Mysterius files, hard to explain in topic
I just mounted my Win partision on my linux and I found a few files that do not show up in windows.
File names: 002_[Connecting] http___67_19_249_226_8000.wav 001_[ICY 200 OK] http___66_28_201_178_12500.wav 001_[Connecting] http___195_18_154_36_7999.wav So we have IPs and ports...? nmap output from one of them: Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-05-27 10:36 CEST Initiating SYN Stealth Scan against e2.f9.1343.static.theplanet.com (67.19.249.226) [1663 ports] at 10:36 Discovered open port 3389/tcp on 67.19.249.226 Discovered open port 25/tcp on 67.19.249.226 Discovered open port 80/tcp on 67.19.249.226 Discovered open port 21/tcp on 67.19.249.226 Discovered open port 443/tcp on 67.19.249.226 Discovered open port 8000/tcp on 67.19.249.226 Discovered open port 1027/tcp on 67.19.249.226 Discovered open port 1025/tcp on 67.19.249.226 Discovered open port 9999/tcp on 67.19.249.226 Discovered open port 1248/tcp on 67.19.249.226 The SYN Stealth Scan took 28.97s to scan 1663 total ports. For OSScan assuming port 21 is open, 1 is closed, and neither are firewalled For OSScan assuming port 21 is open, 1 is closed, and neither are firewalled For OSScan assuming port 21 is open, 1 is closed, and neither are firewalled Host e2.f9.1343.static.theplanet.com (67.19.249.226) appears to be up ... good. Interesting ports on e2.f9.1343.static.theplanet.com (67.19.249.226): (The 1652 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 21/tcp open ftp 25/tcp open smtp 80/tcp open http 443/tcp open https 445/tcp filtered microsoft-ds 1025/tcp open NFS-or-IIS 1027/tcp open IIS 1248/tcp open hermes 3389/tcp open ms-term-serv 8000/tcp open http-alt 9999/tcp open abyss No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi). TCP/IP fingerprint: SInfo(V=3.81%P=i686-pc-linux-gnu%D=5/27%Tm=44780F99%O=21%C=1) TSeq(Class=TR%TS=0) T1(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT) T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT) T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E) TCP Sequence Prediction: Class=truly random Difficulty=9999999 (Good luck!) TCP ISN Seq. Numbers: 6B0BD623 E168A09F 607FA214 31E1AFDA AEAABFF6 ED60F409 IPID Sequence Generation: Busy server or unknown class Nmap finished: 1 IP address (1 host up) scanned in 39.279 seconds Raw packets sent: 1784 (72.1KB) | Rcvd: 1744 (80.6KB) Can't say I understand much off this so...any help? |
Looks to me like some random Winamp dumps. Nothing I'd be concerned about.
|
Thats good to hear. Right after I typed this I rebooted and my desktops didn't work anymore. I was so sure I had pissed of some evil hacker or something. Guess it was just bad luck. I'll go see if I can fix my desktop now :)
|
All times are GMT -5. The time now is 03:37 AM. |