Re: [klurt@3phase.org: Re: Party with porn stars]

[TheBong Pipe]

In sostanza, una serie di procedre atte a raccogliere informazioni su un 
host usato per fare relay di spam.
lo scrittore ha usato:

whois per determinare il dominio da cui l'host proveniva
nmap -sX -O -v per capire che host era.
Ha poi concluso con tristezza che lo spam era di provenienza di una box 
FreeBSD....

Non mi pare c'entri molto con debian-laptop....

relay for spam....
geez.. what a waste of a good FreeBSD box..
@debian:~$ whois 64.38.226.213
CWIE LLC (NETBLK-CWIE-BLK-1)
   1125 E Glendale AVE
   Phoenix, AZ 85020
   US
   Netname: CWIE-BLK-1
   Netblock: 64.38.192.0 - 64.38.255.255
   Maintainer: CWIE
   Coordinator:
      Cadwell, Ron  (RC622-ARIN)  [EMAIL PROTECTED]
      602-248-4963
   Domain System inverse mapping provided by:
   NS1.CWIE.NET                 64.38.192.10
   NS2.CWIE.NET                 64.38.192.11
   NS3.CWIE.NET                 64.38.192.12
   NS4.CWIE.NET                 64.38.192.13
   ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
   Record last updated on 15-Nov-2000.
   Database last updated on  20-Dec-2001 19:55:42 EDT.
@debian:~$ sudo nmap -sX -O -v 64.38.226.213
Password:
Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
Host mkmm.cavecreek.net (64.38.226.213) appears to be up ... good.
Initiating XMAS Scan against mkmm.cavecreek.net (64.38.226.213)
The XMAS Scan took 29 seconds to scan 1549 ports.
Adding open port 80/tcp
Adding open port 21/tcp
Adding open port 22/tcp
Adding open port 25/tcp
Adding open port 23/tcp
Adding open port 3306/tcp
Adding open port 111/tcp
For OSScan assuming that port 21 is open and port 1 is closed and neither 
are
firewalled
Interesting ports on mkmm.cavecreek.net (64.38.226.213):
(The 1542 ports scanned but not shown below are in state: closed)
Port       State       Service
21/tcp     open        ftp
22/tcp     open        ssh
23/tcp     open        telnet
25/tcp     open        smtp
80/tcp     open        http
111/tcp    open        sunrpc
3306/tcp   open        mysql

Remote operating system guess: FreeBSD 4.3 - 4.4PRERELEASE
Uptime 63.265 days (since Thu Oct 18 22:07:59 2001)
TCP Sequence Prediction: Class=truly random
                         Difficulty=9999999 (Good luck!)
IPID Sequence Generation: Busy server or unknown class


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.