Full Disclosure mailing list archives
IP Resolving problems with DSL user
From: "Administrator" <administrator () maginetworks com>
Date: Sat, 27 Sep 2003 20:05:28 +0200
After a discussion about computer security with a fairly computer-literate friend, I was asked to perform various vulnerability scans on his system remotely. He gave me his IP address at the same time as I ran "netstat" to obtain it and both came out to be the same number but just to be sure a WHOIS was run and the IP was listed as belonging to his ISP. An nmap scan and an "xscan" (windows-based vulnerability scanner) were started against this IP and port 23 was found to be open so I attempted a TELNET and was greeted with a fairly suprising "WARNING" message that included the real DNS name of the computer I was scanning (which happened to be a server belonging to his ISP). All scans were halted immediately and both of us wrote apology letters to the ISP explaining this mistake. My question is this: How could this have happened? Both "winipcfg" in his Windows 98 system as well as his client software told him his IP was this as well as a "netstat /a" from my system. Thank you for comments, Alex Petrosian administrator () maginetworks com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- IP Resolving problems with DSL user Administrator (Sep 27)
- <Possible follow-ups>
- Re: IP Resolving problems with DSL user kernelclue (Sep 27)