RE: Anyone know this ?

From: Smith Gary-GSMITH1 (Gary.R.Smith@motorola.com)
Date: Fri Mar 19 2004 - 12:15:45 EST


Greetings,

Yes, it looks like you have found and FTP server. A pubstro is a high speed,
public, distribution network set up for file distribution, probably warez or
porn. The "Capricorn" is probably a knock-off of the Serv-U-FTP server. The
name may have been changed to protect the guilty. Note the numbers, it's
been up for > 37 days and it has had only 95KB uploaded. Obviously not a
busy server. It has had no downloads in > 37 days! The server isn't very
well publicized with such low statistics. It's got a reasonable amount of
space devoted to its use (15GB), what little there is.

Regards,

Gary Smith

-----Original Message-----
From: tester pen [mailto:apentester@yahoo.com.cn]
Sent: Friday, March 19, 2004 1:37 AM
To: pen-test@securityfocus.com
Subject: Anyone know this ?

hi,all.
when i'm doing a pen-test on a win2k server box,i
found a port TCP 282
is open,and when i try to telnet it,the response is
below:
 
220-welcome to this capricorn pubstro!
220-...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::
...:
::...:
220-..::
220-..:: Welcome @ This
220-..::
220-..:: Capricorn PubStro
220-..::
220-..:: 3njoy
220-..::
220-...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::
...:
::...:
220-..::
220-..:: Rulez:
220-..:: Dont Hammer
220-..:: Dont ReHack
220-..:: Dont Scan This IP Range
220-..:: Dont Delete
220-..:: No Lame One-Word Relies
220-..:: Dont RePost Or Give Infos - That Makes You A
Lamer
220-..:: Have Fun
220-..::
220-...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::
...:
::...:
220-..::
220-..:: Current Uptime .................: 37 Days, 9
Hours, 26
Minutes, 24 Sec
onds
220-..:: Total KB's Uploaded ..........: 94 KB
220-..:: Total KB's Downloaded ......: 0 KB
220-..:: Total File's Uploaded .......: 2
220-..:: Total File's Downloaded .....: 0
220-..:: Average Throughput .......: 0.000 KB/sec
220-..:: Current Bandwith .............: 0.000 KB/sec
220-..:: No Users Logged In .........: 1
220-..:: Max Allowed Users ...........: -1
220-..:: No Total users ................: 1
220-..::
220-...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::
...:
::...:
220-..::
220-..:: 15992.90 MB free
220-..:: 1 users connected
220-..:: 0.000 KB/sec is in use
220-..::
220
...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:::...:
::...:
421 Maximum session time exceeded - closing.
 
i googled it,both about "TCP Port 282" & "Capricorn
PubStro
"(the keyword),but i got nothing :(
 
it looks like a ftp server? 220,421
anyone who recoganize this ?
 
thx.
sorry for my poor english.

_________________________________________________________
Do You Yahoo!?
完全免费的雅虎电邮,马上注册获赠额外60兆网络存储空间
http://cn.rd.yahoo.com/mail_cn/tag/?http://cn.mail.yahoo.com

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:50 EDT