[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] IP Resolving problems with DSL user
- To: full-disclosure@xxxxxxxxxxxxxxxx, administrator@xxxxxxxxxxxxxxxx
- Subject: Re: [Full-Disclosure] IP Resolving problems with DSL user
- From: <kernelclue@xxxxxxxxxxxx>
- Date: Sat, 27 Sep 2003 12:13:07 -0700
Would you be so kind so as to take these Internet 101 questions onto
a list like Security Basics or something more appropriate?
On Sat, 27 Sep 2003 11:05:28 -0700 Administrator
<administrator@xxxxxxxxxxxxxxxx>
wrote:
>After a discussion about computer security with a fairly
>computer-literate friend, I was asked to perform various
>vulnerability scans on his system remotely. He gave me
>his IP address at the same time as I ran "netstat"
>to obtain it and both came out to be the same number
>but just to be sure a WHOIS was run and the IP
>was listed as belonging to his ISP. An nmap
>scan and an "xscan" (windows-based vulnerability scanner)
>were started against this IP and port 23 was found to be open
>so I attempted a TELNET and was greeted with a fairly
>suprising "WARNING" message that included the real
>DNS name of the computer I was scanning (which happened
>to be a server belonging to his ISP). All scans were halted
>immediately and both of us wrote apology letters to the ISP
>explaining this mistake.
>
>My question is this: How could this have happened? Both
>"winipcfg" in his Windows 98 system as well as his client
>software told him his IP was this as well as a
>"netstat /a" from my system.
>
>Thank you for comments,
>
>Alex Petrosian
>administrator@xxxxxxxxxxxxxxxx
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html