From: Fabián Gabriel Chiera (fabianchiera@hotmail.com)
Date: Fri Jul 22 2005 - 06:51:22 EDT
Did you try with amap to identify protocols and applications?
www.thc.org
Good luck!
Fabian G. Chiera
Information Security Specialist
*****************************************************************
This message and any attachments are intended for the use of the
addressee(s) only and may be confidential and covered by the attorney/client
and other privileges. If the reader is not the intended recipient, DO NOT
READ, notify
sender and delete this message. In addition, be aware that any disclosure,
copying, distribution or use of the contents of this message is strictly
prohibited.
*****************************************************************
>From: ilaiy <ilaiy.e@gmail.com>
>Reply-To: ilaiy <ilaiy.e@gmail.com>
>To: "Bartholomew, Brian J" <BartholomewBJ@state.gov>
>CC: thenightweighsheavy@gmail.com, pen-test@securityfocus.com
>Subject: Re: Unknown App
>Date: Thu, 21 Jul 2005 15:49:33 -0500
>MIME-Version: 1.0
>Received: from outgoing.securityfocus.com ([205.206.231.26]) by
>mc10-f28.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Thu, 21 Jul 2005
>19:36:24 -0700
>Received: from outgoing.securityfocus.com by outgoing.securityfocus.com
> via smtpd (for mail.hotmail.com [65.54.166.230]) with ESMTP; Thu, 21
>Jul 2005 19:36:24 -0700
>Received: from lists.securityfocus.com (lists.securityfocus.com
>[205.206.231.19])by outgoing2.securityfocus.com (Postfix) with QMQPid
>4863514457F; Thu, 21 Jul 2005 20:08:46 -0600 (MDT)
>Received: (qmail 24792 invoked from network); 21 Jul 2005 14:10:39 -0000
>X-Message-Info: JGTYoYF78jGHVCE06r7n1cMtPB8EPb+9SWA4lQUr6PE=
>Mailing-List: contact pen-test-help@securityfocus.com; run by ezmlm
>Precedence: bulk
>List-Id: <pen-test.list-id.securityfocus.com>
>List-Post: <mailto:pen-test@securityfocus.com>
>List-Help: <mailto:pen-test-help@securityfocus.com>
>List-Unsubscribe: <mailto:pen-test-unsubscribe@securityfocus.com>
>List-Subscribe: <mailto:pen-test-subscribe@securityfocus.com>
>Delivered-To: mailing list pen-test@securityfocus.com
>Delivered-To: moderator for pen-test@securityfocus.com
>DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta;
>d=gmail.com;
>h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
>
>b=JlXDgQlyzJE1v3MrKkx/j7WvahFF2SUekj2a40QJ3XHEPkIyUg6zhQRB4Bi/wKFI2FRJrC4XYb5b/zCiyjMBZCpAKtPeyMUC1fJpLZHDEurYpyu/MqdK27eVV0NSpq+wadgDmltOiVCo47EBk0GPCYExXhM0MqLTK1/qidoj+Is=
>References:
><9ABD10282E7D5F42AE291F5843857F6A014B3AEC@sa20dsacdmb01.ds.state.sbu>
>Return-Path:
>pen-test-return-1078477244-fabianchiera=hotmail.com@securityfocus.com
>X-OriginalArrivalTime: 22 Jul 2005 02:36:24.0887 (UTC)
>FILETIME=[27681C70:01C58E66]
>
>You could use TCPVIEW to get what application and the remote IP
>
>http://www.sysinternals.com/Utilities/TcpView.html
>
>./thanks
>ilaiy
_________________________________________________________________
MSN Amor: busca tu ˝ naranja http://latam.msn.com/amor/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:37 EDT