B
blackneos940
Guest
Starting Nmap 6.40 ( http://nmap.org ) at 2014-11-23 16:20 UTC
Nmap scan report for srv08.lunaweb.pro (5.135.203.40)
Host is up (0.15s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.5p1 Debian 6+squeeze5 (protocol 2.0)
| ssh-hostkey: 1024 ea:3c:ad:0d:9f:36:f9:78:e7:f1:94:ee:f8:ad:94:12 (DSA)
|_2048 7f:56:aa:7a:27:db:a1:08:1c:e6:a9:06:fd:aa:3b:40 (RSA)
80/tcp open http Apache httpd 2.2.16 ((Debian))
|_http-methods: No Allow or Public header in OPTIONS response (status code 301)
|_http-title: Did not follow redirect to http://www.clipconverter.cc/
111/tcp open rpcbind 2 (RPC #100000)
| rpcinfo:
| program version port/proto service
| 100000 2 111/tcp rpcbind
|_ 100000 2 111/udp rpcbind
445/tcp filtered microsoft-ds
Device type: general purpose
Running (JUST GUESSING): Linux 2.6.X|3.X (92%)
OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3
Aggressive OS guesses: Linux 2.6.32 - 2.6.39 (92%), Linux 2.6.32 - 3.0 (91%), Linux 3.2 - 3.6 (90%), Linux 3.1.9 (90%), Linux 3.4 (89%), Linux 2.6.39 (89%), Linux 2.6.32 (89%), Linux 2.6.32 - 2.6.35 (88%), Linux 3.5 (87%), Linux 3.0 - 3.9 (86%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 16 hops
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
TRACEROUTE (using port 23/tcp)
HOP RTT ADDRESS
1 ... 3
4 14.65 ms cpe-024-028-253-034.triad.res.rr.com (24.28.253.34)
5 21.89 ms be34.chrcnctr01r.southeast.rr.com (24.93.64.198)
6 28.60 ms bu-ether14.atlngamq46w-bcr00.tbone.rr.com (66.109.6.82)
7 22.97 ms ae-1-0.pr0.atl20.tbone.rr.com (66.109.6.177)
8 ... 9
10 41.39 ms ae-2-52.edge3.Newark1.Level3.net (4.69.156.43)
11 65.60 ms level3.as3356.nj.us (178.32.135.18)
12 67.98 ms bhs-g1-6k.qc.ca (198.27.73.205)
13 67.96 ms 198.27.73.231
14 ...
15 150.20 ms srv20.lunaweb.pro (37.59.19.95)
16 153.79 ms srv08.lunaweb.pro (5.135.203.40)
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 336.55 seconds
-------------------------
After finding out clipconverter had been hacked, I did an nmap scan, only to find out that they ran LINUX, of all things..... They're back up, but I thought Linux was hard to break into.....? Unless.......
Nmap scan report for srv08.lunaweb.pro (5.135.203.40)
Host is up (0.15s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.5p1 Debian 6+squeeze5 (protocol 2.0)
| ssh-hostkey: 1024 ea:3c:ad:0d:9f:36:f9:78:e7:f1:94:ee:f8:ad:94:12 (DSA)
|_2048 7f:56:aa:7a:27:db:a1:08:1c:e6:a9:06:fd:aa:3b:40 (RSA)
80/tcp open http Apache httpd 2.2.16 ((Debian))
|_http-methods: No Allow or Public header in OPTIONS response (status code 301)
|_http-title: Did not follow redirect to http://www.clipconverter.cc/
111/tcp open rpcbind 2 (RPC #100000)
| rpcinfo:
| program version port/proto service
| 100000 2 111/tcp rpcbind
|_ 100000 2 111/udp rpcbind
445/tcp filtered microsoft-ds
Device type: general purpose
Running (JUST GUESSING): Linux 2.6.X|3.X (92%)
OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3
Aggressive OS guesses: Linux 2.6.32 - 2.6.39 (92%), Linux 2.6.32 - 3.0 (91%), Linux 3.2 - 3.6 (90%), Linux 3.1.9 (90%), Linux 3.4 (89%), Linux 2.6.39 (89%), Linux 2.6.32 (89%), Linux 2.6.32 - 2.6.35 (88%), Linux 3.5 (87%), Linux 3.0 - 3.9 (86%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 16 hops
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
TRACEROUTE (using port 23/tcp)
HOP RTT ADDRESS
1 ... 3
4 14.65 ms cpe-024-028-253-034.triad.res.rr.com (24.28.253.34)
5 21.89 ms be34.chrcnctr01r.southeast.rr.com (24.93.64.198)
6 28.60 ms bu-ether14.atlngamq46w-bcr00.tbone.rr.com (66.109.6.82)
7 22.97 ms ae-1-0.pr0.atl20.tbone.rr.com (66.109.6.177)
8 ... 9
10 41.39 ms ae-2-52.edge3.Newark1.Level3.net (4.69.156.43)
11 65.60 ms level3.as3356.nj.us (178.32.135.18)
12 67.98 ms bhs-g1-6k.qc.ca (198.27.73.205)
13 67.96 ms 198.27.73.231
14 ...
15 150.20 ms srv20.lunaweb.pro (37.59.19.95)
16 153.79 ms srv08.lunaweb.pro (5.135.203.40)
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 336.55 seconds
-------------------------
After finding out clipconverter had been hacked, I did an nmap scan, only to find out that they ran LINUX, of all things..... They're back up, but I thought Linux was hard to break into.....? Unless.......