| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Nov 2006 09:45:33 -0500 From: "ragdelaed" <ragdelaed@...il.com> To: "'David Swafford'" <dswafford@...erhighschool.org>, <full-disclosure@...ts.grok.org.uk>, "'William Stanley'" <vegacash@...oo.com> Subject: Re: Austin Decking 512-385-5334 Austindecking wholesale >>From the original header: Received: from [194.24.158.16] by web58409.mail.re3.yahoo.com via HTTP; Tue, 14 Nov 2006 00:46:24 PST Date: Tue, 14 Nov 2006 00:46:24 -0800 (PST) From: William Stanley <vegacash@...oo.com> To: full-disclosure@...ts.grok.org.uk 194.24.158.16 is not lumbermax.com, its a box in Austria. If I was a spammer, it would be easy to sub a known blacklisted spammer to try and hide my point of origin. "William Stanley" is the real spammer and he used a box in Austria or "William Stanley" has nothing to do with this and someone else used a box in Austria. Always look for the source. Since the 194.24.158.16 address is recorded in the header by the webmail yahoo box, I would probably say the 194.24.158.16 address is not forged. That is the originating address of this email. Dont believe anything else below it unless you actually sent it. It can be forged. And did you scan lumbermax.org from inside archbishop alter high school? If so, be very careful about doing that. The high school administration may not appreciate you scanning a legit company from inside their domain. And dont explore any of the open ports from inside the high school. But then again, you are listed as the high schools network engineer, so I guess you would be the point of contact if lumbermax.com has an issue, correct? ________________________________________ From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of David Swafford Sent: Tuesday, November 14, 2006 9:07 AM To: full-disclosure@...ts.grok.org.uk; William Stanley Subject: Re: [Full-disclosure] Austin Decking 512-385-5334 Austindecking wholesale Golden....... NMAP shows the following (lumbermax.com): 21/TCP - OPEN - FTP 22/TCP - OPEN - SSH 25/TCP - OPEN - SMTP 53/TCP - OPEN - DOMAIN 80/TCP - OPEN - HTTP 110/TCP - OPEN - POP3 111/TCP - OPEN - RPCBIND 135/TCP - FILTERED - MSRPC 137/TCP - FILTERED - NETBIOS-NS 138/TCP - FILTERED - NETBIOS-DGM 139/TCP - FILTERED - NETBIOS-SSN 143/TCP - OPEN - IMAP 443/TCP - OPEN - HTTPS 445/TCP - FILTERED - MICROSOFT-DS 593/TCP - FILTERED - HTTP-RPC-EPMAP 631/TCP - OPEN - IPP 3306/TCP - OPEN - MYSQL - Running Apache 2.052 (so there's some exploitable flaws here as current ver is 2.059). Its running on a CENTOS box and the apache error says the domain is LYFE-CARD.com - The SMTP services are Sendmail 8.13.1 ____________________________________________________ David A. Swafford, Network Engineer Information Technology Team Archbishop Alter High School EC-Council Certified Ethical Hacker A Cisco Systems, Inc., Certified Network Associate (CCNA) and a CompTIA Network+ and Security+ Certified Professional <snip> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists