24.0.0.0/8 is the block of addresses reserved for cable modem and such use. It's assigned by ARIN (?) in largeish blocks to ISPs.
dnsalias.org is a well known redirector - you get a name, e.g. clarindion.dnsalias.org and it resolves to whatever dynamic address you have at the time. Given nmap is showing the port closed, I'm guessing ntop is down, vs. a bad address. They probably brought it up for the demo and then shut it down. Be aware that using nmap on a host without permission may be a violation of the TOS of YOUR isp. -----Burton -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Arnt Karlsen Sent: Tuesday, January 21, 2003 4:23 PM To: [EMAIL PROTECTED] Subject: Re: [Ntop] Possible GPL infrigment On Tue, 21 Jan 2003 16:19:47 -0500, "efarah" <[EMAIL PROTECTED]> wrote in message <[EMAIL PROTECTED]>: > I couldn't access their demo website > http://claridion.dnsalias.com:3000 may be they block certain IPs or > they are aware of the publicity they are getting now and they disable > the site. > > E. Farah ...'mnap -sT -O -P0 -I 24.201.235.16' returned: Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) Insufficient responses for TCP sequencing (1), OS detection may be less accurate Insufficient responses for TCP sequencing (0), OS detection may be less accurate Interesting ports on modemcable016.235-201-24.mtl.mc.videotron.ca (24.201.235.16):(The 1597 ports scanned but not shown below are in state: filtered) Port State Service Owner 80/tcp open http 113/tcp closed auth 3000/tcp closed ppp 8080/tcp closed http-proxy No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi). TCP/IP fingerprint: SInfo(V=3.00%P=i686-pc-linux-gnu%D=1/21%Time=3E2DC26C%O=80%C=113) TSeq(Class=RI%gcd=1%SI=283C28%IPID=Z%TS=100HZ) T1(Resp=N) T1(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW) T2(Resp=N) T2(Resp=N) T3(Resp=N) T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW) T4(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=) T4(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=400%ACK=S++%Flags=AR%Ops=) T5(Resp=Y%DF=N%W=400%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=400%ACK=S%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=400%ACK=S%Flags=AR%Ops=) T7(Resp=Y%DF=N%W=400%ACK=S++%Flags=AR%Ops=) T7(Resp=Y%DF=N%W=400%ACK=S++%Flags=AR%Ops=) PU(Resp=N) PU(Resp=N) Nmap run completed -- 1 IP address (1 host up) scanned in 490 seconds ..24.201.235.16 came from 'dig claridion.dnsalias.com'. -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop
