ok, after some more research, this is what I came up with...
So, the original address that the "hacker" used when connecting via FTP was
host213-122-59-207.in-addr.btopenworld.com
So, extract the IP from that, we get 213.122.59.207
Since the IPs are logged in the forum, I extracted everything that falls under the 213.122.xxx.xxx range (which I believe Brittish Telecom certainly has) and I got a very interesting result. No names yet, since it could be a mistake, but there IS a person on this forum who uses the 213.122 range repeatedly. :?
Now, a lot of people certainly connect via BT so its too much of a wild guess to be certain. Perhaps its just a coincidence. I'll keep you informed
|