[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] IP Resolving problems with DSL user

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] IP Resolving problems with DSL user
From: "Administrator" <administrator@xxxxxxxxxxxxxxxx>
Date: Sat, 27 Sep 2003 20:05:28 +0200

After a discussion about computer security with a fairly
computer-literate friend, I was asked to perform various
vulnerability scans on his system remotely. He gave me
his IP address at the same time as I ran "netstat"
to obtain it and both came out to be the same number
but just to be sure a WHOIS was run and the IP
was listed as belonging to his ISP. An nmap
scan and an "xscan" (windows-based vulnerability scanner)
were started against this IP and port 23 was found to be open
so I attempted a TELNET and was greeted with a fairly
suprising "WARNING" message that included the real
DNS name of the computer I was scanning (which happened 
to be a server belonging to his ISP). All scans were halted
immediately and both of us wrote apology letters to the ISP
explaining this mistake.

My question is this: How could this have happened? Both 
"winipcfg" in his Windows 98 system as well as his client
software told him his IP was this as well as a 
"netstat /a" from my system.

Thank you for comments,

Alex Petrosian
administrator@xxxxxxxxxxxxxxxx

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: RE: [Full-Disclosure] CyberInsecurity: The cost of Monopoly
Next by Date: Re: [Full-Disclosure] IP Resolving problems with DSL user [sls]
Previous by thread: [Full-Disclosure] Eine Mail an Sie von paul schmehl <pauls@utdallas.edu> enthielt einen Virus!
Next by thread: Re: [Full-Disclosure] IP Resolving problems with DSL user
Index(es):
- Date
- Thread