No spamming or advertising permitted.

Spank you very much.

Paolo

Here's the email: chacho_world@hotmail.com

Here's the registration IP: 201.230.40.191

Here's another: 201.230.58.187

OH, look: client-201.230.58.187.speedy.net.pe

I'm sure there are those here who can use this.

Damn spammer.

Die.

chacho_world (imported) wrote: Tue Dec 05, 2006 2:02 pm I'm sure there are those here who can use this.

Damn spammer.

Die.

I ran a quick scan with nmap (http://insecure.org/nmap/), to see what information we can uncover about their network and system from the first IP (201.230.40.191)

Starting Nmap 4.20 ( http://insecure.org ) at 2006-12-09 20:36 GMT Standard Time

Interesting ports on client-201.230.40.191.speedy.net.pe (201.230.40.191):

Not shown: 1686 closed ports

PORT STATE SERVICE

21/tcp open ftp

23/tcp open telnet

80/tcp open http

135/tcp filtered msrpc

137/tcp filtered netbios-ns

138/tcp filtered netbios-dgm

139/tcp filtered netbios-ssn

445/tcp filtered microsoft-ds

593/tcp filtered http-rpc-epmap

1434/tcp filtered ms-sql-m

5190/tcp open aol

Device type: general purpose

Running (JUST GUESSING) : Linux 2.4.X|2.5.X|2.6.X (91%)

Aggressive OS guesses: Linux 2.4.0 - 2.5.20 (91%), Linux 2.5.5 (Gentoo) (91%), L

inux 2.6.10 (91%), Linux 2.4.22 - 2.6.8 (89%), Linux 2.4.7 - 2.6.11 (89%), Linux

2.6.4 (Suse) (89%), Linux 2.4.0 - 2.5.20 w/o tcp_timestamps (86%), Linux 2.6.0-

test9 - 2.6.0 (x86) (86%), Linux 2.4.22-gentoo-r2 i686 (86%)

No exact OS matches for host (test conditions non-ideal).

Uptime: 0.281 days (since Sat Dec 09 13:52:42 2006)

Network Distance: 16 hops

OS detection performed. Please report any incorrect results at http://insecure.o

rg/nmap/submit/ .

Nmap finished: 1 IP address (1 host up) scanned in 57.000 seconds

They are most likely running a variant of Linux, have telnet services on socket 23, and ftp access on socket 21, so you could try running a program like Brutus (http://www.hoobie.net/brutus/brutus-aet2.zip)(Brute Force Remote Password Cracker) which will try a long combination of usernames/passwords systematically until a combination is found that grants you access to the users system. (There are plenty of free alternative programs out there!)

The problem with this method is time. Each failed login attempt will almost certainly be logged!) It would only be a matter of time before someone noticed something was up! But there is more than one of us That could prove to be very difficult to protect a system against.

I guess there are now three certainties in life: death, taxes, and spam.