- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [ a r t i c l e ] [ a u t h o r ] Collecting Information from Remote Sites ManiaX Killerian - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The whole idea of this article is how to gather all the possible information about any site/provider/host and so on in Interne. First, I wanted to make all the tests on one place, but there existed possibility my 'victims' to trace me, and tgat won't do me any good, just because I was lazy and was doing it ftom home (and I hate slow ssh connections) . Here I'll be talking about methods that are abosolutely normal and lawful,and they don't create any abnormal activity (not like a flood with nestea packets) 1) Services-based methods : 1.1. DNS - supported server , upstream providers, backup lines This is my favourite,as you easy can get any provider's DNS base (which could very, I repeat, VERY large - demon.co.uk now may be about 10 MB..).Below I've placed two real database as examples, and I've put my comments in <[ ]> Example DNS base : ; BIND version named 8.1.2-T3B Sun Jan 3 23:06:10 MST 1999 ; BIND version bdale@rover:/home/bdale/debian/bind-8.1.2/target/bin/named ; zone 'spnet.net' last serial 0 ; from 212.50.0.10 at Fri Jul 16 14:34:27 1999 <[ dotuk izhoda e ot named-xfer - programata za svalqne na DNS bazata. ]> $ORIGIN net. spnet IN SOA ns.spnet.net. shtinkov.ns.spnet.net. ( 1999071400 28800 7200 604800 86400 ) IN NS ns.spnet.net. IN NS purgatory.spnet.net. IN MX 2 ns.spnet.net. IN A 212.50.0.15 <[ SOA record - who is responsible fot this zone - shtinkov@ns.spnet.net, which are the main name server for the zone and who is the mail relay for the zone (e.g. for the mail name spnet.net) ]> $ORIGIN spnet.net. dialup073 IN A 212.50.13.73 dialup074 IN A 212.50.13.74 dialup105 IN A 212.50.13.105 modem10 IN A 212.50.0.53 dialup086 IN A 212.50.13.86 dialup106 IN A 212.50.13.106 modem11 IN A 212.50.0.54 dialup087 IN A 212.50.13.87 dialup107 IN A 212.50.13.107 modem12 IN A 212.50.0.55 dialup088 IN A 212.50.13.88 dialup110 IN A 212.50.13.110 <[ Some dialups and so on (a bit erased by me) ]> skat IN A 212.50.0.161 IN MX 10 skat.spnet.net. $ORIGIN skat.spnet.net. mail IN CNAME skat.spnet.net. www IN CNAME skat.spnet.net. proxy IN CNAME skat.spnet.net. ns IN CNAME skat.spnet.net. ftp IN CNAME skat.spnet.net. <[ A client with his own server ....which is in their zone .. Looks like they don't care what their name is, so it's rarely possible that they're Internet provider]> $ORIGIN spnet.net. modem13 IN A 212.50.0.56 dialup089 IN A 212.50.13.89 dialup091 IN A 212.50.13.91 <[ More dial-ups...The bad thing about named-xfer is that it doesn't sort anything... This problem could be greatly noticed when you look at the bg. TLD DNS base - may be to danbo on his machine it looks great, but to any ordinary user of named-xfer it's awful. ]> cst IN A 212.50.0.193 svilengrad IN MX 10 cst.spnet.net. $ORIGIN svilengrad.spnet.net. cst IN CNAME cst.spnet.net. mail IN CNAME cst.spnet.net. proxy IN CNAME cst.spnet.net. www IN CNAME cst.spnet.net. ns IN CNAME cst.spnet.net. ftp IN CNAME cst.spnet.net. <[ Again something like skat - but this time it looks like they're representativers of SPNET in Svilengrad.... ]> $ORIGIN spnet.net. spnet2digsys-local IN A 212.50.10.238 <[ IP of the router's interface to another provider - DIGSYS. Usually any such address is named in way that the name will correspond to the link that goes through this interface ( It's not always so) ]> dialup127 IN A 212.50.13.127 dialup128 IN A 212.50.13.128 dialup130 IN A 212.50.13.130 intbg2spnet IN A 212.50.10.241 <[ Again link to another provider ]> spnet2intbg IN A 212.50.10.242 <[ IP of the distant interface (e.g. the router on the other end of the link) ]> irc IN CNAME purgatory.spnet.net. <[ SPNET's irc server - just a CNAME pointing to any of their bigger servers. In fact, in .bg there just ain't any need to use a separate mashine for IRC server - only in the case when some crazy guy wants to connect it to EFNET :) :)))) ]> biolin IN A 212.50.0.9 <[ Little stranger name - server of BIOTEAM ]> mail IN CNAME ns.spnet.net. <[ General mail relay. Most of the mail clients (like Netscape messenger) come set up by default to use SMTP server named mail and it's a lot easier to put an alias in the DNS base that to modify a lot of the client's configurations. ]> spnet2netbg IN A 212.50.10.226 IN A 212.50.10.230 <[ again router's interface address ]> pirdop1 IN A 212.50.0.238 <[ interesting below there is machine called just pirdop - looks like they have only one dial-up ? Or the machine of the local admin ? ]> haskovo IN MX 10 gis.spnet.net. $ORIGIN haskovo.spnet.net. mail IN CNAME gis.spnet.net. www IN CNAME gis.spnet.net. proxy IN CNAME gis.spnet.net. ns IN CNAME gis.spnet.net. ftp IN CNAME gis.spnet.net. $ORIGIN spnet.net. proxy IN CNAME purgatory.spnet.net. <[ Main proxy server ..The reason for such alias is the same as the reason for the alias 'mail' ]> digsys2spnet-local IN A 212.50.10.237 router2 IN A 212.50.0.2 digsys2spnet IN A 212.50.10.253 router3 IN A 212.50.0.3 $ORIGIN sirma.spnet.net. router IN A 212.50.14.129 $ORIGIN spnet.net. router4 IN A 212.50.0.4 dialup255 IN A 212.50.13.255 router7 IN A 212.50.0.7 router8 IN A 212.50.0.8 ns IN A 212.50.0.10 <[ Main name server and mail relay (see above) ]> router IN A 212.50.0.1 <[ central router - god knows what CISCO beast... ]> parvak IN A 212.50.0.12 <[ admin's machine - recognized by the name... Usually nobody calls any server with such a name. ]> debian IN A 212.50.0.16 <[ Debian archive...... LONG LIVE! :))) ]> ibsf IN A 212.50.0.225 IN MX 10 ibsf.spnet.net. <[ One more client with leased line and mail relaying... ]> pool IN CNAME ns.spnet.net. switch IN A 212.50.0.6 $ORIGIN plovdiv.spnet.net. router IN A 212.50.21.1 $ORIGIN spnet.net. gis IN A 212.50.0.241 rakia IN CNAME parvak.spnet.net. <[ CNAME for the admin's machine .... ]> harmanli IN A 212.50.14.97 IN MX 10 harmanli.spnet.net. $ORIGIN harmanli.spnet.net. cst IN CNAME harmanli.spnet.net. mail IN CNAME harmanli.spnet.net. proxy IN CNAME harmanli.spnet.net. www IN CNAME harmanli.spnet.net. ns IN CNAME harmanli.spnet.net. ftp IN CNAME harmanli.spnet.net. $ORIGIN spnet.net. pirdop IN A 212.50.0.237 IN MX 10 pirdop.spnet.net. $ORIGIN pirdop.spnet.net. mail IN CNAME pirdop.spnet.net. www IN CNAME pirdop.spnet.net. proxy IN CNAME pirdop.spnet.net. ns IN CNAME pirdop.spnet.net. ftp IN CNAME pirdop.spnet.net. <[ ha,who knew that SPNET had offce in pirdop ? :))) ]> $ORIGIN spnet.net. manro IN A 212.50.0.17 ftp IN CNAME purgatory.spnet.net. coin IN A 212.50.0.14 spnet2bdata IN A 212.50.10.250 support IN A 212.50.0.19 radius IN CNAME ns.spnet.net. $ORIGIN center.spnet.net. router3 IN A 212.50.0.67 anemia IN A 212.50.0.69 <[ again interesting machine ......which is registred in center.spnet.net, which is the zone of the main routers... ]> router4 IN A 212.50.0.68 switch IN A 212.50.0.70 router IN A 212.50.0.65 router2 IN A 212.50.0.66 $ORIGIN spnet.net. purgatory IN A 212.50.0.15 modem0 IN A 212.50.0.43 modem1 IN A 212.50.0.44 modem2 IN A 212.50.0.45 modem3 IN A 212.50.0.46 modem4 IN A 212.50.0.47 modem5 IN A 212.50.0.48 modem6 IN A 212.50.0.49 modem7 IN A 212.50.0.50 modem8 IN A 212.50.0.51 modem9 IN A 212.50.0.52 pernik IN A 212.50.19.65 IN MX 10 pernik.spnet.net. $ORIGIN pernik.spnet.net. pool6 IN A 212.50.19.86 pool7 IN A 212.50.19.87 pool0 IN A 212.50.19.80 pool1 IN A 212.50.19.81 mail IN CNAME pernik.spnet.net. pool2 IN A 212.50.19.82 www IN CNAME pernik.spnet.net. proxy IN CNAME pernik.spnet.net. pool3 IN A 212.50.19.83 pool4 IN A 212.50.19.84 pool5 IN A 212.50.19.85 ns IN CNAME pernik.spnet.net. router IN A 212.50.19.66 ftp IN CNAME pernik.spnet.net. <[ Here you can see a more serious office in Pernik (???) , with 8 dial-ups, with router ( which could be just a linux machine and pernik i router to be the same machjine), and even with www .... It could be verified are they one machine, using traceroute .... After a test it look like that either router.pernik 's traceroute packets are filtered, or either it's missing ,or either he is after pernik.spnet in the netrwork topology....which could mean, thaht the record is set just by habbit, ot their router died, or it's a router to which you connect dialups and noting more (here kay noticed , it could be just a portmaster or sth. who is filtered.) ]> $ORIGIN spnet.net. dialup002 IN A 212.50.13.2 ingbank IN MX 10 ibsf.spnet.net. IN CNAME ibsf.spnet.net. <[ Here we see what is isbf - INGBANK...]> bta IN A 212.50.10.130 <[ BTA .... Interesting ... I can write another article as big as this about them :)) ]> spnet2netissat IN A 212.50.10.234 zlatica IN A 212.50.0.233 IN MX 10 zlatica.spnet.net. $ORIGIN zlatica.spnet.net. mail IN CNAME zlatica.spnet.net. www IN CNAME zlatica.spnet.net. proxy IN CNAME zlatica.spnet.net. ns IN CNAME zlatica.spnet.net. ftp IN CNAME zlatica.spnet.net. $ORIGIN spnet.net. netbg2spnet IN A 212.50.10.225 IN A 212.50.10.229 spnet2digsys IN A 212.50.10.254 www IN CNAME purgatory.spnet.net. topbg IN CNAME purgatory.spnet.net. This is what it looks like the DNS database for one big (for BG) provider. Some users, static IP-ta, 254 IP-ta zadeleni za dialup.. And here is one of their reverse zones (their main) : $ORIGIN 50.212.in-addr.arpa. 0 IN SOA ns.spnet.net. shtinkov.ns.spnet.net. ( 1999071400 28800 7200 604800 86400 ) IN NS ns.spnet.net. IN NS purgatory.spnet.net. <[ ^^^ the same SOA record..... ]> $ORIGIN 0.50.212.in-addr.arpa. 1 IN PTR router.spnet.net. 2 IN PTR router2.spnet.net. 3 IN PTR router3.spnet.net. 4 IN PTR router4.spnet.net. 6 IN PTR switch.spnet.net. 7 IN PTR router7.spnet.net. 8 IN PTR router8.spnet.net. 9 IN PTR biolin.spnet.net. 161 IN PTR skat.spnet.net. 10 IN PTR ns.spnet.net. 11 IN PTR bta.spnet.net. 12 IN PTR parvak.spnet.net. 14 IN PTR coin.spnet.net. 15 IN PTR purgatory.spnet.net. 16 IN PTR debian.spnet.net. 17 IN PTR manro.spnet.net. 19 IN PTR support.spnet.net. 193 IN PTR cst.spnet.net. 43 IN PTR modem0.spnet.net. 44 IN PTR modem1.spnet.net. 45 IN PTR modem2.spnet.net. 46 IN PTR modem3.spnet.net. 47 IN PTR modem4.spnet.net. 50 IN PTR modem7.spnet.net. 48 IN PTR modem5.spnet.net. 51 IN PTR modem8.spnet.net. 49 IN PTR modem6.spnet.net. 52 IN PTR modem9.spnet.net. 225 IN PTR ibsf.spnet.net. 53 IN PTR modem10.spnet.net. 54 IN PTR modem11.spnet.net. 55 IN PTR modem12.spnet.net. 56 IN PTR modem13.spnet.net. 57 IN PTR modem19.spnet.net. 60 IN PTR modem16.spnet.net. 58 IN PTR modem14.spnet.net. 233 IN PTR zlatica.spnet.net. 61 IN PTR modem17.spnet.net. 59 IN PTR modem15.spnet.net. 234 IN PTR stoyan.zlatica.spnet.net. 62 IN PTR modem18.spnet.net. 237 IN PTR pirdop.spnet.net. 65 IN PTR router.center.spnet.net. 238 IN PTR pirdop1.spnet.net. 66 IN PTR router2.center.spnet.net. 241 IN PTR gis.spnet.net. 67 IN PTR router3.center.spnet.net. 242 IN PTR admin.haskovo.spnet.net. 70 IN PTR switch.center.spnet.net. 68 IN PTR router4.center.spnet.net. 243 IN PTR pool1.haskovo.spnet.net. 69 IN PTR anemia.center.spnet.net. 244 IN PTR pool2.haskovo.spnet.net. 245 IN PTR pool3.haskovo.spnet.net. 246 IN PTR pool4.haskovo.spnet.net. 247 IN PTR pool5.haskovo.spnet.net. 248 IN PTR pool6.haskovo.spnet.net. <[hereto ,the standart information we've got from our previous DNS database...... ]> 81 IN PTR biolin.bioteam.com. 82 IN PTR dimitrov.bioteam.com. 83 IN PTR corn.bioteam.com. 84 IN PTR kirilov.bioteam.com. 85 IN PTR tanja.bioteam.com. 86 IN PTR petrova.bioteam.com. 87 IN PTR zheliazkov.bioteam.com. 90 IN PTR topalov.bioteam.com. 88 IN PTR kckfb.bioteam.com. 89 IN PTR valov.bioteam.com. <[ and here is a way to find interesting machines to attack - username.xxx.com :)) this, as it looks like, are users' machines with static real (not masqeraded) IPs... these are one of the most vulnerable machines on the net (maybe after the dial-ups.... and may bebefore them) ]> If we download any other reverse DNS database, we could find other domains,hosted by SPNET - like yellowpages.bg and so on. So, as the forward DNS base gives us information about the provider, the reverse DNS base gives us information about the other hosted domains/people/organisations/providers and so on. 1.2. nmap -sP (i.e. a check which IPs are used ) size of the provider. <[ za tuk sum izpolzval nqkoi stari scan-ove na infotel... ]> Starting nmap V. 1.51 by Fyodor (fyodor@dhp.com, www.dhp.com/~fyodor/nmap/) Host (212.39.64.16) seems to be a subnet broadcast address (returned 8 extra pings) Host ns.infotel.bg (212.39.64.18) appears to be up. Host unnamed.infotel.bg (212.39.64.19) appears to be up. Host unnamed.infotel.bg (212.39.64.20) appears to be up. Host tch.infotel.bg (212.39.64.22) appears to be up. Host c2501.infotel.bg (212.39.64.23) appears to be up. Host acp70.infotel.bg (212.39.64.24) appears to be up. Host c2522.infotel.bg (212.39.64.27) appears to be up. Host c2511.infotel.bg (212.39.64.28) appears to be up. Host nb.infotel.bg (212.39.64.29) appears to be up. Host (212.39.64.31) seems to be a subnet broadcast address (returned 8 extra pings) Host (212.39.64.32) seems to be a subnet broadcast address (returned 2 extra pings) <[ who wants to smurf ? :))) Looks like we have broadcasts,too ..]> Host unnamed.infotel.bg (212.39.64.33) appears to be up. Host unnamed.infotel.bg (212.39.64.34) appears to be up. Host (212.39.64.35) seems to be a subnet broadcast address (returned 2 extra pings) Host (212.39.64.48) seems to be a subnet broadcast address (returned 1 extra pings) Host unnamed.infotel.bg (212.39.64.49) appears to be up. Host unnamed.infotel.bg (212.39.64.51) appears to be up. Host unnamed.infotel.bg (212.39.64.55) appears to be up. Host unnamed.infotel.bg (212.39.64.57) appears to be up. Host unnamed.infotel.bg (212.39.64.59) appears to be up. Host unnamed.infotel.bg (212.39.64.60) appears to be up. Host (212.39.64.63) seems to be a subnet broadcast address (returned 1 extra pings) Host unnamed.infotel.bg (212.39.64.97) appears to be up. Host (212.39.64.100) seems to be a subnet broadcast address (returned 1 extra pings) Host unnamed.infotel.bg (212.39.64.101) appears to be up. Host unnamed.infotel.bg (212.39.64.102) appears to be up. Host (212.39.64.103) seems to be a subnet broadcast address (returned 1 extra pings) Host (212.39.64.112) seems to be a subnet broadcast address (returned 1 extra pings) Host unnamed.infotel.bg (212.39.64.113) appears to be up. Host unnamed.infotel.bg (212.39.64.114) appears to be up. Host vg.infotel.bg (212.39.64.116) appears to be up. Host (212.39.64.127) seems to be a subnet broadcast address (returned 1 extra pings) Host pomps.infotel.bg (212.39.64.129) appears to be up. Host unnamed.infotel.bg (212.39.64.132) appears to be up. Host unnamed.infotel.bg (212.39.64.137) appears to be up. Host unnamed.infotel.bg (212.39.64.139) appears to be up. Host unnamed.infotel.bg (212.39.64.140) appears to be up. Host unnamed.infotel.bg (212.39.64.144) appears to be up. Host unnamed.infotel.bg (212.39.64.145) appears to be up. Host unnamed.infotel.bg (212.39.64.146) appears to be up. Host (212.39.64.159) seems to be a subnet broadcast address (returned 1 extra pings) Host (212.39.64.160) seems to be a subnet broadcast address (returned 2 extra pings) Host unnamed.infotel.bg (212.39.64.161) appears to be up. Host unnamed.infotel.bg (212.39.64.163) appears to be up. Host unnamed.infotel.bg (212.39.64.164) appears to be up. Host unnamed.infotel.bg (212.39.64.165) appears to be up. Host unnamed.infotel.bg (212.39.64.166) appears to be up. Host unnamed.infotel.bg (212.39.64.170) appears to be up. Host unnamed.infotel.bg (212.39.64.172) appears to be up. Host unnamed.infotel.bg (212.39.64.174) appears to be up. Host unnamed.infotel.bg (212.39.64.176) appears to be up. Host unnamed.infotel.bg (212.39.64.177) appears to be up. Host unnamed.infotel.bg (212.39.64.179) appears to be up. Host (212.39.64.191) seems to be a subnet broadcast address (returned 1 extra pings) Host (212.39.64.208) seems to be a subnet broadcast address (returned 4 extra pings) Host unnamed.infotel.bg (212.39.64.209) appears to be up. Host unnamed.infotel.bg (212.39.64.210) appears to be up. Host unnamed.infotel.bg (212.39.64.211) appears to be up. Host unnamed.infotel.bg (212.39.64.213) appears to be up. Host unnamed.infotel.bg (212.39.64.218) appears to be up. Host unnamed.infotel.bg (212.39.64.221) appears to be up. Host unnamed.infotel.bg (212.39.64.222) appears to be up. Host (212.39.64.223) seems to be a subnet broadcast address (returned 4 extra pings) Host (212.39.64.224) seems to be a subnet broadcast address (returned 1 extra pings) Host unnamed.infotel.bg (212.39.64.225) appears to be up. Host unnamed.infotel.bg (212.39.64.226) appears to be up. Host unnamed.infotel.bg (212.39.64.227) appears to be up. Host unnamed.infotel.bg (212.39.64.228) appears to be up. Host unnamed.infotel.bg (212.39.64.230) appears to be up. Host unnamed.infotel.bg (212.39.64.234) appears to be up. Host (212.39.64.239) seems to be a subnet broadcast address (returned 1 extra pings) Host unnamed.infotel.bg (212.39.64.253) appears to be up. Host unnamed.infotel.bg (212.39.64.254) appears to be up. Starting nmap V. 1.51 by Fyodor (fyodor@dhp.com, www.dhp.com/~fyodor/nmap/) Host (212.39.65.0) appears to be down. Host (212.39.65.0) seems to be a subnet broadcast address (returned 1 extra pings) Host unnamed.infotel.bg (212.39.65.1) appears to be up. Host unnamed.infotel.bg (212.39.65.2) appears to be up. Host unnamed.infotel.bg (212.39.65.3) appears to be up. Host unnamed.infotel.bg (212.39.65.4) appears to be up. Host unnamed.infotel.bg (212.39.65.5) appears to be up. Host unnamed.infotel.bg (212.39.65.6) appears to be up. Host (212.39.65.7) appears to be down. Host (212.39.65.8) appears to be down. Host (212.39.65.9) appears to be down. Host (212.39.65.10) appears to be down. Host (212.39.65.11) appears to be down. Host (212.39.65.12) appears to be down. Host (212.39.65.13) appears to be down. Host (212.39.65.14) appears to be down. Host (212.39.65.15) appears to be down. Host (212.39.65.15) seems to be a subnet broadcast address (returned 1 extra pings) Host (212.39.65.16) appears to be down. Host (212.39.65.16) seems to be a subnet broadcast address (returned 1 extra pings) Host unnamed.infotel.bg (212.39.65.17) appears to be up. Host unnamed.infotel.bg (212.39.65.18) appears to be up. Host unnamed.infotel.bg (212.39.65.19) appears to be up. Host (212.39.65.20) appears to be down. Host (212.39.65.21) appears to be down. Host (212.39.65.22) appears to be down. Host (212.39.65.23) appears to be down. Host (212.39.65.24) appears to be down. Host (212.39.65.25) appears to be down. Host (212.39.65.26) appears to be down. Host (212.39.65.27) appears to be down. Host (212.39.65.28) appears to be down. Host (212.39.65.29) appears to be down. Host (212.39.65.30) appears to be down. Host (212.39.65.31) appears to be down. Host (212.39.65.31) seems to be a subnet broadcast address (returned 1 extra pings) Host (212.39.65.32) appears to be down. <[ here I've cut some hosts that are down ....below is a bit shortened list.. ]> Host (212.39.65.87) appears to be down. Host unnamed.infotel.bg (212.39.65.88) appears to be up. Host (212.39.65.89) appears to be down. Host (212.39.65.96) appears to be down. Host unnamed.infotel.bg (212.39.65.97) appears to be up. Host (212.39.65.98) appears to be down. Host unnamed.infotel.bg (212.39.65.99) appears to be up. Host (212.39.65.100) appears to be down. Host (212.39.65.132) appears to be down. Host pppsof5.infotel.bg (212.39.65.133) appears to be up. Host (212.39.65.134) appears to be down. Host (212.39.65.135) appears to be down. Host (212.39.65.136) appears to be down. Host (212.39.65.137) appears to be down. Host pppsof10.infotel.bg (212.39.65.138) appears to be up. Host (212.39.65.139) appears to be down. Host (212.39.65.149) appears to be down. Host pppsof22.infotel.bg (212.39.65.150) appears to be up. <[ Some dial-ups....... ]> Host (212.39.65.151) appears to be down. Host (212.39.65.192) appears to be down. Host (212.39.65.192) seems to be a subnet broadcast address (returned 5 extra pings) Host fpn.infotel.bg (212.39.65.193) appears to be up. Host (212.39.65.194) appears to be down. Host db.infotel.bg (212.39.65.195) appears to be up. Host www1.infotel.bg (212.39.65.196) appears to be up. Host hdesk.gurko.cits.btc.bg (212.39.65.197) appears to be up. <[ The only machine in the domain btc.bg ...]> Host unnamed.infotel.bg (212.39.65.198) appears to be up. Host ibm2210.infotel.bg (212.39.65.199) appears to be up. Host (212.39.65.200) appears to be down. Host (212.39.65.207) appears to be down. Host (212.39.65.207) seems to be a subnet broadcast address (returned 5 extra pings) <[ again broadcast ... ]> Host (212.39.65.208) appears to be down. Host (212.39.65.208) seems to be a subnet broadcast address (returned 1 extra pings) Host db.infotel.bg (212.39.65.209) appears to be up. Host fpn.infotel.bg (212.39.65.210) appears to be up. Host www1.infotel.bg (212.39.65.211) appears to be up. Host fw.infotel.bg (212.39.65.212) appears to be up. Host (212.39.65.213) appears to be down. Host (212.39.65.214) appears to be down. Host nb.infotel.bg (212.39.65.215) appears to be up. Host switch.infotel.bg (212.39.65.216) appears to be up. Host unnamed.infotel.bg (212.39.65.217) appears to be up. Host (212.39.65.218) appears to be down. Host (212.39.65.219) appears to be down. Host (212.39.65.220) appears to be down. Host br.infotel.bg (212.39.65.221) appears to be up. Host (212.39.65.222) appears to be down. Host (212.39.65.223) appears to be down. Host (212.39.65.223) seems to be a subnet broadcast address (returned 1 extra pings) Host (212.39.65.224) appears to be down. Host (212.39.65.255) appears to be down. <[ This scan is very old and I'm sure that it's not actual noe, but you can see that in this zone there are servers and routers like in a big ISP, and in the next part you will see how big it is....And, don't forget the scan is made about 4:00 am ]> 1.3. nmap -sS -O (used OS-es),some known things about the specific network-oriented OS-es. <[ Here I used nmap 2.01, because it has OS scan .. ]> Starting nmap V. 2.01 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/) Host unnamed.infotel.bg (212.39.64.0) appears to be down, skipping it. <[ Again, here I've deleted most of the hosts that weredown ]> Host unnamed.infotel.bg (212.39.64.16) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.16) seems to be a subnet broadcast address (returned 1 extra pings).Skipping host. Host unnamed.infotel.bg (212.39.64.17) appears to be down, skipping it. Host ns.infotel.bg (212.39.64.18) appears to be up ... good. Initiating SYN half-open stealth scan against ns.infotel.bg (212.39.64.18) Adding TCP port 9 (state Open). Adding TCP port 13 (state Open). Adding TCP port 53 (state Open). Adding TCP port 25 (state Open). Adding TCP port 7 (state Open). Adding TCP port 23 (state Open). Adding TCP port 37 (state Open). Adding TCP port 19 (state Open). Adding TCP port 110 (state Open). The SYN scan took 49 seconds to scan 120 ports. For OSScan assuming that port 7 is open and port 40836 is closed and neither are firewalled Interesting ports on ns.infotel.bg (212.39.64.18): Port State Protocol Service 7 open tcp echo 9 open tcp discard 13 open tcp daytime 19 open tcp chargen 21 filtered tcp ftp 23 open tcp telnet 25 open tcp smtp 37 open tcp time 49 filtered tcp unknown 53 open tcp domain 80 filtered tcp www 110 open tcp pop3 111 filtered tcp sunrpc TCP Sequence Prediction: Class=64K rule Difficulty=1 (Trivial joke) Sequence numbers: 52871601 52804001 528DEC01 52A17401 Remote operating system guess: AIX 4.1 OS Fingerprint: TSeq(Class=64K) T1(Resp=Y%DF=N%W=3F25%ACK=S++%Flags=AS%Ops=M) T2(Resp=N) T3(Resp=N) T4(Resp=Y%DF=N%W=4000%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=F%UCK=E%ULEN=134%DAT=E) <[ hihi...AIX and with really easy sequence number generator]> Host unnamed.infotel.bg (212.39.64.19) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.20) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.20) Adding TCP port 23 (state Open). Adding TCP port 79 (state Open). The SYN scan took 53 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 41396 is closed and neither are firewalled Interesting ports on unnamed.infotel.bg (212.39.64.20): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=random positive increments Difficulty=165610 (Good luck!) Sequence numbers: 193786BC 193CCA3F 193CB80D 193CDC3D 193786BC 193CB80D Remote operating system guess: Cisco IOS 11.3 - 12.0 OS Fingerprint: TSeq(Class=RI%gcd=1%SI=286EA) T1(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) <[ router ..... ]> Host unnamed.infotel.bg (212.39.64.21) appears to be down, skipping it. Host tch.infotel.bg (212.39.64.22) appears to be up ... good. Initiating SYN half-open stealth scan against tch.infotel.bg (212.39.64.22) Adding TCP port 23 (state Open). The SYN scan took 79 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 30852 is closed and neither are firewalled Interesting ports on tch.infotel.bg (212.39.64.22): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=constant sequence number (!) Difficulty=0 (Trivial joke) Sequence numbers: 7F 7F 7F 7F 7F 7F Remote operating system guess: ComOS - Livingston PortMaster (unknown version number) OS Fingerprint: TSeq(Class=C%Val=7F) T1(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T2(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T4(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E) <[ Dial-in server .... the bad thing is, that you can't find it's number of ports .]> Host c2501.infotel.bg (212.39.64.23) appears to be up ... good. Initiating SYN half-open stealth scan against c2501.infotel.bg (212.39.64.23) Adding TCP port 23 (state Open). Adding TCP port 79 (state Open). The SYN scan took 72 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 34074 is closed and neither are firewalled Interesting ports on c2501.infotel.bg (212.39.64.23): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=random positive increments Difficulty=54438 (Worthy challenge) Sequence numbers: 8C3BBB63 8C3B9183 8C3C0E3B 8C3E6311 8C3E709A 8C3EF28B Remote operating system guess: Cisco 25XX/45XX Router or 29XX switch (IOS 11.2) OS Fingerprint: TSeq(Class=RI%gcd=1%SI=D4A6) T1(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) <[ one more router .... ]> Host acp70.infotel.bg (212.39.64.24) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.25) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.26) appears to be down, skipping it. Host c2522.infotel.bg (212.39.64.27) appears to be up ... good. Initiating SYN half-open stealth scan against c2522.infotel.bg (212.39.64.27) Adding TCP port 23 (state Open). Adding TCP port 79 (state Open). The SYN scan took 133 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 35085 is closed and neither are firewalled Interesting ports on c2522.infotel.bg (212.39.64.27): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=random positive increments Difficulty=47238 (Worthy challenge) Sequence numbers: 98A2BF85 98A2B041 98A6608B 98A67D6F 98A66F2B 98A68BEF Remote operating system guess: Cisco 25XX/45XX Router or 29XX switch (IOS 11.2) OS Fingerprint: TSeq(Class=RI%gcd=2%SI=B886) T1(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) <[ Router again router ...]> Host c2511.infotel.bg (212.39.64.28) appears to be up ... good. Initiating SYN half-open stealth scan against c2511.infotel.bg (212.39.64.28) Adding TCP port 23 (state Open). Adding TCP port 79 (state Open). The SYN scan took 57 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 43591 is closed and neither are firewalled Interesting ports on c2511.infotel.bg (212.39.64.28): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=random positive increments Difficulty=46280 (Worthy challenge) Sequence numbers: A0700F7E A0702555 A0720C52 A0721A9A A071FC99 A07260F2 Remote operating system guess: Cisco 25XX/45XX Router or 29XX switch (IOS 11.2) OS Fingerprint: TSeq(Class=RI%gcd=1%SI=B4C8) T1(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=N) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) <[ Hey....this needs checking ]> Host unnamed.infotel.bg (212.39.64.34) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.34) Adding TCP port 9 (state Open). Adding TCP port 79 (state Open). Adding TCP port 19 (state Open). Adding TCP port 7 (state Open). RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 Adding TCP port 23 (state Open). Bumping up senddelay by 10000 (to 10000), due to excessive drops The SYN scan took 247 seconds to scan 120 ports. For OSScan assuming that port 7 is open and port 36334 is closed and neither are firewalled Insufficient responses for TCP sequencing (2), OS detection will be MUCH less reliable For OSScan assuming that port 7 is open and port 36542 is closed and neither are firewalled For OSScan assuming that port 7 is open and port 31882 is closed and neither are firewalled Insufficient responses for TCP sequencing (3), OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.34): Port State Protocol Service 7 open tcp echo 9 open tcp discard 19 open tcp chargen 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc No OS matches for this host. TCP fingerprints: T1(Resp=Y%DF=N%W=860%ACK=S++%Flags=AS%Ops=M) TSeq(Class=C%Val=68D83FAF) T1(Resp=Y%DF=N%W=860%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T1(Resp=N) T2(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) T3(Resp=N) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=N) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T3(Resp=N) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=N) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=N) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=N) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host unnamed.infotel.bg (212.39.64.35) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.35) seems to be a subnet broadcast address (returned 2 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.64.36) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.48) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.48) seems to be a subnet broadcast address (returned 2 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.64.49) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.49) Adding TCP port 15 (state Open). Adding TCP port 109 (state Open). Adding TCP port 9 (state Open). Adding TCP port 13 (state Open). Adding TCP port 25 (state Open). Adding TCP port 7 (state Open). Adding TCP port 11 (state Open). Adding TCP port 37 (state Open). Adding TCP port 23 (state Open). Adding TCP port 79 (state Open). Adding TCP port 119 (state Open). Adding TCP port 19 (state Open). Adding TCP port 110 (state Open). Adding TCP port 113 (state Open). The SYN scan took 59 seconds to scan 120 ports. For OSScan assuming that port 7 is open and port 43035 is closed and neither are firewalled WARNING: RST from port 7 -- is this port really open? WARNING: RST from port 7 -- is this port really open? WARNING: RST from port 7 -- is this port really open? WARNING: RST from port 7 -- is this port really open? WARNING: RST from port 7 -- is this port really open? WARNING: RST from port 7 -- is this port really open? <[ Interesting ...is it firewalled in a strange way ? ? ]> Insufficient responses for TCP sequencing (0), OS detection will be MUCH less reliable For OSScan assuming that port 7 is open and port 44543 is closed and neither are firewalled WARNING: RST from port 7 -- is this port really open? WARNING: RST from port 7 -- is this port really open? Insufficient responses for TCP sequencing (0), OS detection will be MUCH less reliable For OSScan assuming that port 7 is open and port 38888 is closed and neither are firewalled WARNING: RST from port 7 -- is this port really open? WARNING: RST from port 7 -- is this port really open? WARNING: RST from port 7 -- is this port really open? Insufficient responses for TCP sequencing (0), OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.49): Port State Protocol Service 7 open tcp echo 9 open tcp discard 11 open tcp systat 13 open tcp daytime 15 open tcp netstat 19 open tcp chargen 21 filtered tcp ftp 23 open tcp telnet 25 open tcp smtp 37 open tcp time 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 109 open tcp pop2 110 open tcp pop3 111 filtered tcp sunrpc 113 open tcp auth 119 open tcp nntp No OS matches for this host. TCP fingerprints: T1(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T7(Resp=N) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host unnamed.infotel.bg (212.39.64.50) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.51) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.52) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.53) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.53) The SYN scan took 62 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.53): Port State Protocol Service 21 filtered tcp ftp 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc Remote OS guesses: Windows NT4 / Win95 / Win98, Windows NT 5 Beta2 OS Fingerprint: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=S++%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) <[ Here I've cut about 300 things like this ... kay says that hese are CMP unreachable packets or some other shit, but I can't be sure, I was sleeping when it happened :))) ]> Here it is: 3 1 E CA 0 0 0 0 45 0 0 28 74 ED 0 0 36 6 4D 4C C2 C EB C1 D4 27 40 A1 82 11 0 5 1C 6C 4F B2 Here it is: 3 1 E 5C 0 0 0 0 45 0 0 28 D2 88 0 0 36 6 EF B0 C2 C EB C1 D4 27 40 A1 82 11 0 73 1C 6C 4F B2 Here it is: 3 1 E 92 0 0 0 0 45 0 0 28 FF 49 0 0 36 6 C2 EF C2 C EB C1 D4 27 40 A1 82 11 0 3D 1C 6C 4F B2 Here it is: 3 1 E 70 0 0 0 0 45 0 0 28 3C 0 0 0 36 6 86 39 C2 C EB C1 D4 27 40 A1 82 11 0 5F 1C 6C 4F B2 The SYN scan took 397 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.161): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) <[ damn filtered ..... ]> Host scifo.infotel.bg (212.39.64.162) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.163) appears to be down, skipping it. Host dancho.infotel.bg (212.39.64.164) appears to be up ... good. Initiating SYN half-open stealth scan against dancho.infotel.bg (212.39.64.164) <[ damn filtered again ? ]> Here it is: 3 1 10 80 0 0 0 0 45 0 0 28 5 D3 0 0 36 6 BC 63 C2 C EB C1 D4 27 40 A4 82 11 0 3F 5C B5 D 79 The SYN scan took 397 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on dancho.infotel.bg (212.39.64.164): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.64.165) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.166) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.166) 3 1 4A DC 0 0 0 0 45 0 0 28 F9 67 0 0 36 6 C8 CC C2 C EB C1 D4 27 40 A6 82 11 0 3D DE 87 51 4C The SYN scan took 397 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.166): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.64.167) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.167) Here it is: Here it is: 3 1 1C 97 0 0 0 0 45 0 0 28 12 32 0 0 36 6 B0 1 C2 C EB C1 D4 27 40 A7 82 11 0 5F 59 E0 4 17 The SYN scan took 397 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.167): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.64.168) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.184) appears to be down, skipping it. Host hpns.infotel.bg (212.39.64.185) appears to be up ... good. Initiating SYN half-open stealth scan against hpns.infotel.bg (212.39.64.185) Here it is: 3 1 7D A6 0 0 0 0 45 0 0 28 C2 D0 0 0 36 6 FF 50 C2 C EB C1 D4 27 40 B9 82 11 0 3D 72 69 8A A0 The SYN scan took 398 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on hpns.infotel.bg (212.39.64.185): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.64.186) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.191) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.191) seems to be a subnet broadcast address (returned 2 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.64.192) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.208) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.208) seems to be a subnet broadcast address (returned 2 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.64.209) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.209) Adding TCP port 23 (state Open). The SYN scan took 10 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 36989 is closed and neither are firewalled For OSScan assuming that port 23 is open and port 43884 is closed and neither are firewalled For OSScan assuming that port 23 is open and port 35286 is closed and neither are firewalled Interesting ports on unnamed.infotel.bg (212.39.64.209): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=trivial time dependency Difficulty=1 (Trivial joke) Sequence numbers: 63F21039 63F2138B 63F21615 63F218D1 63F21B8D 63F21E7B No OS matches for this host. TCP fingerprints: TSeq(Class=TD%gcd=32%SI=1) TSeq(Class=TD%gcd=32%SI=6) TSeq(Class=TD%gcd=32%SI=1) T1(Resp=Y%DF=N%W=800%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=800%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) T5(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) T7(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=54%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=F) Host unnamed.infotel.bg (212.39.64.210) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.210) The SYN scan took 397 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.210): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.64.211) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.211) The SYN scan took 397 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.211): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.64.212) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.212) The SYN scan took 397 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.212): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.64.213) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.222) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.222) The SYN scan took 20 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.222): Port State Protocol Service 21 filtered tcp ftp 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc Remote OS guesses: Windows NT4 / Win95 / Win98, Windows NT 5 Beta2 OS Fingerprint: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=S++%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host unnamed.infotel.bg (212.39.64.223) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.223) seems to be a subnet broadcast address (returned 2 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.64.224) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.224) seems to be a subnet broadcast address (returned 1 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.64.225) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.225) The SYN scan took 397 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.225): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.64.226) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.227) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.227) The SYN scan took 398 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.227): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.64.228) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.228) The SYN scan took 398 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.228): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.64.229) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.229) The SYN scan took 398 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.229): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.64.230) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.237) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.237) The SYN scan took 398 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.237): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.64.238) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.239) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.239) seems to be a subnet broadcast address (returned 2 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.64.240) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.250) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.251) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.251) The SYN scan took 397 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.64.251): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.64.252) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.253) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.253) Adding TCP port 76 (state Firewalled). <[ I've deleted all the firewalled ports here .... ]> The SYN scan took 46 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 41980 is closed and neither are firewalled Insufficient responses for TCP sequencing (0), OS detection will be MUCH less reliable For OSScan assuming that port 23 is open and port 43706 is closed and neither are firewalled Insufficient responses for TCP sequencing (0), OS detection will be MUCH less reliable For OSScan assuming that port 23 is open and port 35179 is closed and neither are firewalled Interesting ports on unnamed.infotel.bg (212.39.64.253): (Not showing ports in state: filtered) Port State Protocol Service 23 open tcp telnet TCP Sequence Prediction: Class=random positive increments Difficulty=762 (Medium) Sequence numbers: 83E273B 83E2ECB 83E2ECB 83E3303 83E3303 83E3830 No OS matches for this host. TCP fingerprints: T1(Resp=Y%DF=N%W=400%ACK=S++%Flags=AS%Ops=MNNTNW) TSeq(Class=RI%gcd=1%SI=2FA) T2(Resp=N) T1(Resp=N) T3(Resp=N) T2(Resp=N) T4(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=N) T5(Resp=N) T4(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T6(Resp=N) T5(Resp=N) T7(Resp=N) T6(Resp=N) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) T7(Resp=N) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) <[ Dammit.....pink elefant ..... ]> (Not.Iron - I really like the ping elefants;-) Host unnamed.infotel.bg (212.39.64.254) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.64.254) Adding TCP port 109 (state Open). Adding TCP port 25 (state Open). The SYN scan took 31 seconds to scan 120 ports. For OSScan assuming that port 25 is open and port 40102 is closed and neither are firewalled For OSScan assuming that port 25 is open and port 31708 is closed and neither are firewalled For OSScan assuming that port 25 is open and port 34977 is closed and neither are firewalled Interesting ports on unnamed.infotel.bg (212.39.64.254): Port State Protocol Service 21 filtered tcp ftp 25 open tcp smtp 49 filtered tcp unknown 80 filtered tcp www 109 open tcp pop2 111 filtered tcp sunrpc TCP Sequence Prediction: Class=random positive increments Difficulty=9082861 (Good luck!) Sequence numbers: 319C93F5 319C93F5 30997AC3 30B0FA39 30CB399C 3216313B No OS matches for this host. TCP fingerprints: TSeq(Class=RI%gcd=1%SI=B9E8D) TSeq(Class=RI%gcd=1%SI=C045D) TSeq(Class=RI%gcd=1%SI=8A97ED) T1(Resp=Y%DF=N%W=37FF%ACK=S++%Flags=AS%Ops=ME) T1(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T2(Resp=N) T3(Resp=Y%DF=N%W=37FF%ACK=S++%Flags=ASF%Ops=ME) T3(Resp=Y%DF=N%W=37FF%ACK=O%Flags=ASF%Ops=ME) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host unnamed.infotel.bg (212.39.64.255) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.64.255) seems to be a subnet broadcast address (returned 1 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.65.0) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.0) seems to be a subnet broadcast address (returned 1 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.65.1) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.65.1) Adding TCP port 23 (state Open). Adding TCP port 79 (state Open). The SYN scan took 12 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 38687 is closed and neither are firewalled For OSScan assuming that port 23 is open and port 34532 is closed and neither are firewalled For OSScan assuming that port 23 is open and port 38432 is closed and neither are firewalled Interesting ports on unnamed.infotel.bg (212.39.65.1): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=random positive increments Difficulty=107269 (Good luck!) Sequence numbers: FCB6A390 FCC29F06 FCCBA98A FCD5E4E7 FCE1E087 FCEFAED4 No OS matches for this host. TCP fingerprints: TSeq(Class=RI%gcd=1%SI=206AA) TSeq(Class=RI%gcd=1%SI=9C915) TSeq(Class=RI%gcd=1%SI=1A305) T1(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T2(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T7(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=N) Host unnamed.infotel.bg (212.39.65.2) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.65.2) Adding TCP port 23 (state Open). Adding TCP port 79 (state Open). The SYN scan took 31 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 34976 is closed and neither are firewalled For OSScan assuming that port 23 is open and port 43700 is closed and neither are firewalled For OSScan assuming that port 23 is open and port 43897 is closed and neither are firewalled Interesting ports on unnamed.infotel.bg (212.39.65.2): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=random positive increments Difficulty=111526 (Good luck!) Sequence numbers: 1BDE42A 1DD4865 1FC480C 21DC159 239F510 258491A No OS matches for this host. TCP fingerprints: TSeq(Class=RI%gcd=1%SI=192E5) TSeq(Class=RI%gcd=1%SI=9B208) TSeq(Class=RI%gcd=1%SI=1B3A6) T1(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) <[ Again pink elefant .... ]> (Not.Iron - I'm liking them more;-) may be here is the place to curse you, ManiaX , because I'm reading this shit at 1:30am because they have to be ready for tomorrow......hmm.... Feel cursed :-) Host unnamed.infotel.bg (212.39.65.3) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.65.3) Adding TCP port 23 (state Open). Adding TCP port 79 (state Open). The SYN scan took 22 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 36820 is closed and neither are firewalled Interesting ports on unnamed.infotel.bg (212.39.65.3): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=random positive increments Difficulty=92712 (Worthy challenge) Sequence numbers: 4531BBC 462B6AE 470E99E 4822651 4922B7B 49F5CB8 Remote operating system guess: Cisco 25XX/45XX Router or 29XX switch (IOS 11.2) OS Fingerprint: TSeq(Class=RI%gcd=1%SI=16A28) T1(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host unnamed.infotel.bg (212.39.65.4) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.65.4) Adding TCP port 23 (state Open). Adding TCP port 79 (state Open). The SYN scan took 29 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 31502 is closed and neither are firewalled Interesting ports on unnamed.infotel.bg (212.39.65.4): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=random positive increments Difficulty=54481 (Worthy challenge) Sequence numbers: 6C2D17E 6DF23BC 6FCE594 7196BE2 7374C28 7530DFF Remote operating system guess: Cisco 25XX/45XX Router or 29XX switch (IOS 11.2) OS Fingerprint: TSeq(Class=RI%gcd=1%SI=D4D1) T1(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host unnamed.infotel.bg (212.39.65.5) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.65.5) Adding TCP port 23 (state Open). Adding TCP port 79 (state Open). The SYN scan took 13 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 37963 is closed and neither are firewalled Interesting ports on unnamed.infotel.bg (212.39.65.5): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=random positive increments Difficulty=74713 (Worthy challenge) Sequence numbers: 86905AA 874B195 882AAE1 88D6034 898B94F 8A56071 Remote operating system guess: Cisco 25XX/45XX Router or 29XX switch (IOS 11.2) OS Fingerprint: TSeq(Class=RI%gcd=1%SI=123D9) T1(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host unnamed.infotel.bg (212.39.65.6) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.65.6) Adding TCP port 23 (state Open). Adding TCP port 79 (state Open). The SYN scan took 16 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 38632 is closed and neither are firewalled For OSScan assuming that port 23 is open and port 38063 is closed and neither are firewalled Interesting ports on unnamed.infotel.bg (212.39.65.6): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=random positive increments Difficulty=91434 (Worthy challenge) Sequence numbers: AC0C685 AD28E4C AE8606D AFB34D6 B0FCD9A B2398F9 Remote operating system guess: Cisco 25XX/45XX Router or 29XX switch (IOS 11.2) OS Fingerprint: TSeq(Class=RI%gcd=1%SI=1652A) T1(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host unnamed.infotel.bg (212.39.65.7) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.15) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.15) seems to be a subnet broadcast address (returned 1 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.65.16) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.16) seems to be a subnet broadcast address (returned 1 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.65.17) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.65.17) The SYN scan took 11 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.65.17): Port State Protocol Service 21 filtered tcp ftp 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc Remote OS guesses: Cisco 7513/3640 Router (IOS 11.2(14)P), Cisco 25XX/45XX Router or 29XX switch (IOS 11.2), IBM Stackable Hub OS Fingerprint: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) PU(Resp=N) Host unnamed.infotel.bg (212.39.65.18) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.65.18) Adding TCP port 23 (state Open). Adding TCP port 79 (state Open). The SYN scan took 16 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 41288 is closed and neither are firewalled For OSScan assuming that port 23 is open and port 34587 is closed and neither are firewalled For OSScan assuming that port 23 is open and port 34911 is closed and neither are firewalled Interesting ports on unnamed.infotel.bg (212.39.65.18): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=random positive increments Difficulty=153366 (Good luck!) Sequence numbers: FB1FF29 FC0B97D FC9B3C6 FD7F6C8 FE4AF65 FEE6762 No OS matches for this host. TCP fingerprints: TSeq(Class=RI%gcd=1%SI=949E2) TSeq(Class=RI%gcd=1%SI=2189D) TSeq(Class=RI%gcd=1%SI=25716) T1(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T7(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host unnamed.infotel.bg (212.39.65.19) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.65.19) Adding TCP port 23 (state Open). Adding TCP port 79 (state Open). The SYN scan took 12 seconds to scan 120 ports. For OSScan assuming that port 23 is open and port 42662 is closed and neither are firewalled Interesting ports on unnamed.infotel.bg (212.39.65.19): Port State Protocol Service 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=random positive increments Difficulty=87562 (Worthy challenge) Sequence numbers: 10D0192D 10D9FE57 10E56649 10EF2A8F 10FC1FA3 110579DE Remote operating system guess: Cisco 25XX/45XX Router or 29XX switch (IOS 11.2) OS Fingerprint: TSeq(Class=RI%gcd=1%SI=1560A) T1(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=10C0%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host unnamed.infotel.bg (212.39.65.20) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.31) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.31) seems to be a subnet broadcast address (returned 2 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.65.32) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.72) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.65.72) The SYN scan took 398 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.65.72): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.65.73) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.113) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.65.113) The SYN scan took 398 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.65.113): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.65.114) appears to be down, skipping it. Host pppsof1.infotel.bg (212.39.65.129) appears to be up ... good. Initiating SYN half-open stealth scan against pppsof1.infotel.bg (212.39.65.129) RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 The SYN scan took 441 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on pppsof1.infotel.bg (212.39.65.129): Port State Protocol Service 21 filtered tcp ftp 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc Remote OS guesses: Windows NT4 / Win95 / Win98, Windows NT 5 Beta2 OS Fingerprint: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=S++%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host pppsof2.infotel.bg (212.39.65.130) appears to be down, skipping it. Host pppsof3.infotel.bg (212.39.65.131) appears to be down, skipping it. Host pppsof4.infotel.bg (212.39.65.132) appears to be up ... good. Initiating SYN half-open stealth scan against pppsof4.infotel.bg (212.39.65.132) The SYN scan took 122 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on pppsof4.infotel.bg (212.39.65.132): Port State Protocol Service 21 filtered tcp ftp 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc Remote OS guesses: Windows NT4 / Win95 / Win98, Windows NT 5 Beta2 OS Fingerprint: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=S++%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host pppsof5.infotel.bg (212.39.65.133) appears to be up ... good. Initiating SYN half-open stealth scan against pppsof5.infotel.bg (212.39.65.133) The SYN scan took 33 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on pppsof5.infotel.bg (212.39.65.133): Port State Protocol Service 21 filtered tcp ftp 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc Remote OS guesses: Windows NT4 / Win95 / Win98, Windows NT 5 Beta2 OS Fingerprint: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=S++%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host pppsof6.infotel.bg (212.39.65.134) appears to be down, skipping it. Host pppsof7.infotel.bg (212.39.65.135) appears to be up ... good. Initiating SYN half-open stealth scan against pppsof7.infotel.bg (212.39.65.135) The SYN scan took 316 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on pppsof7.infotel.bg (212.39.65.135): Port State Protocol Service 21 filtered tcp ftp 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc Remote OS guesses: Windows NT4 / Win95 / Win98, Windows NT 5 Beta2 OS Fingerprint: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=S++%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host pppsof8.infotel.bg (212.39.65.136) appears to be down, skipping it. Host pppsof9.infotel.bg (212.39.65.137) appears to be down, skipping it. Host pppsof10.infotel.bg (212.39.65.138) appears to be up ... good. Initiating SYN half-open stealth scan against pppsof10.infotel.bg (212.39.65.138) The SYN scan took 397 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on pppsof10.infotel.bg (212.39.65.138): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host pppsof11.infotel.bg (212.39.65.139) appears to be up ... good. Initiating SYN half-open stealth scan against pppsof11.infotel.bg (212.39.65.139) The SYN scan took 78 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on pppsof11.infotel.bg (212.39.65.139): Port State Protocol Service 21 filtered tcp ftp 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc No OS matches for this host. TCP fingerprints: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host pppsof12.infotel.bg (212.39.65.140) appears to be down, skipping it. Host pppsof13.infotel.bg (212.39.65.141) appears to be up ... good. Initiating SYN half-open stealth scan against pppsof13.infotel.bg (212.39.65.141) The SYN scan took 397 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on pppsof13.infotel.bg (212.39.65.141): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host pppsof14.infotel.bg (212.39.65.142) appears to be down, skipping it. Host pppsof15.infotel.bg (212.39.65.143) appears to be down, skipping it. Host pppsof16.infotel.bg (212.39.65.144) appears to be down, skipping it. Host pppsof17.infotel.bg (212.39.65.145) appears to be up ... good. Initiating SYN half-open stealth scan against pppsof17.infotel.bg (212.39.65.145) Adding TCP port 59 (state Open). Adding TCP port 79 (state Open). Adding TCP port 113 (state Open). The SYN scan took 19 seconds to scan 120 ports. For OSScan assuming that port 59 is open and port 33587 is closed and neither are firewalled Interesting ports on pppsof17.infotel.bg (212.39.65.145): Port State Protocol Service 21 filtered tcp ftp 49 filtered tcp unknown 59 open tcp unknown 79 open tcp finger 80 filtered tcp www 111 filtered tcp sunrpc 113 open tcp auth TCP Sequence Prediction: Class=random positive increments Difficulty=476 (Medium) Sequence numbers: 753694 753AE5 753D62 7540FA 754876 Remote operating system guess: Windows NT4 / Win95 / Win98 OS Fingerprint: TSeq(Class=RI%gcd=1%SI=1DC) T1(Resp=Y%DF=Y%W=16D0%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=Y%W=16D0%ACK=S++%Flags=AS%Ops=M) T4(Resp=N) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=S++%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host pppsof18.infotel.bg (212.39.65.146) appears to be down, skipping it. Host pppsof19.infotel.bg (212.39.65.147) appears to be up ... good. Initiating SYN half-open stealth scan against pppsof19.infotel.bg (212.39.65.147) The SYN scan took 397 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on pppsof19.infotel.bg (212.39.65.147): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host pppsof20.infotel.bg (212.39.65.148) appears to be down, skipping it. Host pppsof27.infotel.bg (212.39.65.155) appears to be down, skipping it. Host pppsof28.infotel.bg (212.39.65.156) appears to be up ... good. Initiating SYN half-open stealth scan against pppsof28.infotel.bg (212.39.65.156) The SYN scan took 16 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on pppsof28.infotel.bg (212.39.65.156): Port State Protocol Service 21 filtered tcp ftp 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc Remote OS guesses: Windows NT4 / Win95 / Win98, Windows NT 5 Beta2 OS Fingerprint: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=S++%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host pppsof29.infotel.bg (212.39.65.157) appears to be down, skipping it. Host pppsof30.infotel.bg (212.39.65.158) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.159) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.192) seems to be a subnet broadcast address (returned 2 extra pings). Skipping host. Host fpn.infotel.bg (212.39.65.193) appears to be up ... good. Initiating SYN half-open stealth scan against fpn.infotel.bg (212.39.65.193) Adding TCP port 9 (state Open). Adding TCP port 13 (state Open). Adding TCP port 53 (state Open). Adding TCP port 25 (state Open). Adding TCP port 7 (state Open). Adding TCP port 37 (state Open). Adding TCP port 23 (state Open). Adding TCP port 119 (state Open). Adding TCP port 79 (state Open). Adding TCP port 19 (state Open). Adding TCP port 110 (state Open). Adding TCP port 113 (state Open). The SYN scan took 19 seconds to scan 120 ports. For OSScan assuming that port 7 is open and port 44655 is closed and neither are firewalled Interesting ports on fpn.infotel.bg (212.39.65.193): Port State Protocol Service 7 open tcp echo 9 open tcp discard 13 open tcp daytime 19 open tcp chargen 21 filtered tcp ftp 23 open tcp telnet 25 open tcp smtp 37 open tcp time 49 filtered tcp unknown 53 open tcp domain 79 open tcp finger 80 filtered tcp www 110 open tcp pop3 111 filtered tcp sunrpc 113 open tcp auth 119 open tcp nntp TCP Sequence Prediction: Class=64K rule Difficulty=1 (Trivial joke) Sequence numbers: 50641400 50650E00 50660800 5067FC00 5069F000 Remote operating system guess: HP-UX 10.20 E 9000/777 or A 712/60 with tcp_random_seq = 0 OS Fingerprint: TSeq(Class=64K) T1(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=Y%W=8000%ACK=O%Flags=A%Ops=) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=E%ULEN=134%DAT=E) <[ :))) Just sits and wait to be f*cked.... ]> Host unnamed.infotel.bg (212.39.65.194) appears to be down, skipping it. Host db.infotel.bg (212.39.65.195) appears to be up ... good. Initiating SYN half-open stealth scan against db.infotel.bg (212.39.65.195) Adding TCP port 9 (state Open). Adding TCP port 13 (state Open). Adding TCP port 25 (state Open). Adding TCP port 7 (state Open). Adding TCP port 23 (state Open). Adding TCP port 37 (state Open). Adding TCP port 19 (state Open). Adding TCP port 113 (state Open). The SYN scan took 13 seconds to scan 120 ports. For OSScan assuming that port 7 is open and port 35861 is closed and neither are firewalled For OSScan assuming that port 7 is open and port 42889 is closed and neither are firewalled Interesting ports on db.infotel.bg (212.39.65.195): Port State Protocol Service 7 open tcp echo 9 open tcp discard 13 open tcp daytime 19 open tcp chargen 21 filtered tcp ftp 23 open tcp telnet 25 open tcp smtp 37 open tcp time 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc 113 open tcp auth TCP Sequence Prediction: Class=64K rule Difficulty=1 (Trivial joke) Sequence numbers: 54185201 54194C01 541A4601 541B4001 541C3A01 541D3401 Remote operating system guess: HP-UX 10.20 E 9000/777 or A 712/60 with tcp_random_seq = 0 OS Fingerprint: TSeq(Class=64K) T1(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=Y%W=8000%ACK=O%Flags=A%Ops=) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=E%ULEN=134%DAT=E) <[ There could be some very interesting things on this machine... ]> Host www1.infotel.bg (212.39.65.196) appears to be up ... good. Initiating SYN half-open stealth scan against www1.infotel.bg (212.39.65.196) Adding TCP port 9 (state Open). Adding TCP port 13 (state Open). Adding TCP port 53 (state Open). Adding TCP port 25 (state Open). Adding TCP port 7 (state Open). Adding TCP port 23 (state Open). Adding TCP port 37 (state Open). Adding TCP port 79 (state Open). Adding TCP port 19 (state Open). Adding TCP port 110 (state Open). The SYN scan took 22 seconds to scan 120 ports. For OSScan assuming that port 7 is open and port 35473 is closed and neither are firewalled Interesting ports on www1.infotel.bg (212.39.65.196): Port State Protocol Service 7 open tcp echo 9 open tcp discard 13 open tcp daytime 19 open tcp chargen 21 filtered tcp ftp 23 open tcp telnet 25 open tcp smtp 37 open tcp time 49 filtered tcp unknown 53 open tcp domain 79 open tcp finger 80 filtered tcp www 110 open tcp pop3 111 filtered tcp sunrpc TCP Sequence Prediction: Class=64K rule Difficulty=1 (Trivial joke) Sequence numbers: 136F9600 13709000 13718A00 13728400 13737E00 13757200 Remote operating system guess: HP-UX 10.20 E 9000/777 or A 712/60 with tcp_random_seq = 0 OS Fingerprint: TSeq(Class=64K) T1(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=Y%W=8000%ACK=O%Flags=A%Ops=) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=E%ULEN=134%DAT=E) Host hdesk.gurko.cits.btc.bg (212.39.65.197) appears to be up ... good. Initiating SYN half-open stealth scan against hdesk.gurko.cits.btc.bg (212.39.65.197) Adding TCP port 9 (state Open). Adding TCP port 13 (state Open). Adding TCP port 53 (state Open). Adding TCP port 25 (state Open). Adding TCP port 7 (state Open). Adding TCP port 23 (state Open). Adding TCP port 37 (state Open). Adding TCP port 19 (state Open). Adding TCP port 113 (state Open). The SYN scan took 11 seconds to scan 120 ports. For OSScan assuming that port 7 is open and port 36042 is closed and neither are firewalled Insufficient responses for TCP sequencing (3), OS detection will be MUCH less reliable Interesting ports on hdesk.gurko.cits.btc.bg (212.39.65.197): Port State Protocol Service 7 open tcp echo 9 open tcp discard 13 open tcp daytime 19 open tcp chargen 21 filtered tcp ftp 23 open tcp telnet 25 open tcp smtp 37 open tcp time 49 filtered tcp unknown 53 open tcp domain 80 filtered tcp www 111 filtered tcp sunrpc 113 open tcp auth Remote OS guesses: HP-UX 10.20 E 9000/777 or A 712/60 with tcp_random_seq = 0, HP-UX 10.20 OS Fingerprint: T1(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=Y%W=8000%ACK=O%Flags=A%Ops=) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=E%ULEN=134%DAT=E) <[ Hdesk ? Sounds like HelpDesk ...gurko.cits sounds like it's possition ....has some one gone to CITS on Gurko str. ? :) ]> Host unnamed.infotel.bg (212.39.65.198) appears to be up ... good. Initiating SYN half-open stealth scan against unnamed.infotel.bg (212.39.65.198) Here it is: 3 4 13 1 0 0 0 0 45 0 1 52 1 28 40 0 3F 6 69 B4 C2 C EB C1 C2 8D 19 C1 66 FE C 38 59 B6 1D E Here it is: 3 4 13 1 0 0 0 0 45 0 1 52 1 28 40 0 3F 6 69 80 C2 C EB C1 C2 8D 19 C1 66 FE C 38 59 B6 1D E The SYN scan took 397 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on unnamed.infotel.bg (212.39.65.198): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Host ibm2210.infotel.bg (212.39.65.199) appears to be up ... good. Initiating SYN half-open stealth scan against ibm2210.infotel.bg (212.39.65.199) Adding TCP port 9 (state Open). Adding TCP port 23 (state Open). The SYN scan took 22 seconds to scan 120 ports. For OSScan assuming that port 9 is open and port 31016 is closed and neither are firewalled For OSScan assuming that port 9 is open and port 34912 is closed and neither are firewalled WARNING: RST from port 9 -- is this port really open? For OSScan assuming that port 9 is open and port 30676 is closed and neither are firewalled Interesting ports on ibm2210.infotel.bg (212.39.65.199): Port State Protocol Service 9 open tcp discard 21 filtered tcp ftp 23 open tcp telnet 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc TCP Sequence Prediction: Class=trivial time dependency Difficulty=8 (Trivial joke) Sequence numbers: 6F2501 6F2545 6F258A 6F25C8 6F2601 6F2651 No OS matches for this host. TCP fingerprints: TSeq(Class=TD%gcd=1%SI=1B) TSeq(Class=TD%gcd=1%SI=43) TSeq(Class=TD%gcd=1%SI=8) T1(Resp=Y%DF=N%W=200%ACK=S++%Flags=AS%Ops=ML) T2(Resp=N) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T4(Resp=Y%DF=N%W=0%ACK=S++%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T6(Resp=Y%DF=N%W=0%ACK=S++%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host br.infotel.bg (212.39.65.200) appears to be up ... good. Initiating SYN half-open stealth scan against br.infotel.bg (212.39.65.200) The SYN scan took 13 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on br.infotel.bg (212.39.65.200): Port State Protocol Service 21 filtered tcp ftp 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc No OS matches for this host. TCP fingerprints: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T5(Resp=N) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T6(Resp=N) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T7(Resp=N) PU(Resp=N) Host unnamed.infotel.bg (212.39.65.201) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.207) seems to be a subnet broadcast address (returned 1 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.65.208) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.208) seems to be a subnet broadcast address (returned 1 extra pings). Skipping host. Host db.infotel.bg (212.39.65.209) appears to be up ... good. Initiating SYN half-open stealth scan against db.infotel.bg (212.39.65.209) Adding TCP port 9 (state Open). Adding TCP port 13 (state Open). Adding TCP port 25 (state Open). Adding TCP port 7 (state Open). Adding TCP port 70 (state Firewalled). Adding TCP port 37 (state Open). Adding TCP port 19 (state Open). Adding TCP port 113 (state Open). Adding TCP port 43 (state Firewalled). Adding TCP port 23 (state Firewalled). The SYN scan took 16 seconds to scan 120 ports. For OSScan assuming that port 7 is open and port 30826 is closed and neither are firewalled For OSScan assuming that port 7 is open and port 30920 is closed and neither are firewalled Interesting ports on db.infotel.bg (212.39.65.209): Port State Protocol Service 7 open tcp echo 9 open tcp discard 13 open tcp daytime 19 open tcp chargen 21 filtered tcp ftp 23 filtered tcp telnet 25 open tcp smtp 37 open tcp time 43 filtered tcp whois 49 filtered tcp unknown 70 filtered tcp gopher 80 filtered tcp www 111 filtered tcp sunrpc 113 open tcp auth TCP Sequence Prediction: Class=64K rule Difficulty=1 (Trivial joke) Sequence numbers: 542DCE01 542EC801 542FC201 5430BC01 5431B601 5432B001 Remote operating system guess: HP-UX 10.20 E 9000/777 or A 712/60 with tcp_random_seq = 0 OS Fingerprint: TSeq(Class=64K) T1(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=Y%W=8000%ACK=O%Flags=A%Ops=) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=E%ULEN=134%DAT=E) Host fpn.infotel.bg (212.39.65.210) appears to be up ... good. Initiating SYN half-open stealth scan against fpn.infotel.bg (212.39.65.210) Adding TCP port 9 (state Open). Adding TCP port 13 (state Open). Adding TCP port 53 (state Open). Adding TCP port 25 (state Open). Adding TCP port 7 (state Open). Adding TCP port 70 (state Firewalled). Adding TCP port 37 (state Open). Adding TCP port 119 (state Open). Adding TCP port 79 (state Open). Adding TCP port 19 (state Open). Adding TCP port 110 (state Open). Adding TCP port 113 (state Open). Adding TCP port 23 (state Firewalled). Adding TCP port 43 (state Firewalled). The SYN scan took 19 seconds to scan 120 ports. For OSScan assuming that port 7 is open and port 38565 is closed and neither are firewalled Interesting ports on fpn.infotel.bg (212.39.65.210): Port State Protocol Service 7 open tcp echo 9 open tcp discard 13 open tcp daytime 19 open tcp chargen 21 filtered tcp ftp 23 filtered tcp telnet 25 open tcp smtp 37 open tcp time 43 filtered tcp whois 49 filtered tcp unknown 53 open tcp domain 70 filtered tcp gopher 79 open tcp finger 80 filtered tcp www 110 open tcp pop3 111 filtered tcp sunrpc 113 open tcp auth 119 open tcp nntp TCP Sequence Prediction: Class=64K rule Difficulty=1 (Trivial joke) Sequence numbers: 55BF2C00 55C21A00 55C60200 55C6FC00 55CAE400 55CBDE00 Remote operating system guess: HP-UX 10.20 E 9000/777 or A 712/60 with tcp_random_seq = 0 OS Fingerprint: TSeq(Class=64K) T1(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=Y%W=8000%ACK=O%Flags=A%Ops=) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=E%ULEN=134%DAT=E) Host www1.infotel.bg (212.39.65.211) appears to be up ... good. Initiating SYN half-open stealth scan against www1.infotel.bg (212.39.65.211) Adding TCP port 9 (state Open). Adding TCP port 13 (state Open). Adding TCP port 53 (state Open). Adding TCP port 25 (state Open). Adding TCP port 7 (state Open). Adding TCP port 23 (state Firewalled). Adding TCP port 37 (state Open). Adding TCP port 79 (state Open). Adding TCP port 70 (state Firewalled). Adding TCP port 19 (state Open). Adding TCP port 110 (state Open). Adding TCP port 43 (state Firewalled). The SYN scan took 15 seconds to scan 120 ports. For OSScan assuming that port 7 is open and port 43012 is closed and neither are firewalled Interesting ports on www1.infotel.bg (212.39.65.211): Port State Protocol Service 7 open tcp echo 9 open tcp discard 13 open tcp daytime 19 open tcp chargen 21 filtered tcp ftp 23 filtered tcp telnet 25 open tcp smtp 37 open tcp time 43 filtered tcp whois 49 filtered tcp unknown 53 open tcp domain 70 filtered tcp gopher 79 open tcp finger 80 filtered tcp www 110 open tcp pop3 111 filtered tcp sunrpc TCP Sequence Prediction: Class=64K rule Difficulty=1 (Trivial joke) Sequence numbers: 15658A00 15668400 15687800 15697200 156A6C00 156B6600 Remote operating system guess: HP-UX 10.20 E 9000/777 or A 712/60 with tcp_random_seq = 0 OS Fingerprint: TSeq(Class=64K) T1(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=Y%W=8000%ACK=O%Flags=A%Ops=) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=E%ULEN=134%DAT=E) Host fw.infotel.bg (212.39.65.212) appears to be up ... good. Initiating SYN half-open stealth scan against fw.infotel.bg (212.39.65.212) Adding TCP port 109 (state Open). Adding TCP port 53 (state Open). Adding TCP port 25 (state Open). Adding TCP port 23 (state Firewalled). Adding TCP port 119 (state Open). Adding TCP port 70 (state Firewalled). Adding TCP port 43 (state Firewalled). Adding TCP port 110 (state Open). The SYN scan took 13 seconds to scan 120 ports. For OSScan assuming that port 25 is open and port 34434 is closed and neither are firewalled For OSScan assuming that port 25 is open and port 33472 is closed and neither are firewalled Interesting ports on fw.infotel.bg (212.39.65.212): Port State Protocol Service 21 filtered tcp ftp 23 filtered tcp telnet 25 open tcp smtp 43 filtered tcp whois 49 filtered tcp unknown 53 open tcp domain 70 filtered tcp gopher 80 filtered tcp www 109 open tcp pop2 110 open tcp pop3 111 filtered tcp sunrpc 119 open tcp nntp TCP Sequence Prediction: Class=random positive increments Difficulty=22031 (Worthy challenge) Sequence numbers: 33F3C725 33F45449 33F4D856 33F596D9 33F7041A 33F8023D Remote operating system guess: HP-UX 10.20 OS Fingerprint: TSeq(Class=RI%gcd=1%SI=560F) T1(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=M) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=Y%W=8000%ACK=O%Flags=A%Ops=) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=E%ULEN=134%DAT=E) Host unnamed.infotel.bg (212.39.65.213) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.214) appears to be down, skipping it. Host nb.infotel.bg (212.39.65.215) appears to be down, skipping it. Host switch.infotel.bg (212.39.65.216) appears to be up ... good. Initiating SYN half-open stealth scan against switch.infotel.bg (212.39.65.216) Adding TCP port 70 (state Firewalled). Adding TCP port 23 (state Firewalled). Adding TCP port 43 (state Firewalled). The SYN scan took 30 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on switch.infotel.bg (212.39.65.216): Port State Protocol Service 21 filtered tcp ftp 23 filtered tcp telnet 43 filtered tcp whois 49 filtered tcp unknown 70 filtered tcp gopher 80 filtered tcp www 111 filtered tcp sunrpc Remote OS guesses: 3Com SuperStack II (unknown OS version), Asanta IntraStack Ethernet Switch (6014 DSB Versions: BP(2.06 ), FW(1.03 )), Asanta IntraSwitch 5324, AsanteHub 2072 Ethernet Hub OS Fingerprint: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=APR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=S%Flags=APR%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=APR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host unnamed.infotel.bg (212.39.65.217) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.218) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.219) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.220) appears to be down, skipping it. Host br.infotel.bg (212.39.65.221) appears to be up ... good. Initiating SYN half-open stealth scan against br.infotel.bg (212.39.65.221) The SYN scan took 18 seconds to scan 120 ports. Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Warning: No ports found open on this machine, OS detection will be MUCH less reliable Interesting ports on br.infotel.bg (212.39.65.221): Port State Protocol Service 21 filtered tcp ftp 49 filtered tcp unknown 80 filtered tcp www 111 filtered tcp sunrpc No OS matches for this host. TCP fingerprints: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=N) Host unnamed.infotel.bg (212.39.65.222) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.223) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.223) seems to be a subnet broadcast address (returned 1 extra pings). Skipping host. Host unnamed.infotel.bg (212.39.65.224) appears to be down, skipping it. Host unnamed.infotel.bg (212.39.65.255) appears to be down, skipping it. Nmap run completed -- 512 IP addresses (75 hosts up) scanned in 15926 seconds <[So ... for the statistics - 13 Ciscos, 10 Windows machines... Does this look like a small provider that won't kill the others ? ]> 1.4. sendmail, qmail - mail agents, versions Here it will be very good to use the EXPN command, which gives all the aliases for a given address ...example: Trying 194.12.224.34... Connected to home.nat.bg. Escape character is '^]'. 220 home.ntrl.net ESMTP Sendmail My/Config; Sun, 18 Jul 1999 18:59:21 +0300 HELO my.machine.com 250 home.ntrl.net Hello root@doom.damned.net [14.122.25.14], pleased to meet you EXPN root 250 EXPN delian 250 EXPN postmaster 250 QUIT 221 home.ntrl.net closing connection Here you can see how all the mail of the root account is forwarded to postmaster. This way you can see which one is root's unprvileged account, as usually the admins forward the root's email to their own. 1.5. web - the different serverices that are avialable, the sites hosted there, emails of the technical and administrative contacts (easy to phish), mrtg, different DBs, avialable from the web,like lotus notes and user-supports, etc. <[ Here for example i can give you BIA's and Naturella's (now Lirex) systems - you can get a lot of information about the user who's account you're using...... Anyone can try this, even under windows :) ]> 1.6. FTP - annonymous ftp server, open incoming directory, favourable files on the server. I've used the FTP server of Sofia University for example (ftp.uni-sofia.bg). From the begining you can see some interesting things, like that there resides ftp.bguug.bg or it's mirror, which is on another HDD (when you go to that directory, you can see lost+found directory, which is created at every ext2fs' partiton's root directiory). Looks like there is connection between bguug and uni-sofia .... <[ Some more information become avialable after the completion of the article, as ftp.bguug.bg was on a sepatate machine which blew up, and because nobody cares about it it still resides there ]> Another interesting thing is that there are 2 public writeable directorutes, incoming and hdd (???), but both aren't readable for the annonymous ftp user. In the /pub directory you can find things such as software for MacOS, OS/2, win31, win95, winNT, dos... In fact, the pub directory of every school/corporation/etc. can tell you the type of software that is used within it, just because nobody leaves something he doesn't use/need on his ftp server. This way, you can find that for exampe someone uses wingate .... :) 1.7. SNMP - interfaces,netstats,easy portscan. Creating of a map of the network based on SNMP. Example sump of a SNMP database: system.sysDescr.0 = OCTET STRING: "Linux xxx 2.2.10 i586" system.sysObjectID.0 = OBJECT IDENTIFIER: enterprises.tubs.ibr.linuxMIB system.sysUpTime.0 = Timeticks: (42416875) 4 days, 21:49:28 system.sysContact.0 = OCTET STRING: "Not Configured" system.sysName.0 = OCTET STRING: "xxx" Hex: 65 6F 73 system.sysLocation.0 = OCTET STRING: "Not Configured" system.sysServices.0 = INTEGER: 72 system.sysORLastChange.0 = Timeticks: (0) 0:00:00 system.sysORTable.sysOREntry.sysORID.1 = OBJECT IDENTIFIER: enterprises.tubs.ibr.linuxMIB.1.1 system.sysORTable.sysOREntry.sysORDescr.1 = OCTET STRING: "LINUX agent" system.sysORTable.sysOREntry.sysORUpTime.1 = Timeticks: (42416876) 4 days, 21:49:28 <[ System's identification... uptime, name, location ]> interfaces.ifNumber.0 = INTEGER: 9 <[ number of the interfaces on the machine... ]> interfaces.ifTable.ifEntry.ifIndex.1 = INTEGER: 1 interfaces.ifTable.ifEntry.ifIndex.2 = INTEGER: 2 interfaces.ifTable.ifEntry.ifIndex.3 = INTEGER: 3 interfaces.ifTable.ifEntry.ifIndex.4 = INTEGER: 4 interfaces.ifTable.ifEntry.ifIndex.5 = INTEGER: 5 interfaces.ifTable.ifEntry.ifIndex.6 = INTEGER: 6 interfaces.ifTable.ifEntry.ifIndex.7 = INTEGER: 7 interfaces.ifTable.ifEntry.ifIndex.8 = INTEGER: 8 interfaces.ifTable.ifEntry.ifIndex.9 = INTEGER: 9 interfaces.ifTable.ifEntry.ifDescr.1 = OCTET STRING: "lo" Hex: 6C 6F interfaces.ifTable.ifEntry.ifDescr.2 = OCTET STRING: "eth0" Hex: 65 74 68 30 interfaces.ifTable.ifEntry.ifDescr.3 = OCTET STRING: "dummy0" interfaces.ifTable.ifEntry.ifDescr.4 = OCTET STRING: "ppp0" Hex: 70 70 70 30 interfaces.ifTable.ifEntry.ifDescr.5 = OCTET STRING: "ppp5" Hex: 70 70 70 35 interfaces.ifTable.ifEntry.ifDescr.6 = OCTET STRING: "ppp1" Hex: 70 70 70 31 interfaces.ifTable.ifEntry.ifDescr.7 = OCTET STRING: "ppp3" Hex: 70 70 70 33 interfaces.ifTable.ifEntry.ifDescr.8 = OCTET STRING: "ppp4" Hex: 70 70 70 34 interfaces.ifTable.ifEntry.ifDescr.9 = OCTET STRING: "ppp2" Hex: 70 70 70 32 <[ The part aboe just tells the interfaces' names ]> interfaces.ifTable.ifEntry.ifType.1 = INTEGER: softwareLoopback(24) interfaces.ifTable.ifEntry.ifType.2 = INTEGER: ethernet-csmacd(6) interfaces.ifTable.ifEntry.ifType.3 = INTEGER: other(1) interfaces.ifTable.ifEntry.ifType.4 = INTEGER: ppp(23) interfaces.ifTable.ifEntry.ifType.5 = INTEGER: ppp(23) interfaces.ifTable.ifEntry.ifType.6 = INTEGER: ppp(23) interfaces.ifTable.ifEntry.ifType.7 = INTEGER: ppp(23) interfaces.ifTable.ifEntry.ifType.8 = INTEGER: ppp(23) interfaces.ifTable.ifEntry.ifType.9 = INTEGER: ppp(23) interfaces.ifTable.ifEntry.ifMtu.1 = INTEGER: 3924 interfaces.ifTable.ifEntry.ifMtu.2 = INTEGER: 1500 interfaces.ifTable.ifEntry.ifMtu.3 = INTEGER: 1500 interfaces.ifTable.ifEntry.ifMtu.4 = INTEGER: 576 interfaces.ifTable.ifEntry.ifMtu.5 = INTEGER: 1500 interfaces.ifTable.ifEntry.ifMtu.6 = INTEGER: 576 interfaces.ifTable.ifEntry.ifMtu.7 = INTEGER: 1500 interfaces.ifTable.ifEntry.ifMtu.8 = INTEGER: 1500 interfaces.ifTable.ifEntry.ifMtu.9 = INTEGER: 1500 interfaces.ifTable.ifEntry.ifSpeed.1 = Gauge: 10000000 interfaces.ifTable.ifEntry.ifSpeed.2 = Gauge: 10000000 interfaces.ifTable.ifEntry.ifSpeed.3 = Gauge: 0 interfaces.ifTable.ifEntry.ifSpeed.4 = Gauge: 28800 interfaces.ifTable.ifEntry.ifSpeed.5 = Gauge: 28800 interfaces.ifTable.ifEntry.ifSpeed.6 = Gauge: 28800 interfaces.ifTable.ifEntry.ifSpeed.7 = Gauge: 28800 interfaces.ifTable.ifEntry.ifSpeed.8 = Gauge: 28800 interfaces.ifTable.ifEntry.ifSpeed.9 = Gauge: 28800 <[ some parametrs ..... ]> interfaces.ifTable.ifEntry.ifPhysAddress.1 = OCTET STRING: Hex: 00 00 00 00 00 00 interfaces.ifTable.ifEntry.ifPhysAddress.2 = OCTET STRING: Hex: 52 54 AB DD 28 47 interfaces.ifTable.ifEntry.ifPhysAddress.3 = OCTET STRING: Hex: 00 00 00 00 00 00 interfaces.ifTable.ifEntry.ifPhysAddress.4 = OCTET STRING: Hex: 00 00 00 00 00 00 interfaces.ifTable.ifEntry.ifPhysAddress.5 = OCTET STRING: Hex: 00 00 00 00 00 00 interfaces.ifTable.ifEntry.ifPhysAddress.6 = OCTET STRING: Hex: 00 00 00 00 00 00 interfaces.ifTable.ifEntry.ifPhysAddress.7 = OCTET STRING: Hex: 00 00 00 00 00 00 interfaces.ifTable.ifEntry.ifPhysAddress.8 = OCTET STRING: Hex: 00 00 00 00 00 00 interfaces.ifTable.ifEntry.ifPhysAddress.9 = OCTET STRING: Hex: 00 00 00 00 00 00 interfaces.ifTable.ifEntry.ifAdminStatus.1 = INTEGER: up(1) interfaces.ifTable.ifEntry.ifAdminStatus.2 = INTEGER: up(1) interfaces.ifTable.ifEntry.ifAdminStatus.3 = INTEGER: up(1) interfaces.ifTable.ifEntry.ifAdminStatus.4 = INTEGER: up(1) interfaces.ifTable.ifEntry.ifAdminStatus.5 = INTEGER: down(2) interfaces.ifTable.ifEntry.ifAdminStatus.6 = INTEGER: up(1) interfaces.ifTable.ifEntry.ifAdminStatus.7 = INTEGER: down(2) interfaces.ifTable.ifEntry.ifAdminStatus.8 = INTEGER: down(2) interfaces.ifTable.ifEntry.ifAdminStatus.9 = INTEGER: down(2) interfaces.ifTable.ifEntry.ifOperStatus.1 = INTEGER: up(1) interfaces.ifTable.ifEntry.ifOperStatus.2 = INTEGER: up(1) interfaces.ifTable.ifEntry.ifOperStatus.3 = INTEGER: up(1) interfaces.ifTable.ifEntry.ifOperStatus.4 = INTEGER: up(1) interfaces.ifTable.ifEntry.ifOperStatus.5 = INTEGER: down(2) interfaces.ifTable.ifEntry.ifOperStatus.6 = INTEGER: up(1) interfaces.ifTable.ifEntry.ifOperStatus.7 = INTEGER: down(2) interfaces.ifTable.ifEntry.ifOperStatus.8 = INTEGER: down(2) interfaces.ifTable.ifEntry.ifOperStatus.9 = INTEGER: down(2) interfaces.ifTable.ifEntry.ifLastChange.1 = Timeticks: (0) 0:00:00 interfaces.ifTable.ifEntry.ifLastChange.2 = Timeticks: (0) 0:00:00 interfaces.ifTable.ifEntry.ifLastChange.3 = Timeticks: (0) 0:00:00 interfaces.ifTable.ifEntry.ifLastChange.4 = Timeticks: (0) 0:00:00 interfaces.ifTable.ifEntry.ifLastChange.5 = Timeticks: (0) 0:00:00 interfaces.ifTable.ifEntry.ifLastChange.6 = Timeticks: (0) 0:00:00 interfaces.ifTable.ifEntry.ifLastChange.7 = Timeticks: (0) 0:00:00 interfaces.ifTable.ifEntry.ifLastChange.8 = Timeticks: (0) 0:00:00 interfaces.ifTable.ifEntry.ifLastChange.9 = Timeticks: (0) 0:00:00 interfaces.ifTable.ifEntry.ifInOctets.1 = Counter: 176674335 interfaces.ifTable.ifEntry.ifInOctets.2 = Counter: 139040096 interfaces.ifTable.ifEntry.ifInOctets.3 = Counter: 0 interfaces.ifTable.ifEntry.ifInOctets.4 = Counter: 167871867 interfaces.ifTable.ifEntry.ifInOctets.5 = Counter: 3721 interfaces.ifTable.ifEntry.ifInOctets.6 = Counter: 57281 interfaces.ifTable.ifEntry.ifInOctets.7 = Counter: 218308 interfaces.ifTable.ifEntry.ifInOctets.8 = Counter: 31701 interfaces.ifTable.ifEntry.ifInOctets.9 = Counter: 3920 interfaces.ifTable.ifEntry.ifInUcastPkts.1 = Counter: 2160934 interfaces.ifTable.ifEntry.ifInUcastPkts.2 = Counter: 836960 interfaces.ifTable.ifEntry.ifInUcastPkts.3 = Counter: 0 interfaces.ifTable.ifEntry.ifInUcastPkts.4 = Counter: 613948 interfaces.ifTable.ifEntry.ifInUcastPkts.5 = Counter: 107 interfaces.ifTable.ifEntry.ifInUcastPkts.6 = Counter: 2313 interfaces.ifTable.ifEntry.ifInUcastPkts.7 = Counter: 3234 interfaces.ifTable.ifEntry.ifInUcastPkts.8 = Counter: 464 interfaces.ifTable.ifEntry.ifInUcastPkts.9 = Counter: 46 interfaces.ifTable.ifEntry.ifInNUcastPkts.1 = Counter: 0 interfaces.ifTable.ifEntry.ifInNUcastPkts.2 = Counter: 0 interfaces.ifTable.ifEntry.ifInNUcastPkts.3 = Counter: 0 interfaces.ifTable.ifEntry.ifInNUcastPkts.4 = Counter: 0 interfaces.ifTable.ifEntry.ifInNUcastPkts.5 = Counter: 0 interfaces.ifTable.ifEntry.ifInNUcastPkts.6 = Counter: 0 interfaces.ifTable.ifEntry.ifInNUcastPkts.7 = Counter: 0 interfaces.ifTable.ifEntry.ifInNUcastPkts.8 = Counter: 0 interfaces.ifTable.ifEntry.ifInNUcastPkts.9 = Counter: 0 interfaces.ifTable.ifEntry.ifInDiscards.1 = Counter: 0 interfaces.ifTable.ifEntry.ifInDiscards.2 = Counter: 0 interfaces.ifTable.ifEntry.ifInDiscards.3 = Counter: 0 interfaces.ifTable.ifEntry.ifInDiscards.4 = Counter: 0 interfaces.ifTable.ifEntry.ifInDiscards.5 = Counter: 0 interfaces.ifTable.ifEntry.ifInDiscards.6 = Counter: 0 interfaces.ifTable.ifEntry.ifInDiscards.7 = Counter: 0 interfaces.ifTable.ifEntry.ifInDiscards.8 = Counter: 0 interfaces.ifTable.ifEntry.ifInDiscards.9 = Counter: 0 interfaces.ifTable.ifEntry.ifInErrors.1 = Counter: 0 interfaces.ifTable.ifEntry.ifInErrors.2 = Counter: 0 interfaces.ifTable.ifEntry.ifInErrors.3 = Counter: 0 interfaces.ifTable.ifEntry.ifInErrors.4 = Counter: 20 interfaces.ifTable.ifEntry.ifInErrors.5 = Counter: 0 interfaces.ifTable.ifEntry.ifInErrors.6 = Counter: 2 interfaces.ifTable.ifEntry.ifInErrors.7 = Counter: 0 interfaces.ifTable.ifEntry.ifInErrors.8 = Counter: 0 interfaces.ifTable.ifEntry.ifInErrors.9 = Counter: 0 interfaces.ifTable.ifEntry.ifInUnknownProtos.1 = Counter: 0 interfaces.ifTable.ifEntry.ifInUnknownProtos.2 = Counter: 0 interfaces.ifTable.ifEntry.ifInUnknownProtos.3 = Counter: 0 interfaces.ifTable.ifEntry.ifInUnknownProtos.4 = Counter: 0 interfaces.ifTable.ifEntry.ifInUnknownProtos.5 = Counter: 0 interfaces.ifTable.ifEntry.ifInUnknownProtos.6 = Counter: 0 interfaces.ifTable.ifEntry.ifInUnknownProtos.7 = Counter: 0 interfaces.ifTable.ifEntry.ifInUnknownProtos.8 = Counter: 0 interfaces.ifTable.ifEntry.ifInUnknownProtos.9 = Counter: 0 interfaces.ifTable.ifEntry.ifOutOctets.1 = Counter: 176674335 interfaces.ifTable.ifEntry.ifOutOctets.2 = Counter: 237343906 interfaces.ifTable.ifEntry.ifOutOctets.3 = Counter: 1641685 interfaces.ifTable.ifEntry.ifOutOctets.4 = Counter: 35680061 interfaces.ifTable.ifEntry.ifOutOctets.5 = Counter: 3173 interfaces.ifTable.ifEntry.ifOutOctets.6 = Counter: 208146 interfaces.ifTable.ifEntry.ifOutOctets.7 = Counter: 1196797 interfaces.ifTable.ifEntry.ifOutOctets.8 = Counter: 120353 interfaces.ifTable.ifEntry.ifOutOctets.9 = Counter: 4279 interfaces.ifTable.ifEntry.ifOutUcastPkts.1 = Counter: 2160934 interfaces.ifTable.ifEntry.ifOutUcastPkts.2 = Counter: 827267 interfaces.ifTable.ifEntry.ifOutUcastPkts.3 = Counter: 3865 interfaces.ifTable.ifEntry.ifOutUcastPkts.4 = Counter: 556396 interfaces.ifTable.ifEntry.ifOutUcastPkts.5 = Counter: 103 interfaces.ifTable.ifEntry.ifOutUcastPkts.6 = Counter: 2286 interfaces.ifTable.ifEntry.ifOutUcastPkts.7 = Counter: 3688 interfaces.ifTable.ifEntry.ifOutUcastPkts.8 = Counter: 433 interfaces.ifTable.ifEntry.ifOutUcastPkts.9 = Counter: 50 interfaces.ifTable.ifEntry.ifOutNUcastPkts.1 = Counter: 0 interfaces.ifTable.ifEntry.ifOutNUcastPkts.2 = Counter: 0 interfaces.ifTable.ifEntry.ifOutNUcastPkts.3 = Counter: 0 interfaces.ifTable.ifEntry.ifOutNUcastPkts.4 = Counter: 0 interfaces.ifTable.ifEntry.ifOutNUcastPkts.5 = Counter: 0 interfaces.ifTable.ifEntry.ifOutNUcastPkts.6 = Counter: 0 interfaces.ifTable.ifEntry.ifOutNUcastPkts.7 = Counter: 0 interfaces.ifTable.ifEntry.ifOutNUcastPkts.8 = Counter: 0 interfaces.ifTable.ifEntry.ifOutNUcastPkts.9 = Counter: 0 interfaces.ifTable.ifEntry.ifOutDiscards.1 = Counter: 0 interfaces.ifTable.ifEntry.ifOutDiscards.2 = Counter: 0 interfaces.ifTable.ifEntry.ifOutDiscards.3 = Counter: 0 interfaces.ifTable.ifEntry.ifOutDiscards.4 = Counter: 0 interfaces.ifTable.ifEntry.ifOutDiscards.5 = Counter: 0 interfaces.ifTable.ifEntry.ifOutDiscards.6 = Counter: 0 interfaces.ifTable.ifEntry.ifOutDiscards.7 = Counter: 0 interfaces.ifTable.ifEntry.ifOutDiscards.8 = Counter: 0 interfaces.ifTable.ifEntry.ifOutDiscards.9 = Counter: 0 interfaces.ifTable.ifEntry.ifOutErrors.1 = Counter: 0 interfaces.ifTable.ifEntry.ifOutErrors.2 = Counter: 920 interfaces.ifTable.ifEntry.ifOutErrors.3 = Counter: 0 interfaces.ifTable.ifEntry.ifOutErrors.4 = Counter: 0 interfaces.ifTable.ifEntry.ifOutErrors.5 = Counter: 0 interfaces.ifTable.ifEntry.ifOutErrors.6 = Counter: 0 interfaces.ifTable.ifEntry.ifOutErrors.7 = Counter: 0 interfaces.ifTable.ifEntry.ifOutErrors.8 = Counter: 0 interfaces.ifTable.ifEntry.ifOutErrors.9 = Counter: 0 interfaces.ifTable.ifEntry.ifOutQLen.1 = Gauge: 0 interfaces.ifTable.ifEntry.ifOutQLen.2 = Gauge: 0 interfaces.ifTable.ifEntry.ifOutQLen.3 = Gauge: 0 interfaces.ifTable.ifEntry.ifOutQLen.4 = Gauge: 0 interfaces.ifTable.ifEntry.ifOutQLen.5 = Gauge: 0 interfaces.ifTable.ifEntry.ifOutQLen.6 = Gauge: 0 interfaces.ifTable.ifEntry.ifOutQLen.7 = Gauge: 0 interfaces.ifTable.ifEntry.ifOutQLen.8 = Gauge: 0 interfaces.ifTable.ifEntry.ifOutQLen.9 = Gauge: 0 interfaces.ifTable.ifEntry.ifSpecific.1 = OBJECT IDENTIFIER: .ccitt.0 interfaces.ifTable.ifEntry.ifSpecific.2 = OBJECT IDENTIFIER: .ccitt.0 interfaces.ifTable.ifEntry.ifSpecific.3 = OBJECT IDENTIFIER: .ccitt.0 interfaces.ifTable.ifEntry.ifSpecific.4 = OBJECT IDENTIFIER: .ccitt.0 interfaces.ifTable.ifEntry.ifSpecific.5 = OBJECT IDENTIFIER: .ccitt.0 interfaces.ifTable.ifEntry.ifSpecific.6 = OBJECT IDENTIFIER: .ccitt.0 interfaces.ifTable.ifEntry.ifSpecific.7 = OBJECT IDENTIFIER: .ccitt.0 interfaces.ifTable.ifEntry.ifSpecific.8 = OBJECT IDENTIFIER: .ccitt.0 interfaces.ifTable.ifEntry.ifSpecific.9 = OBJECT IDENTIFIER: .ccitt.0 <[ Interfaces' status ....... ]> at.atTable.atEntry.atIfIndex.2.1.192.168.0.4 = INTEGER: 2 at.atTable.atEntry.atIfIndex.2.1.12.32.42.194 = INTEGER: 2 at.atTable.atEntry.atIfIndex.2.1.12.32.42.195 = INTEGER: 2 at.atTable.atEntry.atIfIndex.2.1.12.32.42.199 = INTEGER: 2 at.atTable.atEntry.atPhysAddress.2.1.192.168.0.4 = OCTET STRING: Hex: 00 20 AF 3C 07 F7 at.atTable.atEntry.atPhysAddress.2.1.12.32.42.194 = OCTET STRING: Hex: 00 20 AF 90 C9 9E at.atTable.atEntry.atPhysAddress.2.1.12.32.42.195 = OCTET STRING: Hex: 00 00 21 00 0C 90 at.atTable.atEntry.atPhysAddress.2.1.12.32.42.199 = OCTET STRING: Hex: 00 00 21 00 0C 90 at.atTable.atEntry.atNetAddress.2.1.192.168.0.4 = IpAddress: 192.168.0.4 at.atTable.atEntry.atNetAddress.2.1.12.32.42.194 = IpAddress: 12.32.42.194 at.atTable.atEntry.atNetAddress.2.1.12.32.42.195 = IpAddress: 12.32.42.195 at.atTable.atEntry.atNetAddress.2.1.12.32.42.199 = IpAddress: 12.32.42.199 <[ at - address translation .......... ]> ip.ipForwarding.0 = INTEGER: forwarding(1) ip.ipDefaultTTL.0 = INTEGER: 64 ip.ipInReceives.0 = Counter: 4450847 ip.ipInHdrErrors.0 = Counter: 0 ip.ipInAddrErrors.0 = Counter: 0 ip.ipForwDatagrams.0 = Counter: 617086 ip.ipInUnknownProtos.0 = Counter: 0 ip.ipInDiscards.0 = Counter: 0 ip.ipInDelivers.0 = Counter: 2166415 ip.ipOutRequests.0 = Counter: 3754208 ip.ipOutDiscards.0 = Counter: 2063 ip.ipOutNoRoutes.0 = Counter: 0 ip.ipReasmTimeout.0 = INTEGER: 0 ip.ipReasmReqds.0 = Counter: 65 ip.ipReasmOKs.0 = Counter: 32 ip.ipReasmFails.0 = Counter: 0 ip.ipFragOKs.0 = Counter: 100 ip.ipFragFails.0 = Counter: 383 ip.ipFragCreates.0 = Counter: 682 <[ IP options ... ]> ip.ipAddrTable.ipAddrEntry.ipAdEntAddr.127.0.0.1 = IpAddress: 127.0.0.1 ip.ipAddrTable.ipAddrEntry.ipAdEntAddr.12.32.42.193 = IpAddress: 12.32.42.193 ip.ipAddrTable.ipAddrEntry.ipAdEntAddr.14.11.225.193 = IpAddress: 14.11.225.193 ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.127.0.0.1 = INTEGER: 1 ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.12.32.42.193 = INTEGER: 2 ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.14.11.15.193 = INTEGER: 3 ip.ipAddrTable.ipAddrEntry.ipAdEntNetMask.127.0.0.1 = IpAddress: 255.0.0.0 ip.ipAddrTable.ipAddrEntry.ipAdEntNetMask.12.32.42.193 = IpAddress: 255.255.255.255 ip.ipAddrTable.ipAddrEntry.ipAdEntNetMask.14.11.15.193 = IpAddress: 255.255.255.224 ip.ipAddrTable.ipAddrEntry.ipAdEntBcastAddr.127.0.0.1 = INTEGER: 0 ip.ipAddrTable.ipAddrEntry.ipAdEntBcastAddr.12.32.42.193 = INTEGER: 1 ip.ipAddrTable.ipAddrEntry.ipAdEntBcastAddr.14.11.15.193 = INTEGER: 1 ip.ipAddrTable.ipAddrEntry.ipAdEntReasmMaxSize.127.0.0.1 = INTEGER: 20480 ip.ipAddrTable.ipAddrEntry.ipAdEntReasmMaxSize.12.32.42.193 = INTEGER: 20480 ip.ipAddrTable.ipAddrEntry.ipAdEntReasmMaxSize.14.11.15.193 = INTEGER: 20480 ip.ipRouteTable.ipRouteEntry.ipRouteDest.0.0.0.0 = IpAddress: 0.0.0.0 ip.ipRouteTable.ipRouteEntry.ipRouteDest.192.168.0.0 = IpAddress: 192.168.0.0 ip.ipRouteTable.ipRouteEntry.ipRouteDest.192.168.0.4 = IpAddress: 192.168.0.4 ip.ipRouteTable.ipRouteEntry.ipRouteDest.12.32.42.27 = IpAddress: 12.32.42.27 ip.ipRouteTable.ipRouteEntry.ipRouteDest.12.32.42.194 = IpAddress: 12.32.42.194 ip.ipRouteTable.ipRouteEntry.ipRouteDest.12.32.42.195 = IpAddress: 12.32.42.195 ip.ipRouteTable.ipRouteEntry.ipRouteDest.12.32.42.196 = IpAddress: 12.32.42.196 ip.ipRouteTable.ipRouteEntry.ipRouteDest.12.32.42.199 = IpAddress: 12.32.42.199 ip.ipRouteTable.ipRouteEntry.ipRouteDest.12.32.42.200 = IpAddress: 12.32.42.200 ip.ipRouteTable.ipRouteEntry.ipRouteDest.12.32.42.202 = IpAddress: 12.32.42.202 ip.ipRouteTable.ipRouteEntry.ipRouteDest.12.32.42.210 = IpAddress: 12.32.42.210 ip.ipRouteTable.ipRouteEntry.ipRouteDest.14.11.15.192 = IpAddress: 14.11.15.192 ip.ipRouteTable.ipRouteEntry.ipRouteDest.14.11.15.200 = IpAddress: 14.11.15.200 ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex.0.0.0.0 = INTEGER: 4 ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex.192.168.0.0 = INTEGER: 2 ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex.192.168.0.4 = INTEGER: 2 ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex.12.32.42.27 = INTEGER: 4 ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex.12.32.42.194 = INTEGER: 2 ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex.12.32.42.195 = INTEGER: 2 ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex.12.32.42.196 = INTEGER: 2 ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex.12.32.42.199 = INTEGER: 2 ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex.12.32.42.200 = INTEGER: 3 ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex.12.32.42.202 = INTEGER: 6 ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex.12.32.42.210 = INTEGER: 2 ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex.14.11.15.192 = INTEGER: 3 ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex.14.11.15.200 = INTEGER: 3 ip.ipRouteTable.ipRouteEntry.ipRouteMetric1.0.0.0.0 = INTEGER: 1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric1.192.168.0.0 = INTEGER: 1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric1.192.168.0.4 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteMetric1.12.32.42.27 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteMetric1.12.32.42.194 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteMetric1.12.32.42.195 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteMetric1.12.32.42.196 = INTEGER: 1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric1.12.32.42.199 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteMetric1.12.32.42.200 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteMetric1.12.32.42.202 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteMetric1.12.32.42.210 = INTEGER: 1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric1.14.11.15.192 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteMetric1.14.11.15.200 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteMetric2.0.0.0.0 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric2.192.168.0.0 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric2.192.168.0.4 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric2.12.32.42.27 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric2.12.32.42.194 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric2.12.32.42.195 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric2.12.32.42.196 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric2.12.32.42.199 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric2.12.32.42.200 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric2.12.32.42.202 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric2.12.32.42.210 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric2.14.11.15.192 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric2.14.11.15.200 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric3.0.0.0.0 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric3.192.168.0.0 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric3.192.168.0.4 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric3.12.32.42.27 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric3.12.32.42.194 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric3.12.32.42.195 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric3.12.32.42.196 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric3.12.32.42.199 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric3.12.32.42.200 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric3.12.32.42.202 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric3.12.32.42.210 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric3.14.11.15.192 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric3.14.11.15.200 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric4.0.0.0.0 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric4.192.168.0.0 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric4.192.168.0.4 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric4.12.32.42.27 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric4.12.32.42.194 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric4.12.32.42.195 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric4.12.32.42.196 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric4.12.32.42.199 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric4.12.32.42.200 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric4.12.32.42.202 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric4.12.32.42.210 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric4.14.11.15.192 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric4.14.11.15.200 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteNextHop.0.0.0.0 = IpAddress: 12.32.42.27 ip.ipRouteTable.ipRouteEntry.ipRouteNextHop.192.168.0.0 = IpAddress: 192.168.0.4 ip.ipRouteTable.ipRouteEntry.ipRouteNextHop.192.168.0.4 = IpAddress: 0.0.0.0 ip.ipRouteTable.ipRouteEntry.ipRouteNextHop.12.32.42.27 = IpAddress: 0.0.0.0 ip.ipRouteTable.ipRouteEntry.ipRouteNextHop.12.32.42.194 = IpAddress: 0.0.0.0 ip.ipRouteTable.ipRouteEntry.ipRouteNextHop.12.32.42.195 = IpAddress: 0.0.0.0 ip.ipRouteTable.ipRouteEntry.ipRouteNextHop.12.32.42.196 = IpAddress: 12.32.42.195 ip.ipRouteTable.ipRouteEntry.ipRouteNextHop.12.32.42.199 = IpAddress: 0.0.0.0 ip.ipRouteTable.ipRouteEntry.ipRouteNextHop.12.32.42.200 = IpAddress: 0.0.0.0 ip.ipRouteTable.ipRouteEntry.ipRouteNextHop.12.32.42.202 = IpAddress: 0.0.0.0 ip.ipRouteTable.ipRouteEntry.ipRouteNextHop.12.32.42.210 = IpAddress: 12.32.42.195 ip.ipRouteTable.ipRouteEntry.ipRouteNextHop.14.11.15.192 = IpAddress: 0.0.0.0 ip.ipRouteTable.ipRouteEntry.ipRouteNextHop.14.11.15.200 = IpAddress: 0.0.0.0 ip.ipRouteTable.ipRouteEntry.ipRouteType.0.0.0.0 = INTEGER: indirect(4) ip.ipRouteTable.ipRouteEntry.ipRouteType.192.168.0.0 = INTEGER: indirect(4) ip.ipRouteTable.ipRouteEntry.ipRouteType.192.168.0.4 = INTEGER: direct(3) ip.ipRouteTable.ipRouteEntry.ipRouteType.12.32.42.27 = INTEGER: direct(3) ip.ipRouteTable.ipRouteEntry.ipRouteType.12.32.42.194 = INTEGER: direct(3) ip.ipRouteTable.ipRouteEntry.ipRouteType.12.32.42.195 = INTEGER: direct(3) ip.ipRouteTable.ipRouteEntry.ipRouteType.12.32.42.196 = INTEGER: indirect(4) ip.ipRouteTable.ipRouteEntry.ipRouteType.12.32.42.199 = INTEGER: direct(3) ip.ipRouteTable.ipRouteEntry.ipRouteType.12.32.42.200 = INTEGER: direct(3) ip.ipRouteTable.ipRouteEntry.ipRouteType.12.32.42.202 = INTEGER: direct(3) ip.ipRouteTable.ipRouteEntry.ipRouteType.12.32.42.210 = INTEGER: indirect(4) ip.ipRouteTable.ipRouteEntry.ipRouteType.14.11.15.192 = INTEGER: direct(3) ip.ipRouteTable.ipRouteEntry.ipRouteType.14.11.15.200 = INTEGER: direct(3) ip.ipRouteTable.ipRouteEntry.ipRouteProto.0.0.0.0 = INTEGER: local(2) ip.ipRouteTable.ipRouteEntry.ipRouteProto.192.168.0.0 = INTEGER: local(2) ip.ipRouteTable.ipRouteEntry.ipRouteProto.192.168.0.4 = INTEGER: local(2) ip.ipRouteTable.ipRouteEntry.ipRouteProto.12.32.42.27 = INTEGER: local(2) ip.ipRouteTable.ipRouteEntry.ipRouteProto.12.32.42.194 = INTEGER: local(2) ip.ipRouteTable.ipRouteEntry.ipRouteProto.12.32.42.195 = INTEGER: local(2) ip.ipRouteTable.ipRouteEntry.ipRouteProto.12.32.42.196 = INTEGER: local(2) ip.ipRouteTable.ipRouteEntry.ipRouteProto.12.32.42.199 = INTEGER: local(2) ip.ipRouteTable.ipRouteEntry.ipRouteProto.12.32.42.200 = INTEGER: local(2) ip.ipRouteTable.ipRouteEntry.ipRouteProto.12.32.42.202 = INTEGER: local(2) ip.ipRouteTable.ipRouteEntry.ipRouteProto.12.32.42.210 = INTEGER: local(2) ip.ipRouteTable.ipRouteEntry.ipRouteProto.14.11.15.192 = INTEGER: local(2) ip.ipRouteTable.ipRouteEntry.ipRouteProto.14.11.15.200 = INTEGER: local(2) ip.ipRouteTable.ipRouteEntry.ipRouteAge.0.0.0.0 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteAge.192.168.0.0 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteAge.192.168.0.4 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteAge.12.32.42.27 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteAge.12.32.42.194 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteAge.12.32.42.195 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteAge.12.32.42.196 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteAge.12.32.42.199 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteAge.12.32.42.200 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteAge.12.32.42.202 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteAge.12.32.42.210 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteAge.14.11.15.192 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteAge.14.11.15.200 = INTEGER: 0 ip.ipRouteTable.ipRouteEntry.ipRouteMask.0.0.0.0 = IpAddress: 0.0.0.0 ip.ipRouteTable.ipRouteEntry.ipRouteMask.192.168.0.0 = IpAddress: 255.255.128.0 ip.ipRouteTable.ipRouteEntry.ipRouteMask.192.168.0.4 = IpAddress: 255.255.255.255 ip.ipRouteTable.ipRouteEntry.ipRouteMask.12.32.42.27 = IpAddress: 255.255.255.255 ip.ipRouteTable.ipRouteEntry.ipRouteMask.12.32.42.194 = IpAddress: 255.255.255.255 ip.ipRouteTable.ipRouteEntry.ipRouteMask.12.32.42.195 = IpAddress: 255.255.255.255 ip.ipRouteTable.ipRouteEntry.ipRouteMask.12.32.42.196 = IpAddress: 255.255.255.255 ip.ipRouteTable.ipRouteEntry.ipRouteMask.12.32.42.199 = IpAddress: 255.255.255.255 ip.ipRouteTable.ipRouteEntry.ipRouteMask.12.32.42.200 = IpAddress: 255.255.255.248 ip.ipRouteTable.ipRouteEntry.ipRouteMask.12.32.42.202 = IpAddress: 255.255.255.255 ip.ipRouteTable.ipRouteEntry.ipRouteMask.12.32.42.210 = IpAddress: 255.255.255.255 ip.ipRouteTable.ipRouteEntry.ipRouteMask.14.11.15.192 = IpAddress: 255.255.255.224 ip.ipRouteTable.ipRouteEntry.ipRouteMask.14.11.15.200 = IpAddress: 255.255.255.248 ip.ipRouteTable.ipRouteEntry.ipRouteMetric5.0.0.0.0 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric5.192.168.0.0 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric5.192.168.0.4 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric5.12.32.42.27 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric5.12.32.42.194 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric5.12.32.42.195 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric5.12.32.42.196 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric5.12.32.42.199 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric5.12.32.42.200 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric5.12.32.42.202 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric5.12.32.42.210 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric5.14.11.15.192 = INTEGER: -1 ip.ipRouteTable.ipRouteEntry.ipRouteMetric5.14.11.15.200 = INTEGER: -1 <[routing table ... ]> ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.192.168.0.4 = INTEGER: 2 ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.12.32.42.194 = INTEGER: 2 ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.12.32.42.195 = INTEGER: 2 ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.12.32.42.199 = INTEGER: 2 ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress.2.192.168.0.4 = OCTET STRING: Hex: 00 20 AF 3C 07 F7 ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress.2.12.32.42.194 = OCTET STRING: Hex: 00 20 AF 90 C9 9E ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress.2.12.32.42.195 = OCTET STRING: Hex: 00 00 21 00 0C 90 ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress.2.12.32.42.199 = OCTET STRING: Hex: 00 00 21 00 0C 90 ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaNetAddress.2.192.168.0.4 = IpAddress: 192.168.0.4 ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaNetAddress.2.12.32.42.194 = IpAddress: 12.32.42.194 ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaNetAddress.2.12.32.42.195 = IpAddress: 12.32.42.195 ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaNetAddress.2.12.32.42.199 = IpAddress: 12.32.42.199 ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaType.2.192.168.0.4 = INTEGER: dynamic(3) ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaType.2.12.32.42.194 = INTEGER: dynamic(3) ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaType.2.12.32.42.195 = INTEGER: dynamic(3) ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaType.2.12.32.42.199 = INTEGER: dynamic(3) <[ ARP, etc. ]> icmp.icmpInMsgs.0 = Counter: 50064 icmp.icmpInErrors.0 = Counter: 112 icmp.icmpInDestUnreachs.0 = Counter: 21642 icmp.icmpInTimeExcds.0 = Counter: 100 icmp.icmpInParmProbs.0 = Counter: 0 icmp.icmpInSrcQuenchs.0 = Counter: 29 icmp.icmpInRedirects.0 = Counter: 36 icmp.icmpInEchos.0 = Counter: 19863 icmp.icmpInEchoReps.0 = Counter: 8394 icmp.icmpInTimestamps.0 = Counter: 0 icmp.icmpInTimestampReps.0 = Counter: 0 icmp.icmpInAddrMasks.0 = Counter: 0 icmp.icmpInAddrMaskReps.0 = Counter: 0 icmp.icmpOutMsgs.0 = Counter: 47095 icmp.icmpOutErrors.0 = Counter: 0 icmp.icmpOutDestUnreachs.0 = Counter: 27202 icmp.icmpOutTimeExcds.0 = Counter: 30 icmp.icmpOutParmProbs.0 = Counter: 0 icmp.icmpOutSrcQuenchs.0 = Counter: 0 icmp.icmpOutRedirects.0 = Counter: 0 icmp.icmpOutEchos.0 = Counter: 0 icmp.icmpOutEchoReps.0 = Counter: 19863 icmp.icmpOutTimestamps.0 = Counter: 0 icmp.icmpOutTimestampReps.0 = Counter: 0 icmp.icmpOutAddrMasks.0 = Counter: 0 icmp.icmpOutAddrMaskReps.0 = Counter: 0 <[ ICMP stats ]> tcp.tcpRtoAlgorithm.0 = INTEGER: other(1) tcp.tcpRtoMin.0 = INTEGER: 0 tcp.tcpRtoMax.0 = INTEGER: 0 tcp.tcpMaxConn.0 = INTEGER: 0 tcp.tcpActiveOpens.0 = Counter: 27020 tcp.tcpPassiveOpens.0 = Counter: 0 tcp.tcpAttemptFails.0 = Counter: 10 tcp.tcpEstabResets.0 = Counter: 0 tcp.tcpCurrEstab.0 = Gauge: 20 tcp.tcpInSegs.0 = Counter: 1627561 tcp.tcpOutSegs.0 = Counter: 1508541 tcp.tcpRetransSegs.0 = Counter: 46807 <[ TCP stats ]> tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.7.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.9.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.13.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.19.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.21.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.22.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.23.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.25.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.37.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.79.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.80.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.110.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.111.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.113.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.515.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.3046.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.3128.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.3333.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.0.0.0.0.4444.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.53.0.0.0.0.0 = INTEGER: listen(2) <[ Really great portscan :) ]> tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3644.127.0.0.1.3645 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3645.127.0.0.1.3644 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3646.127.0.0.1.3647 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3647.127.0.0.1.3646 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3648.127.0.0.1.3649 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3649.127.0.0.1.3648 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3650.127.0.0.1.3651 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3651.127.0.0.1.3650 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3652.127.0.0.1.3653 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3653.127.0.0.1.3652 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3654.127.0.0.1.3655 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3655.127.0.0.1.3654 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3656.127.0.0.1.3657 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.127.0.0.1.3657.127.0.0.1.3656 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.12.32.42.193.22.12.32.42.194.1023 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.12.32.42.193.53.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnState.12.32.42.193.2747.34.42.134.6.6667 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.12.32.42.193.3128.192.168.0.25.1433 = INTEGER: timeWait(11) tcp.tcpConnTable.tcpConnEntry.tcpConnState.12.32.42.193.3128.192.168.0.25.1435 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.12.32.42.193.3128.192.168.0.25.1436 = INTEGER: timeWait(11) tcp.tcpConnTable.tcpConnEntry.tcpConnState.12.32.42.193.3128.192.168.0.25.1437 = INTEGER: timeWait(11) tcp.tcpConnTable.tcpConnEntry.tcpConnState.12.32.42.193.3128.12.32.42.194.1487 = INTEGER: closeWait(8) tcp.tcpConnTable.tcpConnEntry.tcpConnState.12.32.42.193.3128.12.32.42.210.1517 = INTEGER: timeWait(11) tcp.tcpConnTable.tcpConnEntry.tcpConnState.12.32.42.193.3128.12.32.42.210.1524 = INTEGER: timeWait(11) tcp.tcpConnTable.tcpConnEntry.tcpConnState.12.32.42.193.3333.12.32.42.199.1038 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.12.32.42.193.4205.34.42.134.6.8080 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.12.32.42.193.4446.34.42.134.6.8080 = INTEGER: established(5) tcp.tcpConnTable.tcpConnEntry.tcpConnState.14.11.15.193.53.0.0.0.0.0 = INTEGER: listen(2) tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.7.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.9.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.13.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.19.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.21.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.22.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.23.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.25.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.37.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.79.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.80.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.110.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.111.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.113.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.515.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.3046.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.3128.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.3333.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.0.0.0.0.4444.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.53.0.0.0.0.0 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3644.127.0.0.1.3645 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3645.127.0.0.1.3644 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3646.127.0.0.1.3647 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3647.127.0.0.1.3646 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3648.127.0.0.1.3649 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3649.127.0.0.1.3648 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3650.127.0.0.1.3651 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3651.127.0.0.1.3650 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3652.127.0.0.1.3653 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3653.127.0.0.1.3652 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3654.127.0.0.1.3655 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3655.127.0.0.1.3654 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3656.127.0.0.1.3657 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.127.0.0.1.3657.127.0.0.1.3656 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.12.32.42.193.22.12.32.42.194.1023 = IpAddress: 12.32.42.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.12.32.42.193.53.0.0.0.0.0 = IpAddress: 12.32.42.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.12.32.42.193.2747.34.42.134.6.6667 = IpAddress: 12.32.42.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.12.32.42.193.3128.192.168.0.25.1433 = IpAddress: 12.32.42.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.12.32.42.193.3128.192.168.0.25.1435 = IpAddress: 12.32.42.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.12.32.42.193.3128.192.168.0.25.1436 = IpAddress: 12.32.42.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.12.32.42.193.3128.192.168.0.25.1437 = IpAddress: 12.32.42.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.12.32.42.193.3128.12.32.42.194.1487 = IpAddress: 12.32.42.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.12.32.42.193.3128.12.32.42.210.1517 = IpAddress: 12.32.42.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.12.32.42.193.3128.12.32.42.210.1524 = IpAddress: 12.32.42.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.12.32.42.193.3333.12.32.42.199.1038 = IpAddress: 12.32.42.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.12.32.42.193.4205.34.42.134.6.8080 = IpAddress: 12.32.42.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.12.32.42.193.4446.34.42.134.6.8080 = IpAddress: 12.32.42.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalAddress.14.11.15.193.53.0.0.0.0.0 = IpAddress: 14.11.15.193 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.7.0.0.0.0.0 = INTEGER: 7 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.9.0.0.0.0.0 = INTEGER: 9 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.13.0.0.0.0.0 = INTEGER: 13 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.19.0.0.0.0.0 = INTEGER: 19 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.21.0.0.0.0.0 = INTEGER: 21 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.22.0.0.0.0.0 = INTEGER: 22 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.23.0.0.0.0.0 = INTEGER: 23 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.25.0.0.0.0.0 = INTEGER: 25 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.37.0.0.0.0.0 = INTEGER: 37 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.79.0.0.0.0.0 = INTEGER: 79 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.80.0.0.0.0.0 = INTEGER: 80 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.110.0.0.0.0.0 = INTEGER: 110 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.111.0.0.0.0.0 = INTEGER: 111 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.113.0.0.0.0.0 = INTEGER: 113 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.515.0.0.0.0.0 = INTEGER: 515 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.3046.0.0.0.0.0 = INTEGER: 3046 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.3128.0.0.0.0.0 = INTEGER: 3128 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.3333.0.0.0.0.0 = INTEGER: 3333 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.0.0.0.0.4444.0.0.0.0.0 = INTEGER: 4444 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.53.0.0.0.0.0 = INTEGER: 53 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3644.127.0.0.1.3645 = INTEGER: 3644 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3645.127.0.0.1.3644 = INTEGER: 3645 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3646.127.0.0.1.3647 = INTEGER: 3646 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3647.127.0.0.1.3646 = INTEGER: 3647 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3648.127.0.0.1.3649 = INTEGER: 3648 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3649.127.0.0.1.3648 = INTEGER: 3649 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3650.127.0.0.1.3651 = INTEGER: 3650 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3651.127.0.0.1.3650 = INTEGER: 3651 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3652.127.0.0.1.3653 = INTEGER: 3652 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3653.127.0.0.1.3652 = INTEGER: 3653 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3654.127.0.0.1.3655 = INTEGER: 3654 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3655.127.0.0.1.3654 = INTEGER: 3655 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3656.127.0.0.1.3657 = INTEGER: 3656 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.127.0.0.1.3657.127.0.0.1.3656 = INTEGER: 3657 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.12.32.42.193.22.12.32.42.194.1023 = INTEGER: 22 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.12.32.42.193.53.0.0.0.0.0 = INTEGER: 53 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.12.32.42.193.2747.34.42.134.6.6667 = INTEGER: 2747 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.12.32.42.193.3128.192.168.0.25.1433 = INTEGER: 3128 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.12.32.42.193.3128.192.168.0.25.1435 = INTEGER: 3128 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.12.32.42.193.3128.192.168.0.25.1436 = INTEGER: 3128 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.12.32.42.193.3128.192.168.0.25.1437 = INTEGER: 3128 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.12.32.42.193.3128.12.32.42.194.1487 = INTEGER: 3128 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.12.32.42.193.3128.12.32.42.210.1517 = INTEGER: 3128 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.12.32.42.193.3128.12.32.42.210.1524 = INTEGER: 3128 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.12.32.42.193.3333.12.32.42.199.1038 = INTEGER: 3333 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.12.32.42.193.4205.34.42.134.6.8080 = INTEGER: 4205 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.12.32.42.193.4446.34.42.134.6.8080 = INTEGER: 4446 tcp.tcpConnTable.tcpConnEntry.tcpConnLocalPort.14.11.15.193.53.0.0.0.0.0 = INTEGER: 53 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.7.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.9.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.13.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.19.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.21.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.22.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.23.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.25.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.37.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.79.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.80.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.110.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.111.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.113.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.515.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.3046.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.3128.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.3333.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.0.0.0.0.4444.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.53.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3644.127.0.0.1.3645 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3645.127.0.0.1.3644 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3646.127.0.0.1.3647 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3647.127.0.0.1.3646 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3648.127.0.0.1.3649 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3649.127.0.0.1.3648 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3650.127.0.0.1.3651 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3651.127.0.0.1.3650 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3652.127.0.0.1.3653 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3653.127.0.0.1.3652 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3654.127.0.0.1.3655 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3655.127.0.0.1.3654 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3656.127.0.0.1.3657 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.127.0.0.1.3657.127.0.0.1.3656 = IpAddress: 127.0.0.1 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.12.32.42.193.22.12.32.42.194.1023 = IpAddress: 12.32.42.194 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.12.32.42.193.53.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.12.32.42.193.2747.34.42.134.6.6667 = IpAddress: 34.42.134.6 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.12.32.42.193.3128.192.168.0.25.1433 = IpAddress: 192.168.0.25 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.12.32.42.193.3128.192.168.0.25.1435 = IpAddress: 192.168.0.25 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.12.32.42.193.3128.192.168.0.25.1436 = IpAddress: 192.168.0.25 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.12.32.42.193.3128.192.168.0.25.1437 = IpAddress: 192.168.0.25 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.12.32.42.193.3128.12.32.42.194.1487 = IpAddress: 12.32.42.194 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.12.32.42.193.3128.12.32.42.210.1517 = IpAddress: 12.32.42.210 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.12.32.42.193.3128.12.32.42.210.1524 = IpAddress: 12.32.42.210 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.12.32.42.193.3333.12.32.42.199.1038 = IpAddress: 12.32.42.199 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.12.32.42.193.4205.34.42.134.6.8080 = IpAddress: 34.42.134.6 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.12.32.42.193.4446.34.42.134.6.8080 = IpAddress: 34.42.134.6 tcp.tcpConnTable.tcpConnEntry.tcpConnRemAddress.14.11.15.193.53.0.0.0.0.0 = IpAddress: 0.0.0.0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.7.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.9.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.13.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.19.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.21.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.22.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.23.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.25.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.37.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.79.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.80.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.110.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.111.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.113.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.515.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.3046.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.3128.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.3333.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.0.0.0.0.4444.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.53.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3644.127.0.0.1.3645 = INTEGER: 3645 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3645.127.0.0.1.3644 = INTEGER: 3644 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3646.127.0.0.1.3647 = INTEGER: 3647 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3647.127.0.0.1.3646 = INTEGER: 3646 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3648.127.0.0.1.3649 = INTEGER: 3649 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3649.127.0.0.1.3648 = INTEGER: 3648 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3650.127.0.0.1.3651 = INTEGER: 3651 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3651.127.0.0.1.3650 = INTEGER: 3650 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3652.127.0.0.1.3653 = INTEGER: 3653 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3653.127.0.0.1.3652 = INTEGER: 3652 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3654.127.0.0.1.3655 = INTEGER: 3655 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3655.127.0.0.1.3654 = INTEGER: 3654 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3656.127.0.0.1.3657 = INTEGER: 3657 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.127.0.0.1.3657.127.0.0.1.3656 = INTEGER: 3656 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.12.32.42.193.22.12.32.42.194.1023 = INTEGER: 1023 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.12.32.42.193.53.0.0.0.0.0 = INTEGER: 0 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.12.32.42.193.2747.34.42.134.6.6667 = INTEGER: 6667 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.12.32.42.193.3128.192.168.0.25.1433 = INTEGER: 1433 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.12.32.42.193.3128.192.168.0.25.1435 = INTEGER: 1435 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.12.32.42.193.3128.192.168.0.25.1436 = INTEGER: 1436 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.12.32.42.193.3128.192.168.0.25.1437 = INTEGER: 1437 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.12.32.42.193.3128.12.32.42.194.1487 = INTEGER: 1487 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.12.32.42.193.3128.12.32.42.210.1517 = INTEGER: 1517 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.12.32.42.193.3128.12.32.42.210.1524 = INTEGER: 1524 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.12.32.42.193.3333.12.32.42.199.1038 = INTEGER: 1038 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.12.32.42.193.4205.34.42.134.6.8080 = INTEGER: 8080 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.12.32.42.193.4446.34.42.134.6.8080 = INTEGER: 8080 tcp.tcpConnTable.tcpConnEntry.tcpConnRemPort.14.11.15.193.53.0.0.0.0.0 = INTEGER: 0 <[ Established TCP connections... ]> tcp.tcpInErrs.0 = Counter: 610 tcp.tcpOutRsts.0 = Counter: 20085 udp.udpInDatagrams.0 = Counter: 2142957 udp.udpNoPorts.0 = Counter: 3135 udp.udpInErrors.0 = Counter: 0 udp.udpOutDatagrams.0 = Counter: 2174841 udp.udpTable.udpEntry.udpLocalAddress.0.0.0.0.37 = IpAddress: 0.0.0.0 udp.udpTable.udpEntry.udpLocalAddress.0.0.0.0.111 = IpAddress: 0.0.0.0 udp.udpTable.udpEntry.udpLocalAddress.0.0.0.0.161 = IpAddress: 0.0.0.0 udp.udpTable.udpEntry.udpLocalAddress.0.0.0.0.514 = IpAddress: 0.0.0.0 udp.udpTable.udpEntry.udpLocalAddress.0.0.0.0.517 = IpAddress: 0.0.0.0 udp.udpTable.udpEntry.udpLocalAddress.0.0.0.0.518 = IpAddress: 0.0.0.0 udp.udpTable.udpEntry.udpLocalAddress.0.0.0.0.800 = IpAddress: 0.0.0.0 udp.udpTable.udpEntry.udpLocalAddress.0.0.0.0.1854 = IpAddress: 0.0.0.0 udp.udpTable.udpEntry.udpLocalAddress.0.0.0.0.2173 = IpAddress: 0.0.0.0 udp.udpTable.udpEntry.udpLocalAddress.0.0.0.0.3130 = IpAddress: 0.0.0.0 udp.udpTable.udpEntry.udpLocalAddress.127.0.0.1.53 = IpAddress: 127.0.0.1 udp.udpTable.udpEntry.udpLocalAddress.12.32.42.193.53 = IpAddress: 12.32.42.193 udp.udpTable.udpEntry.udpLocalAddress.14.11.15.193.53 = IpAddress: 14.11.15.193 udp.udpTable.udpEntry.udpLocalPort.0.0.0.0.37 = INTEGER: 37 udp.udpTable.udpEntry.udpLocalPort.0.0.0.0.111 = INTEGER: 111 udp.udpTable.udpEntry.udpLocalPort.0.0.0.0.161 = INTEGER: 161 udp.udpTable.udpEntry.udpLocalPort.0.0.0.0.514 = INTEGER: 514 udp.udpTable.udpEntry.udpLocalPort.0.0.0.0.517 = INTEGER: 517 udp.udpTable.udpEntry.udpLocalPort.0.0.0.0.518 = INTEGER: 518 udp.udpTable.udpEntry.udpLocalPort.0.0.0.0.800 = INTEGER: 800 udp.udpTable.udpEntry.udpLocalPort.0.0.0.0.1854 = INTEGER: 1854 udp.udpTable.udpEntry.udpLocalPort.0.0.0.0.2173 = INTEGER: 2173 udp.udpTable.udpEntry.udpLocalPort.0.0.0.0.3130 = INTEGER: 3130 udp.udpTable.udpEntry.udpLocalPort.127.0.0.1.53 = INTEGER: 53 udp.udpTable.udpEntry.udpLocalPort.12.32.42.193.53 = INTEGER: 53 udp.udpTable.udpEntry.udpLocalPort.14.11.15.193.53 = INTEGER: 53 <[ UDP listening sockets ]> snmp.snmpInPkts.0 = Counter: 1048422 snmp.snmpOutPkts.0 = Counter: 1048421 snmp.snmpInBadVersions.0 = Counter: 0 snmp.snmpInBadCommunityNames.0 = Counter: 0 snmp.snmpInBadCommunityUses.0 = Counter: 0 snmp.snmpInASNParseErrs.0 = Counter: 0 snmp.snmpInTooBigs.0 = Counter: 0 snmp.snmpInNoSuchNames.0 = Counter: 0 snmp.snmpInBadValues.0 = Counter: 0 snmp.snmpInReadOnlys.0 = Counter: 0 snmp.snmpInGenErrs.0 = Counter: 0 snmp.snmpInTotalReqVars.0 = Counter: 1048433 snmp.snmpInTotalSetVars.0 = Counter: 0 snmp.snmpInGetRequests.0 = Counter: 8487 snmp.snmpInGetNexts.0 = Counter: 1039949 snmp.snmpInSetRequests.0 = Counter: 0 snmp.snmpInGetResponses.0 = Counter: 0 snmp.snmpInTraps.0 = Counter: 0 snmp.snmpOutTooBigs.0 = Counter: 0 snmp.snmpOutNoSuchNames.0 = Counter: 0 snmp.snmpOutBadValues.0 = Counter: 0 snmp.snmpOutGenErrs.0 = Counter: 0 snmp.snmpOutGetRequests.0 = Counter: 0 snmp.snmpOutGetNexts.0 = Counter: 0 snmp.snmpOutSetRequests.0 = Counter: 0 snmp.snmpOutGetResponses.0 = Counter: 0 snmp.snmpOutTraps.0 = Counter: 0 snmp.snmpEnableAuthenTraps.0 = INTEGER: disabled(2) <[ stats for the SNMP itself ]> host.hrSystem.hrSystemUptime.0 = Timeticks: (42427609) 4 days, 21:51:16 host.hrSystem.hrSystemDate.0 = OCTET STRING: Hex: 00 63 07 10 0E 37 1B 00 host.hrSystem.hrSystemInitialLoadDevice.0 = INTEGER: 770 host.hrSystem.hrSystemInitialLoadParameters.0 = OCTET STRING: "auto BOOT_IMAGE=linux2210 ro root=302 BOOT_FILE=/linux2.2.10 digi=E,PC/Xe,D,8,110,D8000" host.hrSystem.hrSystemNumUsers.0 = Gauge: 7 host.hrSystem.hrSystemProcesses.0 = Gauge: 74 host.hrSystem.hrSystemMaxProcesses.0 = INTEGER: 512 host.hrStorage.hrMemorySize.0 = INTEGER: 65536 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageIndex.1 = INTEGER: 1 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageIndex.2 = INTEGER: 2 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageIndex.770 = INTEGER: 770 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageType.1 = OBJECT IDENTIFIER: host.hrStorage.hrStorageTypes.hrStorageRam host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageType.2 = OBJECT IDENTIFIER: host.hrStorage.hrStorageTypes.hrStorageVirtualMemory host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageType.770 = OBJECT IDENTIFIER: host.hrStorage.hrStorageTypes.hrStorageFixedDisk host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageDescr.1 = OCTET STRING: "Mem" Hex: 4D 65 6D host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageDescr.2 = OCTET STRING: "Swap" Hex: 53 77 61 70 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageDescr.770 = OCTET STRING: "Disk" Hex: 44 69 73 6B host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageAllocationUnits.1 = INTEGER: 1024 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageAllocationUnits.2 = INTEGER: 1024 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageAllocationUnits.770 = INTEGER: 1024 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageSize.1 = INTEGER: 63128 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageSize.2 = INTEGER: 64224 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageSize.770 = INTEGER: 4005619 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageUsed.1 = INTEGER: 58796 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageUsed.2 = INTEGER: 19980 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageUsed.770 = INTEGER: 1349015 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageAllocationFailures.1 = Counter: 0 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageAllocationFailures.2 = Counter: 0 host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageAllocationFailures.770 = Counter: 0 host.hrDevice.hrDeviceTable.hrDeviceEntry.hrDeviceIndex.1 = INTEGER: 1 host.hrDevice.hrDeviceTable.hrDeviceEntry.hrDeviceType.1 = OBJECT IDENTIFIER: host.hrDevice.hrDeviceTypes.hrDeviceProcessor host.hrDevice.hrDeviceTable.hrDeviceEntry.hrDeviceDescr.1 = OCTET STRING: "vendor_id: GenuineIntel, cpu family: 5" host.hrDevice.hrDeviceTable.hrDeviceEntry.hrDeviceID.1 = OBJECT IDENTIFIER: .ccitt.0 host.hrDevice.hrDeviceTable.hrDeviceEntry.hrDeviceStatus.1 = INTEGER: running(2) host.hrDevice.hrDeviceTable.hrDeviceEntry.hrDeviceErrors.1 = Counter: 0 host.hrDevice.hrProcessorTable.hrProcessorEntry.hrProcessorFrwID.1 = OBJECT IDENTIFIER: .ccitt.0 host.hrDevice.hrProcessorTable.hrProcessorEntry.hrProcessorLoad.1 = INTEGER: 2 host.hrDevice.hrFSTable.hrFSEntry.hrFSIndex.770 = INTEGER: 770 host.hrDevice.hrFSTable.hrFSEntry.hrFSMountPoint.770 = OCTET STRING: "/dev/hda2" host.hrDevice.hrFSTable.hrFSEntry.hrFSRemoteMountPoint.770 = OCTET STRING: "/" Hex: 2F host.hrDevice.hrFSTable.hrFSEntry.hrFSType.770 = OBJECT IDENTIFIER: host.hrDevice.hrFSTypes.hrFSUnknown host.hrDevice.hrFSTable.hrFSEntry.hrFSAccess.770 = INTEGER: readWrite(1) host.hrDevice.hrFSTable.hrFSEntry.hrFSBootable.770 = INTEGER: true(1) host.hrDevice.hrFSTable.hrFSEntry.hrFSStorageIndex.770 = INTEGER: 770 host.hrDevice.hrFSTable.hrFSEntry.hrFSLastFullBackupDate.770 = OCTET STRING: Hex: 00 00 01 01 00 00 00 00 host.hrDevice.hrFSTable.hrFSEntry.hrFSLastPartialBackupDate.770 = OCTET STRING: Hex: 00 00 01 01 00 00 00 00 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.0 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1 = INTEGER: 487 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.2 = INTEGER: 143 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.3 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.4 = INTEGER: 294 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.13 = INTEGER: 253 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.185 = INTEGER: 2586 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.187 = INTEGER: 1 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.194 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.198 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.200 = INTEGER: 541 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.203 = INTEGER: 1444 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.209 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.216 = INTEGER: 329 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.220 = INTEGER: 32132 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.231 = INTEGER: 22 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.236 = INTEGER: 8 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.331 = INTEGER: 2708 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1801 = INTEGER: 1 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1802 = INTEGER: 6361 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1803 = INTEGER: 1 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1804 = INTEGER: 24 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1805 = INTEGER: 18 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1806 = INTEGER: 22 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1807 = INTEGER: 26 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1808 = INTEGER: 30 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1809 = INTEGER: 23 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1810 = INTEGER: 36 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1811 = INTEGER: 34 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1812 = INTEGER: 25 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1813 = INTEGER: 37 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1814 = INTEGER: 29 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1815 = INTEGER: 24 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1816 = INTEGER: 29 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1817 = INTEGER: 29 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1818 = INTEGER: 23 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.1819 = INTEGER: 28 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.2726 = INTEGER: 3 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.2727 = INTEGER: 2 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.2728 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.11969 = INTEGER: 5 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.13050 = INTEGER: 1 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.13051 = INTEGER: 4 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.13052 = INTEGER: 4 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.13506 = INTEGER: 16 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.13521 = INTEGER: 3 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.13872 = INTEGER: 9 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.13873 = INTEGER: 2 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.13874 = INTEGER: 2 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.13875 = INTEGER: 2 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.13876 = INTEGER: 2 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.13877 = INTEGER: 2 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.13878 = INTEGER: 2 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.16256 = INTEGER: 3 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.16748 = INTEGER: 23 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.16750 = INTEGER: 13 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.16892 = INTEGER: 4 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.16906 = INTEGER: 2 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.17039 = INTEGER: 3 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.18234 = INTEGER: 2 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.19270 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.19271 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.20317 = INTEGER: 16 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.20318 = INTEGER: 2 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.20319 = INTEGER: 4 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.20321 = INTEGER: 1 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.20933 = INTEGER: 6 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.23404 = INTEGER: 7 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.23405 = INTEGER: 1 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.23407 = INTEGER: 2 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.23408 = INTEGER: 1 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.25643 = INTEGER: 1 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.26507 = INTEGER: 1707 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.29233 = INTEGER: 3 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfCPU.30685 = INTEGER: 3 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.0 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1 = INTEGER: 124 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.2 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.3 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.4 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.13 = INTEGER: 28 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.185 = INTEGER: 212 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.187 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.194 = INTEGER: 52 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.198 = INTEGER: 320 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.200 = INTEGER: 72 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.203 = INTEGER: 1468 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.209 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.216 = INTEGER: 340 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.220 = INTEGER: 1900 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.231 = INTEGER: 164 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.236 = INTEGER: 72 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.331 = INTEGER: 1188 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1801 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1802 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1803 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1804 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1805 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1806 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1807 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1808 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1809 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1810 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1811 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1812 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1813 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1814 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1815 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1816 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1817 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1818 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.1819 = INTEGER: 23120 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.2726 = INTEGER: 768 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.2727 = INTEGER: 836 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.2728 = INTEGER: 844 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.11969 = INTEGER: 920 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.13050 = INTEGER: 916 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.13051 = INTEGER: 916 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.13052 = INTEGER: 920 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.13506 = INTEGER: 844 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.13521 = INTEGER: 588 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.13872 = INTEGER: 508 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.13873 = INTEGER: 504 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.13874 = INTEGER: 496 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.13875 = INTEGER: 396 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.13876 = INTEGER: 396 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.13877 = INTEGER: 396 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.13878 = INTEGER: 396 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.16256 = INTEGER: 568 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.16748 = INTEGER: 1072 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.16750 = INTEGER: 1200 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.16892 = INTEGER: 568 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.16906 = INTEGER: 568 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.17039 = INTEGER: 568 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.18234 = INTEGER: 776 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.19270 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.19271 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.20317 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.20318 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.20319 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.20321 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.20933 = INTEGER: 104 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.23404 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.23405 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.23407 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.23408 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.25643 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.26507 = INTEGER: 344 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.29233 = INTEGER: 0 host.hrSWRunPerf.hrSWRunPerfTable.hrSWRunPerfEntry.hrSWRunPerfMem.30685 = INTEGER: 560 <[ Some data abiut the host... ]> 1.8. rpcinfo - different RPC services, NFS. Example output of rpcinfo -p program vers proto port 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100003 2 udp 2049 nfs 100003 2 tcp 2049 nfs 100005 1 udp 944 mountd 100005 2 udp 944 mountd 100005 1 tcp 947 mountd 100005 2 tcp 947 mountd <[ This machine has nfs and mountd running, i.e. you can mount some directories from it, based on the export rules. ]> program vers proto port 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100021 1 udp 2173 nlockmgr 100021 3 udp 2173 nlockmgr 100021 1 tcp 3046 nlockmgr 100021 3 tcp 3046 nlockmgr <[ this here is another machine, that doesn't have a nfsd running, only lockd - lock manager for NSF. ]> And this is the output of rpcinfo, then there isn't any RPC on the remote machine. rpcinfo: can't contact portmapper: RPC: Remote system error - Connection refused 1.10. Information from other organizations - Internic, RIPE Example output from whois spnet.net Access to Network Solutions' WHOIS information is provided to assist persons in determining the contents of a domain name registration record in NSI's registrar database. The data in this record is provided by NSI for informational purposes only, and NSI does not guarantee its accuracy. Compilation, repackaging, dissemination, or other use of the WHOIS database in its entirety, or a substantial portion thereof, is not allowed without NSI's prior written permission. By submitting this query, you agree to abide by this policy. All rights reserved. Registrant: Spectrum Net Ltd. (SPNET3-DOM) 1, Universiada Blvd. Sofia, BG Domain Name: SPNET.NET Administrative Contact: Zahov Theodore (ZT13-ORG) zahov@BIOTEAM.COM +359 2 757125 Fax- +359 2 9753026 Technical Contact, Zone Contact: Shtinkov, Peter (PS5645) shtinkov@SPNET.NET (+359 2) 757 125 (FAX) (+359 2) 975 3026 Billing Contact: Zahov Theodore (ZT13-ORG) zahov@BIOTEAM.COM +359 2 757125 Fax- +359 2 9753026 Record last updated on 26-Apr-98. Record created on 17-Nov-97. Database last updated on 15-Jul-99 09:10:38 EDT. Domain servers in listed order: NS.SPNET.NET 212.50.0.10 PURGATORY.SPNET.NET 212.50.0.15 BIOLIN.BIOTEAM.COM 212.50.0.9 And this is example output from whois query for the name server (the disclaimer is deleted): [No name] (NS39745-HST) Hostname: NS.SPNET.NET Address: 212.50.0.10 System: ? running ? Coordinator: Shtinkov, Peter (PS5645) shtinkov@SPNET.NET (+359 2) 757 125 (FAX) (+359 2) 975 3026 Record last updated on 03-Apr-98. Database last updated on 15-Jul-99 09:10:38 EDT. And, of course, the information about the technical/administrative contact person : Shtinkov, Peter (PS5645) shtinkov@SPNET.NET Spectrum NET 1 Liapchev blvd. Sofia 1797 BG (+359 2) 757 125 (FAX) (+359 2) 975 3026 Record last updated on 03-Mar-98. Database last updated on 15-Jul-99 09:10:38 EDT. Besides internic, you can query the bulgarian base, about which we can ask whois.ripe.net: % Rights restricted by copyright. See http://www.ripe.net/db/dbcopyright.html domain: nat.bg descr: Naturella AD admin-c: MM395-RIPE tech-c: DD183-RIPE zone-c: ZB41-RIPE notify: hostmaster@digsys.bg mnt-by: BG-DOMREG changed: hostmaster@digsys.bg 19970317 source: RIPE person: Michael Michailov address: Mladost I, bl. 9 address: 1784 Sofia address: Bulgaria phone: +359 2 974 32 53 fax-no: +359 2 974 30 95 e-mail: mike@naturella.com nic-hdl: MM395-RIPE notify: registry@naturella.com changed: hostmaster@ripe.net 19961022 source: RIPE person: Delian Delchev address: Mladost I, bl. 9 address: 1784 Sofia address: Bulgaria phone: +359 2 974 32 53 fax-no: +359 2 974 30 95 e-mail: delian@naturella.com nic-hdl: DD183-RIPE notify: registry@naturella.com changed: hostmaster@ripe.net 19961022 source: RIPE person: Zvezdelin Borisov address: Naturella AD address: Mladost 1 bl.9 address: BG-1000 Sofia address: Bulgaria phone: +359 2 768891 fax-no: +359 2 9743095 e-mail: zen@wfpa.acad.bg nic-hdl: ZB41-RIPE changed: hostmaster@digsys.bg 19970317 source: RIPE Here the format is different - it gives you directly the contacts, but doesn't give you the name servers, which can be easily found nslookup: Non-authoritative answer: nat.bg nameserver = equila.nat.bg nat.bg nameserver = aquila.nat.bg nat.bg nameserver = home.nat.bg Authoritative answers can be found from: equila.nat.bg internet address = 194.12.224.33 aquila.nat.bg internet address = 194.12.224.18 home.nat.bg internet address = 194.12.224.34 And, of cource, we can ask the local database in .bg (digsys.bg) Domain information Domain name: nat.bg Organization: Agency Naturella Ltd Address: Mladost I, bl. 9, 1784 Sofia Admin contact: MM395-RIPE Tech contact: DD183-RIPE ZB41-RIPE Name servers: ns1.naturella.bg ns2.naturella.bg ns3.naturella.bg auth02.ns.uu.net Registration status: Registered Requested on: 01-02-1997 Registered on: 21-04-1997 Contact information Administrative contact Name: Michael Michailov Organization: Naturella AD Address: Mladost I, bl. 9, 1784 Sofia E-mail: mike@wfpa.acad.bg Phone number(s): +359 2 974 32 53 Fax number(s): +359 2 974 30 95 NIC handle: MM395-RIPE Technical contact(s) Name: Delian Delchev Organization: Naturella AD Address: Mladost I, bl. 9, 1784 Sofia E-mail: delian@naturella.com Phone number(s): +359 2 974 32 53 Fax number(s): +359 2 974 30 95 NIC handle: DD183-RIPE Name: Zvezdelin Borisov Organization: Naturella AD Address: Mladost I, bl. 9, 1784 Sofia E-mail: zen@wfpa.acad.bg Phone number(s): +359 2 768891 Fax number(s): +359 2 9743095 NIC handle: ZB41-RIPE Name server information Nameserver: ns1.naturella.bg (194.12.224.33) Nameserver: ns2.naturella.bg (194.12.224.34) Nameserver: ns3.naturella.bg (194.12.224.18) Nameserver: auth02.ns.uu.net And, as you see, this database gives some more information .. :)))) One more example - BNB... Domain information Domain name: bnb.bg Organization: Bulgarian National Bank Address: 1, Kn. Al. Batenberg sq., BG-1000 Sofia Admin contact: VS663-RIPE Tech contact: GD713-RIPE SK1461-RIPE Name servers: ns.bnb.bg mbox.enpro.bg ns.uk.ibm.net Registration status: Registered Requested on: 24-07-1998 Registered on: 20-08-1998 Contact information Administrative contact Name: Velizar Stoilov Organization: Bulgarian National bank Address: 1, Kn. Al. Batenberg sq., BG-1000 Sofia E-mail: Phone number(s): +359 2 9807371 Fax number(s): +359 2 9802425 NIC handle: VS663-RIPE Technical contact(s) Name: George Petkov Dimitrov Organization: Bulgarian National Bank Address: 1, Kn. Al. Batenberg sq., BG-1000 Sofia E-mail: bnbin004@ibm.net Phone number(s): +359 2 8861630 +359 2 8861632 Fax number(s): +359 2 9802425 NIC handle: GD713-RIPE Name: Stefan Georgiev Krastanov Organization: Bulgarian National Bank Address: 1, Kn. Al. Batenberg sq., BG-1000 Sofia E-mail: bnbin003@ibm.net Phone number(s): +359 2 8861266 +359 2 8866266 Fax number(s): +359 2 9802425 NIC handle: SK1461-RIPE Name server information Nameserver: ns.bnb.bg (62.200.195.14) Nameserver: mbox.enpro.bg (195.24.40.65) Nameserver: ns.uk.ibm.net This usually is the first step, before downloading the DNS database. 1.11 What if we have shell ? If we have shell on a machine, we could get a lot of important infotmation from the following places : /var/log, /etc, /root, /home, and every strange directory under / . The most interesting files in /etc (maybe) are ones like passwd, shadow- ili shadow~ (backup fales), hosts, networks (usually not used ), services (for strange ports for things, that usually aren't supposed to be there), crontabs (what when is being run, like botchk-s ili bnchck-s), fstab (which disk partition is used where), and alll files that are unknown and can give you interesting information about the system. Directory /proc ( in linux especially) can give a lot of information about the hardware characteristics of the machine (as, is it good enough to run John the ripper on it :) ), the way of ordering the hard drives, etc. Example: /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 6 model name : Celeron (Mendocino) stepping : 0 cpu MHz : 300.688171 cache size : 128 KB fdiv_bug : no hlt_bug : no sep_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 2 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 sep mtrr pge mca cmov pat pse36 mmx osfxsr bogomips : 299.83 /proc/nvram Checksum status: valid # floppies : 1 Floppy 0 type : 3.5'' 1.44M Floppy 1 type : none HD 0 type : none HD 1 type : none HD type 48 data: 0/0/0 C/H/S, precomp 65280, lz 0 HD type 49 data: 65535/255/113 C/H/S, precomp 65535, lz 3071 DOS base memory: 640 kB Extended memory: 64448 kB (configured), 64448 kB (tested) Gfx adapter : EGA, VGA, ... (with BIOS) FPU : installed The command dmesg also can be really important,as it shows all the messages sent from the kernel since the last boot - there could be some VERY interesting things there. Also it could be funny to see all the running processes of a machine (that could happen in another way - if there is an open systat port of the machine, i.e. he is using some old slakware and haven't checked it.... ).Here is an example output of ps auxww: USER PID %CPU %MEM SIZE RSS TTY STAT START TIME COMMAND bin 181 0.0 0.0 788 0 ? SW Jul 23 0:00 (portmap) <{ Hmmmmm portmaper ... :))) there could be NFS,too ]> cache 216 0.0 35.5 40420 22452 ? S Jul 23 1:00 (squid) -sYD cache 219 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 220 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 221 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 222 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 223 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 224 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 226 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 227 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 228 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 229 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 230 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 234 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 235 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 236 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 237 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 238 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 240 0.0 35.5 40420 22452 ? S Jul 23 0:00 (squid) -sYD cache 11998 0.0 0.8 980 508 ? S 16:06 0:00 (dnsserver) cache 11999 0.0 0.7 980 500 ? S 16:06 0:00 (dnsserver) cache 12000 0.0 0.7 980 496 ? S 16:06 0:00 (dnsserver) cache 12001 0.0 0.6 912 396 ? S 16:06 0:00 (dnsserver) cache 12002 0.0 0.6 912 396 ? S 16:06 0:00 (dnsserver) cache 12003 0.0 0.6 912 396 ? S 16:06 0:00 (dnsserver) cache 12004 0.0 0.6 912 396 ? S 16:06 0:00 (dnsserver) <[ Typical squid proxy server, compiled with async IO (pthreads), using 40MB memory ....]> opers 16304 0.0 1.8 1836 1156 3 S 18:46 0:00 -bash <[ Somebody logged with shell shell account ... ]> httpd 6816 0.0 1.5 1896 1004 ? S 13:15 0:00 /usr/sbin/apache httpd 13165 0.0 1.7 1896 1120 ? S 16:48 0:00 /usr/sbin/apache httpd 13166 0.0 1.7 1896 1116 ? S 16:48 0:00 /usr/sbin/apache httpd 13167 0.0 1.7 1896 1116 ? S 16:48 0:00 /usr/sbin/apache httpd 17078 0.0 1.7 1896 1088 ? S 19:28 0:00 /usr/sbin/apache httpd 26622 0.0 1.6 1896 1032 ? S 02:49 0:00 /usr/sbin/apache httpd 30896 0.0 1.5 1896 988 ? S Jul 24 0:00 /usr/sbin/apache <[ Everybody's favourite apache webserver .... ]> bota 370 0.0 1.9 2336 1248 ? S Jul 23 0:14 eggdrop ./botche <[ And the even more favourite eggdrop ]> user1 15852 0.0 1.3 1644 844 ? S 18:15 0:00 bash /sbin/lppplogin <[ Looks like this machine is dialup server too, as the script name says.... ]> root 1 0.0 0.4 764 300 ? S Jul 23 0:04 init [2] root 2 0.0 0.0 0 0 ? SW Jul 23 0:00 (kflushd) root 3 0.0 0.0 0 0 ? SW Jul 23 0:00 (kpiod) root 4 0.0 0.0 0 0 ? SW Jul 23 0:01 (kswapd) root 13 0.0 0.0 720 28 ? S Jul 23 0:01 update root 168 0.0 0.3 912 220 ? S Jul 23 0:14 /sbin/syslogd root 170 0.0 0.2 804 160 ? S Jul 23 0:00 /sbin/klogd root 177 0.0 0.0 740 52 ? S Jul 23 0:00 /sbin/kerneld root 183 0.0 0.1 860 72 ? S Jul 23 0:03 /usr/sbin/inetd root 186 0.0 1.9 2072 1220 ? S Jul 23 0:09 /usr/sbin/named root 192 0.0 0.0 908 0 ? SW Jul 23 0:00 (lpd) root 199 0.0 0.5 1736 340 ? S Jul 23 0:02 sendmail: accepting connections on port 25 root 203 0.0 2.5 3664 1604 ? S Jul 23 3:25 /usr/sbin/snmpd -f <[ SNMP daemon :))) interesting ... ]> root 206 0.0 0.5 1292 344 ? S Jul 23 0:20 /usr/sbin/sshd root 214 0.0 0.0 2832 0 ? SW Jul 23 0:00 (squid) root 231 0.0 0.2 852 164 ? S Jul 23 0:00 /usr/sbin/cron root 249 0.0 0.1 1836 72 ? S Jul 23 0:00 /usr/sbin/apache root 265 0.0 0.0 836 0 7 SW Jul 23 0:00 (getty) root 266 0.0 0.0 836 0 8 SW Jul 23 0:00 (getty) root 267 0.0 0.0 836 0 9 SW Jul 23 0:00 (getty) root 268 0.0 0.0 836 0 10 SW Jul 23 0:00 (getty) root 1100 0.0 0.0 836 24 4 S Jul 23 0:00 /sbin/getty 38400 tty4 root 1101 0.0 0.0 836 0 5 SW Jul 23 0:00 (getty) root 1102 0.0 0.0 836 0 6 SW Jul 23 0:00 (getty) root 10626 0.0 1.1 1844 752 2 S 15:23 0:00 -bash root 11971 0.0 0.9 1124 596 D1 S 16:06 0:00 /usr/sbin/pppd ttyD1 38400 defaultroute noipdefault -detach 99.23.125.193: lock <[ Provider's uplink.... ]> root 12007 0.0 1.3 1716 864 2 S 16:07 0:07 tcpdump -ni ppp1 <[ OOOPS... tcpdump... who is being sniffed right now ? :) ]> root 15883 0.0 0.9 1124 584 ? S 18:17 0:00 /usr/sbin/pppd -detach modem crtscts 99.23.125.193:99.23.125.202 /dev/cud4 ipparam user1 <[ PPP connection - pppd with one parameter - the username. Interesting, can't he/she use the login option of pppd ? there may be a reason for it ... ]> root 18310 0.0 1.6 1568 1064 ? S 20:32 0:00 /usr/sbin/sshd root 18312 0.0 1.8 1828 1180 p1 S 20:32 0:00 -bash root 18317 0.0 0.5 752 324 p1 S 20:33 0:00 tail -f /usr/local/squid/logs/access.log <[ Typically paranoid sysadmin - constantly looking at the logs :) ]> root 20240 0.0 0.9 1124 584 ? S 22:17 0:00 /usr/sbin/pppd -detach modem crtscts 99.23.125.193:99.23.125.204 /dev/cud6 ipparam ppp root 20429 0.0 0.8 1176 568 ? S 22:24 0:00 /sbin/uugettyps cud5 38400 root 20876 0.0 0.8 1176 568 ? S 22:35 0:00 /sbin/uugettyps cud3 38400 root 21388 0.0 0.8 1176 568 D2 S 22:53 0:00 /sbin/uugettyps ttyD2 38400 root 21509 0.0 0.8 1176 568 ? S 22:58 0:00 /sbin/uugettyps cud7 38400 root 21595 0.0 1.6 1564 1072 ? S 23:02 0:00 /usr/sbin/sshd root 21597 0.0 1.8 1828 1164 p0 S 23:02 0:00 -bash root 21766 0.0 1.5 1860 984 ? S 23:12 0:00 sendmail: server mail.yahoo.com [214.122.34.1] cmd read root 21902 0.1 2.0 2032 1264 ? S 23:20 0:00 sendmail: XAA2185 mail.hotmail.com : client greeting root 21903 0.0 0.3 852 248 ? S 23:20 0:00 /USR/SBIN/CRON root 21920 1.0 0.6 864 428 ? R 23:20 0:00 /usr/bin/fping -i1000 -r5 192.168.1.11 192.168.1.12 192.168.1.2 192.168.1.8 192.168.1.77 192.168.1.88 <[ Part from the autostatus , below ]> ppp 17917 0.0 1.3 1644 844 ? S 20:05 0:00 bash /sbin/lppplogin admin 21907 0.1 1.2 1624 796 ? S 23:20 0:00 /bin/sh -c /usr/local/bin/autostatus /usr/local/etc/conf 1>/dev/null 2>/dev/null admin 21909 0.5 1.7 1856 1136 ? S 23:20 0:00 perl /usr/local/bin/autostatus /usr/local/etc/conf <[ Autostatus is a monitoring tool about the running machines in the moment....Why does he/she need that ? ]> This output can give a lot of information, and it's parsing isn't a hard task, as you can see from the comments. Another interesting example from a machine: Connected to dobrich.org. Escape character is '^]'. Welcome to Linux 2.0.35. webserv login: adm Password: Linux 2.0.35. Last login: Tue Jul 27 00:23:14 on ttyp0 from pool0.priovider.net. You have mail. bash: fortune: command not found <[ hmmm somebody messed this a little.......]> webserv:~# w 1:16am up 88 days, 10:36, 2 users, load average: 0.02, 0.05, 0.00 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root tty3 1Jun99 55days 0.28s 0.28s bash adm ttyp0 xxx.xxx.com 1:16am 1.00s 0.38s 0.09s w <[ Blaaaaaaah 88 days without ..... and the root is idle 55! ]> (Bel.Iron - I've made 34 days without UPS... Let's see when the damn power will hit :-) webserv:~# ls / System.map boot/ dev/ home/ lost+found/ nohup.out root/ sysbin/ usr/ vmlinuz bin/ cdrom/ etc/ lib/ mnt/ proc/ sbin/ tmp/ var/ vmlinuz.old <[ /sysbin? never heard of it ...let's check what's in there..... ]> webserv:~# cd /sysbin webserv:/sysbin# ls -l total 9 -rwx------ 1 root root 109 Apr 21 14:25 conn.inet* -rwx------ 1 root root 110 Oct 24 1995 conn.inet.dialup* -rwx------ 1 root root 97 Oct 24 1995 conn.inet.leased* -rwx------ 1 root root 164 Apr 16 12:47 dial* -rwx------ 1 root root 25 Dec 17 1998 inet* -rwx------ 1 root root 75 Mar 26 14:35 run_dup* -rwx------ 1 root root 119 Mar 26 14:41 run_lsl* -rwxr-xr-x 1 root root 166 Mar 11 16:41 squid_check* <[ Only one readable file...How was it forgotten ? ]> webserv:/sysbin# cat squid_check #!/bin/bash PATH=$PATH:/usr/bin:/bin:/sbin:/usr/sbin if ! ps -auxww |grep cache|grep squid ; then /usr/local/squid/bin/RunCache & fi killall -HUP named >/dev/null <[ Simple system script to check that the proxy server is running and then to restart the nameserver .....Why - god knows... ]> webserv:/sysbin# mount /dev/hda3 on / type ext2 (rw) none on /proc type proc (rw) /dev/hdc1 on /var type ext2 (rw) //myserv/temp on /mnt type smbfs (0) <[ STOOOOOOOP! Samba server connection ??? ]> webserv:/sysbin# df Filesystem 1024-blocks Used Available Capacity Mounted on /dev/hda3 466424 366134 76199 83% / /dev/hdc1 200181 44698 145145 24% /var //myserv/temp 4233088 1917696 2315392 45% /mnt <[ And with lot of free space ..... ]> webserv:/sysbin# cd /mnt webserv:/mnt# ls -l total 16354 -rwxr-xr-x 1 root root 153331 Jul 6 14:43 addressbook-0.7.tar.gz* -rwxr-xr-x 1 root root 448628 Jul 8 10:17 apt_0.3.11.deb* drwxr-xr-x 1 root root 512 Jun 25 10:55 catalog/ -rwxr-xr-x 1 root root 547742 Jul 8 03:08 gconv-modules_2.1.1-12.deb* -rwxr-xr-x 1 root root 304 Feb 4 14:41 home.htm* -rwxr-xr-x 1 root root 4753 Jul 5 09:44 kernel-doc-2.2.10.html* -rwxr-xr-x 1 root root 867106 Jul 5 10:04 kernel-doc-2.2.10_2.2.10-1.deb* -rwxr-xr-x 1 root root 1628462 Jul 5 13:03 kernel-headers-2.2.10_2.2.10-1.deb* -rwxr-xr-x 1 root root 3722120 Jul 2 11:28 kernel-image-2.2.10_2.2.10-1.deb* -rwxr-xr-x 1 root root 492036 Jul 7 16:14 kirc-0_9_5-04_tar* -rwxr-xr-x 1 root root 132262 Jul 8 02:53 ldso_1.9.11-2.deb* -rwxr-xr-x 1 root root 1544850 Jul 7 19:43 libc6_2.1.1-12.deb* -rwxr-xr-x 1 root root 40224 Jul 8 11:23 libesd0_0.2.10-0.19990424.6.2.deb* -rwxr-xr-x 1 root root 61728 Jul 8 12:07 libglib1.2_1.2.3-1.deb* -rwxr-xr-x 1 root root 610620 Jul 8 11:53 libgtk1.2_1.2.3-1.deb* -rwxr-xr-x 1 root root 222578 Jul 8 11:59 libmikmod1_3.1.6-2.deb* -rwxr-xr-x 1 root root 136622 Jul 7 18:18 libncurses4_4.2-3.2.deb* -rwxr-xr-x 1 root root 110024 Jul 8 10:22 libstdc++2.9-glibc2.1_2.91.66-2.deb* -rwxr-xr-x 1 root root 1576972 Jul 8 05:04 libwine0.0.971116_0.0.990704-1.deb* -rwxr-xr-x 1 root root 707948 Jul 8 13:04 locales_2.1.1-12.deb* -rwxr-xr-x 1 root root 393406 Jul 8 03:25 mesag3_3.0-1.deb* -rwxr-xr-x 1 root root 3990 Feb 4 15:16 nav(1).htm* -rwxr-xr-x 1 root root 80409 Jul 6 14:57 tkMOO-light-0.3.20-dev-05.tar.gz* -rwxr-xr-x 1 root root 631472 Jul 6 15:21 tm0-3-19s.zip* -rwxr-xr-x 1 root root 3732 Feb 4 15:15 usl1.htm* -rwxr-xr-x 1 root root 2863 Feb 4 14:40 usl3.htm* -rwxr-xr-x 1 root root 2723 Feb 4 14:40 uslugi(1).htm* -rwxr-xr-x 1 root root 6138 Feb 4 15:15 uslugi1.htm* -rwxr-xr-x 1 root root 20125 Jul 9 12:07 vd_tr942.zip* drwxr-xr-x 1 root root 512 Jun 21 10:12 web/ -rwxr-xr-x 1 root root 442118 Jul 5 16:09 wine_0.0.990613-1.deb* -rwxr-xr-x 1 root root 442266 Jul 7 17:57 wine_0.0.990704-1.deb* -rwxr-xr-x 1 root root 245830 Jul 8 02:34 xfree86-common_3.3.3.1-10.deb* -rwxr-xr-x 1 root root 999182 Jul 8 03:15 xlib6g_3.3.3.1-10.deb* -rwxr-xr-x 1 root root 391330 Jul 8 11:21 xmms_0.9.1-0.1.deb* -rwxr-xr-x 1 root root 53430 Jul 8 03:26 xpm4g_3.4k-1.deb* <[ Soooo....debian fan, as you can see the lot .deb packages... Because there isn't a lot of space on the small linux machine, he holds them on the big NT server (which, as it looks like is running NT) ]> webserv:/sysbin# ipfwadm -Il IP firewall input rules, default policy: accept type prot source destination ports acc all ppp0.users.org anywhere n/a acc tcp srv.provider.net anywhere proxy -> any acc all 192.168.15.9 anywhere n/a acc all 192.168.15.8 anywhere n/a acc all user205.users.org anywhere n/a acc all user210.users.org anywhere n/a acc all maniac.users.org anywhere n/a acc all myserv.users.org anywhere n/a acc all evgeny.users.org anywhere n/a acc tcp localnet-1/16 users.org any -> telnet acc tcp localnet-1/16 users.org any -> www acc tcp localnet-1/16 anywhere any -> 6667 acc tcp localnet-1/16 anywhere any -> smtp acc tcp localnet-1/16 anywhere any -> auth acc tcp localnet-1/16 anywhere any -> pop3 rej tcp localnet-1.users.org/24 anywhere any -> any <[ Something interesting - firewalls ....... there are uses who can do anyhing, and the rest are limited ti few ports - http on the local server, smtp, mail thorugh pop and telnet (why??? )...Also it looks like there is some dialup that has full access too... ]> >> EOA << ManiaX Killerian Copyright (C) 1999 Phreedom Magazine www.phreedom.org | phreedom.orbitel.bg staff@phreedom.org :: mboard.phreedom.org