[18066] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: backbone transparent proxy / connection hijacking

daemon@ATHENA.MIT.EDU (Charles Sprickman)
Thu Jun 25 21:13:53 1998

Date: Thu, 25 Jun 1998 21:06:55 -0400 (EDT)
From: Charles Sprickman <spork@inch.com>
To: Jon Lewis <jlewis@inorganic5.fdt.net>
cc: Paul Vixie <vixie@wisdom.rc.vix.com>, nanog@merit.edu
In-Reply-To: <Pine.LNX.3.95.980625203430.723s-100000@tarkin.fdt.net>

That's odd, they point you to a proxy in DC?!? 

I don't see any ports open besides some standard services.  You'd think
there'd be a port for the proxy or something...

-|super-g|-$ strobe !!$
strobe 165.117.17.251
strobe 1.04 (c) 1995-1997 Julian Assange (proff@suburbia.net).
165.117.17.251    22 ssh          Secure Shell - RSA encrypted rsh
                     -> SSH-1.5-1.2.22\n
165.117.17.251    25 smtp         Simple Mail Transfer [102,JBP]
                     -> 220 dca1-wc2.atlas.digex.net ESMTP Sendmail
8.8.8/8.8.5; Thu, 25 Jun 1998 21:02
                     -> :46 -0400 (EDT)\r\n
165.117.17.251    37 time         Time [108,JBP]
                     -> \185=q\182
165.117.17.251    21 ftp          File Transfer [Control] [96,JBP]
                     -> 220 dca1-wc2 FTP server (Version wu-2.4(1) Tue Jun
18 14:54:28 EDT 1996) ready.
                     -> \r\n
165.117.17.251    23 telnet       Telnet [112,JBP]
                     -> \255\253\24\255\253\31\255\253#\255\253'\255\253$

Charles


~~~~~~~~~					~~~~~~~~~~~
Charles Sprickman 				Internet Channel
INCH System Administration Team			(212)243-5200
spork@inch.com					access@inch.com

On Thu, 25 Jun 1998, Jon Lewis wrote:

> Date: Thu, 25 Jun 1998 20:36:13 -0400 (EDT)
> From: Jon Lewis <jlewis@inorganic5.fdt.net>
> To: Paul Vixie <vixie@wisdom.rc.vix.com>
> Cc: nanog@merit.edu
> Subject: Re: backbone transparent proxy / connection hijacking
> 
> On 25 Jun 1998, Paul Vixie wrote:
> 
> > I don't think Digex is using one of our boxes, and if they are using one
> > of the "just run Inktomi software on a Solaris box and put an Alteon next
> > to it" then there are going to be some wierd little unspecified protocol
> > violations that only Alteon, and a new protocol between Alteon and Inktomi,
> 
> The proxy we seem to be trapped with is:
> REMOTE_HOST = dca1-wc2.atlas.digex.net
> REMOTE_ADDR = 165.117.17.251
> 
> Trying 165.117.17.251...
> Connected to 165.117.17.251.
> Escape character is '^]'.
> 
> 
> SunOS 5.6
> 
> login: 
> 
> 
> ------------------------------------------------------------------
>  Jon Lewis <jlewis@fdt.net>  |  Spammers will be winnuked or 
>  Network Administrator       |  drawn and quartered...whichever
>  Florida Digital Turnpike    |  is more convenient.
> ______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____
> 


home help back first fref pref prev next nref lref last post