LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-27-2006, 05:16 AM   #1
tripmix
Member
 
Registered: Nov 2004
Location: Norway
Distribution: Debian mostly
Posts: 107

Rep: Reputation: 16
Mysterius files, hard to explain in topic


I just mounted my Win partision on my linux and I found a few files that do not show up in windows.
File names:
002_[Connecting] http___67_19_249_226_8000.wav
001_[ICY 200 OK] http___66_28_201_178_12500.wav
001_[Connecting] http___195_18_154_36_7999.wav
So we have IPs and ports...?

nmap output from one of them:
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-05-27 10:36 CEST
Initiating SYN Stealth Scan against e2.f9.1343.static.theplanet.com (67.19.249.226) [1663 ports] at 10:36
Discovered open port 3389/tcp on 67.19.249.226
Discovered open port 25/tcp on 67.19.249.226
Discovered open port 80/tcp on 67.19.249.226
Discovered open port 21/tcp on 67.19.249.226
Discovered open port 443/tcp on 67.19.249.226
Discovered open port 8000/tcp on 67.19.249.226
Discovered open port 1027/tcp on 67.19.249.226
Discovered open port 1025/tcp on 67.19.249.226
Discovered open port 9999/tcp on 67.19.249.226
Discovered open port 1248/tcp on 67.19.249.226
The SYN Stealth Scan took 28.97s to scan 1663 total ports.
For OSScan assuming port 21 is open, 1 is closed, and neither are firewalled
For OSScan assuming port 21 is open, 1 is closed, and neither are firewalled
For OSScan assuming port 21 is open, 1 is closed, and neither are firewalled
Host e2.f9.1343.static.theplanet.com (67.19.249.226) appears to be up ... good.
Interesting ports on e2.f9.1343.static.theplanet.com (67.19.249.226):
(The 1652 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
21/tcp open ftp
25/tcp open smtp
80/tcp open http
443/tcp open https
445/tcp filtered microsoft-ds
1025/tcp open NFS-or-IIS
1027/tcp open IIS
1248/tcp open hermes
3389/tcp open ms-term-serv
8000/tcp open http-alt
9999/tcp open abyss
No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi).
TCP/IP fingerprint:
SInfo(V=3.81%P=i686-pc-linux-gnu%D=5/27%Tm=44780F99%O=21%C=1)
TSeq(Class=TR%TS=0)
T1(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)


TCP Sequence Prediction: Class=truly random
Difficulty=9999999 (Good luck!)
TCP ISN Seq. Numbers: 6B0BD623 E168A09F 607FA214 31E1AFDA AEAABFF6 ED60F409
IPID Sequence Generation: Busy server or unknown class

Nmap finished: 1 IP address (1 host up) scanned in 39.279 seconds
Raw packets sent: 1784 (72.1KB) | Rcvd: 1744 (80.6KB)

Can't say I understand much off this so...any help?
 
Old 05-27-2006, 06:19 AM   #2
cs-cam
Senior Member
 
Registered: May 2004
Location: Australia
Distribution: Gentoo
Posts: 3,544
Blog Entries: 4

Rep: Reputation: 57
Looks to me like some random Winamp dumps. Nothing I'd be concerned about.
 
Old 05-27-2006, 06:32 AM   #3
tripmix
Member
 
Registered: Nov 2004
Location: Norway
Distribution: Debian mostly
Posts: 107

Original Poster
Rep: Reputation: 16
Thats good to hear. Right after I typed this I rebooted and my desktops didn't work anymore. I was so sure I had pissed of some evil hacker or something. Guess it was just bad luck. I'll go see if I can fix my desktop now
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Hard to explain: Telnet Related duaux Linux - Software 2 08-15-2004 02:21 AM
A little off-topic pe2338 LQ Suggestions & Feedback 6 04-30-2004 07:29 AM
how do you play mpeg files on redhat 9?? pelase explain it simple because i am a noob qod Linux - Newbie 8 10-25-2003 10:46 AM
topic : no topic Timbo General 14 03-27-2003 08:36 PM
Off Topic :) Tinkster General 8 02-02-2003 03:05 PM


All times are GMT -5. The time now is 06:30 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration