Would you be so kind so as to take these Internet 101 questions onto a list like Security Basics or something more appropriate?
On Sat, 27 Sep 2003 11:05:28 -0700 Administrator <[EMAIL PROTECTED]> wrote: >After a discussion about computer security with a fairly >computer-literate friend, I was asked to perform various >vulnerability scans on his system remotely. He gave me >his IP address at the same time as I ran "netstat" >to obtain it and both came out to be the same number >but just to be sure a WHOIS was run and the IP >was listed as belonging to his ISP. An nmap >scan and an "xscan" (windows-based vulnerability scanner) >were started against this IP and port 23 was found to be open >so I attempted a TELNET and was greeted with a fairly >suprising "WARNING" message that included the real >DNS name of the computer I was scanning (which happened >to be a server belonging to his ISP). All scans were halted >immediately and both of us wrote apology letters to the ISP >explaining this mistake. > >My question is this: How could this have happened? Both >"winipcfg" in his Windows 98 system as well as his client >software told him his IP was this as well as a >"netstat /a" from my system. > >Thank you for comments, > >Alex Petrosian >[EMAIL PROTECTED] > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.netsys.com/full-disclosure-charter.html > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
