RE: Anyone know this ?

["Kevin" <kevin () kevincomputers com sg>]

It is a FTP server, running on a non-standard port to avoid detection.

Pubstro is a term used by warez. You might have stepped into a FTP
server used to host illegal contents, might be intentional or
unintentional.

You might wanna read this http://www.esec.dk/pubstro.pdf


Kevin, Singapore.

-----Original Message-----
From: tester pen [mailto:apentester () yahoo com cn] 
Sent: Friday, March 19, 2004 3:37 PM
To: pen-test () securityfocus com
Subject: Anyone know this ?

hi,all.
when i'm doing a pen-test on a win2k server box,i
found a port TCP 282 
is open,and when i try to telnet it,the response is
below:
 
220-welcome to this capricorn pubstro!
220-...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::..
.:::...:
::...:
220-..::
220-..::  Welcome @ This
220-..::
220-..::  Capricorn PubStro
220-..::
220-..::  3njoy
220-..::
220-...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::..
.:::...:
::...:
220-..::
220-..::  Rulez:
220-..::  Dont Hammer
220-..::  Dont ReHack
220-..::  Dont Scan This IP Range
220-..::  Dont Delete
220-..::  No Lame One-Word Relies
220-..::  Dont RePost Or Give Infos - That Makes You A
Lamer
220-..::  Have Fun
220-..::
220-...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::..
.:::...:
::...:
220-..::
220-..::  Current Uptime .................: 37 Days, 9
Hours, 26 
Minutes, 24 Sec
onds
220-..::  Total KB's Uploaded ..........: 94 KB
220-..::  Total KB's Downloaded ......: 0 KB
220-..::  Total File's Uploaded .......: 2
220-..::  Total File's Downloaded .....: 0
220-..::  Average Throughput .......: 0.000 KB/sec
220-..::  Current Bandwith .............: 0.000 KB/sec
220-..::  No Users Logged In .........: 1
220-..::  Max Allowed Users ...........: -1
220-..::  No Total users ................: 1
220-..::
220-...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::..
.:::...:
::...:
220-..::
220-..::  15992.90 MB free
220-..::  1 users connected
220-..::  0.000 KB/sec is in use
220-..::
220 
...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::
...:
::...:
421 Maximum session time exceeded - closing.
 
i googled it,both about "TCP Port 282" & "Capricorn
PubStro
"(the keyword),but i got nothing :(
 
it looks like a ftp server? 220,421
anyone who recoganize this ?
 
thx. 
sorry for my poor english.


_________________________________________________________
Do You Yahoo!? 
完全免费的雅虎电邮，马上注册获赠额外60兆网络存储空间
http://cn.rd.yahoo.com/mail_cn/tag/?http://cn.mail.yahoo.com

------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of
in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------