 1983-08-23
    Updated: 2002-08-23
    TechHandle: DK71-ARIN
    TechName: Kostick Deirdre
    TechPhone: 1-919-319-8249
    TechEmail: help@ip.att.net

    OrgAbuseHandle: ATTAB-ARIN
    OrgAbuseName: ATT Abuse
    OrgAbusePhone: 1-919-319-8130
    OrgAbuseEmail: abuse@att.net

    OrgTechHandle: ICC-ARIN
    OrgTechName: IP Customer Care
    OrgTechPhone: 1-888-613-6330
    OrgTechEmail: qhoang@att.com

    OrgTechHandle: IPSWI-ARIN
    OrgTechName: IP SWIP
    OrgTechPhone: 1-888-613-6330
    OrgTechEmail: help@ip.att.net

    OrgName: ERICKSON RETIREMENT COMMUNITIES
    OrgID: ERC-26
    Address: 4395 TURKEY POINT RD
    City: NORTH EAST
    StateProv: MD
    PostalCode: 21901
    Country: US
    NetRange: 12.167.152.64 - 12.167.152.127
    CIDR: 12.167.152.64/26
    NetName: ERICKSON85-152-64
    NetHandle: NET-12-167-152-64-1
    Parent: NET-12-0-0-0-1
    NetType: Reassigned
    Comment:
    RegDate: 2003-10-31
    Updated: 2003-10-31
    OrgTechHandle: MRA10-ARIN
    OrgTechName: Rayner Martin
    OrgTechPhone: 1-410-402-2663
    OrgTechEmail: mrayner@ericksonmail.com
     
  4. NetNinja

    NetNinja Always Faithful

    Messages:
    967
    Likes Received:
    0
    Joined:
    Oct 23, 2001
    Location:
    HotLanta, GA
  5. 10 Ring Tao

    10 Ring Tao Red White Blue

    Messages:
    860
    Likes Received:
    0
    Joined:
    Sep 18, 2003
    Location:
    Southeast Michigan
  6. jarnld

    jarnld S>O>R>T

    Messages:
    163
    Likes Received:
    0
    Joined:
    Sep 5, 2004
    Location:
    Georgia
    try using whois.internic.net on telnet or going to www.whois.com and typing in the IP. Nice avatar...who is that? ;f
     
  7. 10 Ring Tao

    10 Ring Tao Red White Blue

    Messages:
    860
    Likes Received:
    0
    Joined:
    Sep 18, 2003
    Location:
    Southeast Michigan
    Thanks, I took the pic, and its my GF with the toy she wished she had (my G19).
     
  8. chevrofreak

    chevrofreak Senior Member

    Messages:
    2,696
    Likes Received:
    0
    Joined:
    Dec 27, 2001
    Location:
    Billings, Montana
    How are these messages coming? Via Windows Messenger service thingy?

    If so, the person knows your IP address. How would they know your IP address? Do you host your own website? Do you use IRC?
     
  9. Texas T

    Texas T TX expatriate CLM

    Messages:
    1,939
    Likes Received:
    6
    Joined:
    Jan 25, 2000
    Location:
    Aridzona
    Of course, that is assuming that root isn't the one sending the messages to begin with. ;)
     
  10. HerrGlock

    HerrGlock Scouts Out CLM

    Messages:
    23,801
    Likes Received:
    254
    Joined:
    Dec 28, 2000
    That's why writing the owner of the IP block as well. If root's innocent, it tells them their machine may be compromised, if root's not, then it tells him you're onto him and the owners of the IP can bring pressure to make it right with the threat of yanking the IP.

    DanH