This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

whois version and related tools.


Hi,

whois is complaining about being old but before I just updated I wanted to get some
idea what is available [ as I've complained before about my machine being a bit sensitive ].

I have a 2nd machine that I believe could be contaminated with spyware and I try to just
run it remotely using cygserver stuff for ssh and ftp and this now seems to work fine- a clean cygwin install went perfectly. Although, without making implicit accusations, I do have 
machine crashes ( not BSOD, but  text dump about bad driver ] on the messed-up-install machine 
when I am running X and interact strongly with that system(multiple open and active connections
via my wireless card) .

Anyway, my immediate problem is diagnosing any spyware using cygwin or cygwin 
friendly tools( something I can use without having to attach a keyboard or monitor or getitng
windoze remote desktop).  
 I have  showtraffic started as a service using the cygwin tools and it generates
a packet log just fine. I found a very active IP address that shouldn't be there,

Proto: TCP len: 1500 96.17.74.91:80 -> 192.168.2.103:1059

and was naturally curious. Whois was no help,

$ whois 96.17.74.91
Unknown AS number or IP network. Please upgrade this program.
$ whois --version
Version 4.6.13.
Report bugs to .

and nmap gave me some idea it is from akamai,
$ nmap  -sV 96.17.74.91

Starting Nmap 4.62 ( http://nmap.org ) at 2008-09-27 10:16 Eastern Daylight Time

SCRIPT ENGINE: nselib/ not a directory
SCRIPT ENGINE: Aborting script scan.
Interesting ports on a96-17-74-91.deploy.akamaitechnologies.com (96.17.74.91):
Not shown: 1703 closed ports
PORT     STATE    SERVICE      VERSION
22/tcp   open     ssh          Akamai SSH Server-VII (protocol 1.99)
80/tcp   open     http         AkamaiGHost (Akamai's HTTP Acceleration/Mirror se
rvice)
135/tcp  filtered msrpc
136/tcp  filtered profile
137/tcp  filtered netbios-ns
138/tcp  filtered netbios-dgm
139/tcp  filtered netbios-ssn
443/tcp  open     ssl          OpenSSL
445/tcp  filtered microsoft-ds
500/tcp  open     ssh          Akamai SSH Server-VII (protocol 1.99)
1720/tcp filtered H.323/Q.931
9050/tcp open     tor-socks?

Service detection performed. Please report any incorrect results at http://nmap.
org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 79.044 seconds


So, I guess I asking if the most recent version of whois is worth getting
and if anyone knows anything about this particular server or how to figure out
what it is.


I guess I should probably just load debian on the other system but I only expected to
use if for backup, LOL.

Thanks.


Mike Marchywka
586 Saint James Walk
Marietta GA 30067-7165
415-264-8477 (w)<- use this
404-788-1216 (C)<- leave message
989-348-4796 (P)<- emergency only
marchywka@hotmail.com
Note: If I am asking for free stuff, I normally use for hobby/non-profit
information but may use in investment forums, public and private.
Please indicate any concerns if applicable.
Note:  hotmail is getting cumbersom, try also marchywka@yahoo.com


_________________________________________________________________
Get more out of the Web. Learn 10 hidden secrets of Windows Live.
http://windowslive.com/connect/post/jamiethomson.spaces.live.com-Blog-cns!550F681DAD532637!5295.entry?ocid=TXT_TAGLM_WL_domore_092008

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]