ghost
commented
8 years ago Update: 6/8 done executing.
Open ghost opened 8 years ago
ghost
commented
8 years ago Update: 6/8 done executing.
melanierieback
commented
8 years ago koenj2: sounds good! (I'm also looking forward to hearing more about your strategy regarding a small number of individual in-depth case studies.) :-)
ghost
commented
8 years ago Update: 7/8 done executing.
sinteur
commented
8 years ago 👍🏻
Verstuurd vanaf mijn iPhone
Op 5 sep. 2015 om 17:55 heeft Koen J notifications@github.com het volgende geschreven:
Update: 7/8 done executing.
— Reply to this email directly or view it on GitHub.
ghost
commented
8 years ago Found 184727 hosts, therefore our random test should contain 384 hosts. These hosts showed the following banners, seemed promising! The ;1 represents a frequency test, eg Hello;1 means the banner occurred only once.
384 random hosts fetched.
Filled host information.
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 2 of 500 allowed.
220-Local time is now 11:59. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 AUTH=PLAIN IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc. See COPYING for distribution information.
;7
+OK Hello there. <5326.1438224511@localhost.localdomain>
;1
+OK Hello there. <124200.1438545846@localhost.localdomain>
;1
220 86.109.11.31 FTP server ready
;1
220 Ftp firmware update utility;8
+OK Hello there. <142976.1438236035@localhost.localdomain>
;1
+OK Hello there. <5806.1438572545@localhost.localdomain>
;1
220 86.109.6.28 FTP server ready
;1
+OK Dovecot ready.
;38
220 FTP Server ready.
;14
220 DS1949 FTP server ready.
;1
421 4.3.2 Connection rate limit exceeded.
;8
220 hypershop.nl ESMTP Postfix (Debian/GNU)
;1
220 mx.blinkstaircase.com ESMTP Postfix
;1
220 ProFTPD 1.3.5 Server (ProFTPD) [81.4.106.44]
;1
220---------- Welcome to Pure-FTPd [privsep] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 22:30. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.
;1
220 vm5219.vellance.net ESMTP Postfix
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 10:08. Server port: 21.
220 You will be disconnected after 15 minutes of inactivity.
;1
220 glv-03.isp-services.nl ESMTP Postfix
;1
+OK Hello there. <65296.1438276581@localhost.localdomain>
;1
220 lnx10.hosting.nubium.nl ESMTP Postfix
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 5 of 500 allowed.
220-Local time is now 09:46. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 6 of 500 allowed.
220-Local time is now 06:15. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
220 domain.com ESMTP Ready
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 3 of 500 allowed.
220-Local time is now 01:14. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
220 DS1861 FTP server ready.
;1
220 mho-optional.warmlights.net ESMTP service ready
;1
220 ProFTPD 1.3.5 Server (ProFTPD) [213.206.91.50]
;1
220 remote.luhy.nl Microsoft ESMTP MAIL Service ready at Mon, 3 Aug 2015 18:35:12 +0200
;1
220 Microsoft FTP Service
;3
220 server.datingsites.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 11:28:21 +0200
;1
220 ProFTPD 1.3.4b Server ready.
;4
220 intermax-mail01.exed.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 18:06:21 +0200
;1
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot DA ready.
;9
+OK Dovecot DA ready.
;23
220 vps178.123-webhost.net ESMTP Exim 4.76 Mon, 03 Aug 2015 13:35:09 +0200
;1
+OK Hello there. <11298.1438267853@localhost.localdomain>
;1
220 vps-1021692-341.cp.ashosting.nl ESMTP
;1
220 ProFTPD 1.3.2e Server (ProFTPD) [62.212.152.89]
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 5 of 500 allowed.
220-Local time is now 14:42. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
;3
220-amsrv20.fastcpanelserver.com ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 13:07:38 -0400
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 2 of 50 allowed.
220-Local time is now 16:15. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
220 ProFTPD 1.3.3e Server ready.
;4
220 d168.webcreators.nl ESMTP Exim 4.84 Mon, 03 Aug 2015 17:55:58 +0200
;1
220 ns1.wvmkb-server.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 10:52:39 +0200
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 22:46. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.
;1
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
;2
+OK POP3 server ready <8ecbe651-cf16-452d-84e7-8a3d00cc2b13@asphost72.asphostserver.net>
;1
220 vps.spark-it.nl ESMTP Exim 4.82 Mon, 03 Aug 2015 15:08:40 +0200
;1
220 local-elixir.warmlights.net ESMTP service ready
;1
220 smtp.merit.unu.edu ESMTP ready.
;1
220 2.0.0 ms2.mailendo.in ESMTP ecelerity 4.1.0.46749 r(Core:4.1.0.4) Mon, 03 Aug 2015 12:54:32 -0500
;1
220 astaro.magneet.com ESMTP ready.
;1
220-server.main-computers.net ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 17:10:03 +0400
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 15:51. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 08:05. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
220-dexter.webcare360.info ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 14:03:04 +0200
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
;1
+OK Hello there. <6552.1438565661@localhost.localdomain>
;1
+OK Hello there. <24482.1438246362@localhost.localdomain>
;1
220 jeugdzorgmakelaar.flexvps.nl ESMTP Postfix
;1
220 ProFTPD 1.3.4c Server (ProFTPD) [89.255.16.215]
;1
220 ProFTPD 1.3.5a Server ready.
;3
220 pm.themasterlabs.com ESMTP Exim 4.76 Mon, 03 Aug 2015 15:35:00 +0200
;1
220 ProFTPD 1.3.5 Server (ProFTPD) [212.204.198.230]
;1
220 ProFTPD 1.3.4a Server (Debian) [::ffff:5.79.77.80]
;1
220 vps42098.public.cloudvps.com ESMTP Exim 4.82 Mon, 03 Aug 2015 19:15:06 +0200
;1
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready.
;1
220 server.mespromo21.com.br
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 15:25. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 4 of 500 allowed.
220-Local time is now 03:40. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
220 vacationli2.webair.com ESMTP
;1
220-vacationli2.webair.com NcFTPd Server (licensed copy) ready.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 18 of 1000 allowed.
220-Local time is now 23:44. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 240 minutes of inactivity.
;1
220-After a while you learn the subtle difference
220-Between holding a hand and chaining a soul,
220-And you learn that love doesn't mean security,
220-And you begin to learn that kisses aren't contracts
220-And presents aren't promises
220-And you begin to accept your defeats
220-With your head up and your eyes open,
220-With the grace of a woman, not the grief of a child,
220-And you learn to build all your roads
220-On today because tomorrow's ground
220-Is too uncertain. And futures have
220-A way of falling down in midflight,
220-After a while you learn that even sunshine burns if you get too much.
220-So you plant your own garden and decorate your own soul, instead of waiting
220-For someone to bring you flowers.
220-And you learn that you really can endure...
220-That you really are strong,
220-And you really do have worth
220-And you learn and learn
220-With every goodbye you learn.
220- -- Veronic Shoffstall, "Comes the Dawn"
220 This is a private system - No anonymous login
;1
220 N1NW8SHG115.ams1.gdhosting.gdg Microsoft ESMTP MAIL Service, Version: 7.0.6002.18264 ready at Mon, 3 Aug 2015 06:32:39 -0700
;1
220 AP8959 Network Management Card AOS v5.1.2 FTP server ready.
;1
220 srv06.zo-host.nl ESMTP Exim 4.85 Mon, 03 Aug 2015 19:16:20 +0200
;1
220 srv854.flexwebhosting.nl ESMTP Exim 4.61 Mon, 03 Aug 2015 13:09:18 +0200
;1
220 directadmin1.shared.nforce.com ESMTP Exim 4.73 Mon, 03 Aug 2015 14:10:36 +0200
;1
220 ProFTPD 1.3.3d Server ready.
;1
+OK Hello there. <84230.1438569173@localhost.localdomain>
;1
+OK Hello there. <108666.1438287300@localhost.localdomain>
;1
220 86.109.14.194 FTP server ready
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 4 of 500 allowed.
220-Local time is now 09:11. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 8 of 500 allowed.
220-Local time is now 11:56. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=PLAIN ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2004 Double Precision, Inc. See COPYING for distribution information.
;1
220 42.jdns.nl ESMTP
;1
+OK Hello there. <22363.1438251518@localhost.localdomain>
;1
+OK Hello there. <20681.1438601885@localhost.localdomain>
;1
220-server.dns-europe.com ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 11:27:41 +0200
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
;1
220-
220- Welcome to the PostgreSQL FTP Server
220- ====================================
220-
;1
220-ip-146-255-33-34.ip.secureserver.net ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 08:41:40 -0700
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 15:51. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 3 of 500 allowed.
220-Local time is now 08:31. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
220 zamarkowani.pl ESMTP Postfix (Ubuntu)
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 5000 allowed.
220-Local time is now 05:38. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
+OK Hello there. <3110.1438579819@localhost.localdomain>
;1
+OK Hello there. <10819.1438279593@localhost.localdomain>
;1
220 vzl-0142.psp.uniserver.nl ESMTP Postfix
;1
220 hsv-ede-igw.hsv.nl ESMTP ready.
;1
220 aviva.2fast.nl ESMTP Postfix (2Fast Internet Services) (Debian/GNU)
;1
+OK Hello there.
;1
220 (vsFTPd 2.0.3)
;1
220 VDS123397 FTP server ready.
;1
220-bcu.transip.nl ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 11:35:04 +0300
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 2 of 50 allowed.
220-Local time is now 18:05. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
220 Hello
;1
220-FTP Server ready...
220 5 second delay to prevent hammering.
;1
220 kopmtasrv.net ESMTP Postfix
;1
220 honk9.domeinhuis.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 12:56:10 +0200
;1
+OK Welcome to MailEnable POP3 Server
;1
220 mail.camping-frankrijk.nl ESMTP MailEnable Service, Version: 7.53-- ready at 08/03/15 16:16:50
;1
220 woutersserver ESMTP Postfix (Ubuntu)
;1
220 lb1 FTP server (Version 1.9.2.4 - 2005/01/11 13:03:28) ready.
;1
+OK Hello there. <9266.1438589298@localhost.localdomain>
;1
+OK Hello there. <6853.1438292119@localhost.localdomain>
;1
220 v01.compu.nl ESMTP Postfix
;1
220 ProFTPD 1.3.4a Server ready.
;1
220 vps01.woei.nl ESMTP Exim 4.72 Mon, 03 Aug 2015 15:04:05 +0200
;1
+OK Hello there. <233501.1438551380@localhost.localdomain>
;1
+OK Hello there. <98998.1438255645@localhost.localdomain>
;1
220 86.109.13.198 FTP server ready
;1
220-Welcome to cc-ftpd.
220-You are user number 1 of 50 allowed.
220-Local time is now 17:27. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
+OK Hello there. <1566.1438229201@localhost.localdomain>
;1
+OK Hello there. <15534.1438597397@localhost.localdomain>
;1
220 ns1.v5v.eu ESMTP
;1
220 ProFTPD 1.3.5 Server (ProFTPD) [83.172.146.101]
;1
220 Serv-U FTP Server v6.4 for WinSock ready...
;1
220 trakinc ESMTP Postfix (Ubuntu)
;1
220 i3d005.lovepuddin.com ESMTP Exim 4.72 Mon, 03 Aug 2015 09:51:56 +0100
;1
220 server.lrhitsolutions.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 18:56:59 +0200
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 19:48. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
220 vps1.socialbrands.nl ESMTP Exim 4.77 Mon, 03 Aug 2015 16:15:03 +0200
;1
220 server.altus.com ESMTP
;1
220 ghost ESMTP Postfix (Ubuntu)
;1
220 vm3573.vellance.net ESMTP Postfix
;1Koen: did this information come from zmap?
Cheers! Melanie
On September 23, 2015 11:16:40 AM GMT+02:00, Koen J notifications@github.com wrote:
Found 184727 hosts, therefore our random test should contain 384 hosts. These hosts showed the following banners, seemed promising!
384 random hosts fetched. Filled host information. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 2 of 500 allowed. 220-Local time is now 11:59. Server port: 21. 220-This is a private system - No anonymous login 220 You will be disconnected after 3 minutes of inactivity. ;1
- OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 AUTH=PLAIN IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc. See COPYING for distribution information. ;7 +OK Hello there. 5326.1438224511@localhost.localdomain ;1 +OK Hello there. 124200.1438545846@localhost.localdomain ;1 220 86.109.11.31 FTP server ready ;1 220 Ftp firmware update utility;8 +OK Hello there. 142976.1438236035@localhost.localdomain ;1 +OK Hello there. 5806.1438572545@localhost.localdomain ;1 220 86.109.6.28 FTP server ready ;1 +OK Dovecot ready. ;38 220 FTP Server ready. ;14 220 DS1949 FTP server ready. ;1 421 4.3.2 Connection rate limit exceeded. ;8 220 hypershop.nl ESMTP Postfix (Debian/GNU) ;1 220 mx.blinkstaircase.com ESMTP Postfix ;1 220 ProFTPD 1.3.5 Server (ProFTPD) [81.4.106.44] ;1 220---------- Welcome to Pure-FTPd [privsep] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 22:30. Server port: 21. 220-This is a private system - No anonymous login 220 You will be disconnected after 15 minutes of inactivity. ;1 220 vm5219.vellance.net ESMTP Postfix ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 10:08. Server port: 21. 220 You will be disconnected after 15 minutes of inactivity. ;1 220 glv-03.isp-services.nl ESMTP Postfix ;1 +OK Hello there. 65296.1438276581@localhost.localdomain ;1 220 lnx10.hosting.nubium.nl ESMTP Postfix ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 5 of 500 allowed. 220-Local time is now 09:46. Server port: 21. 220-This is a private system - No anonymous login 220 You will be disconnected after 3 minutes of inactivity. ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 6 of 500 allowed. 220-Local time is now 06:15. Server port: 21. 220-This is a private system - No anonymous login 220 You will be disconnected after 3 minutes of inactivity. ;1 220 domain.com ESMTP Ready ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 3 of 500 allowed. 220-Local time is now 01:14. Server port: 21. 220-This is a private system - No anonymous login 220 You will be disconnected after 3 minutes of inactivity. ;1 220 DS1861 FTP server ready. ;1 220 mho-optional.warmlights.net ESMTP service ready ;1 220 ProFTPD 1.3.5 Server (ProFTPD) [213.206.91.50] ;1 220 remote.luhy.nl Microsoft ESMTP MAIL Service ready at Mon, 3 Aug 2015 18:35:12 +0200 ;1 220 Microsoft FTP Service ;3 220 server.datingsites.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 11:28:21 +0200 ;1 220 ProFTPD 1.3.4b Server ready. ;4 220 intermax-mail01.exed.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 18:06:21 +0200 ;1
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot DA ready. ;9 +OK Dovecot DA ready. ;23 220 vps178.123-webhost.net ESMTP Exim 4.76 Mon, 03 Aug 2015 13:35:09 +0200 ;1 +OK Hello there. 11298.1438267853@localhost.localdomain ;1 220 vps-1021692-341.cp.ashosting.nl ESMTP ;1 220 ProFTPD 1.3.2e Server (ProFTPD) [62.212.152.89] ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 5 of 500 allowed. 220-Local time is now 14:42. Server port: 21. 220-This is a private system - No anonymous login 220 You will be disconnected after 3 minutes of inactivity. ;1
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. ;3 220-amsrv20.fastcpanelserver.com ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 13:07:38 -0400 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 2 of 50 allowed. 220-Local time is now 16:15. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. ;1 220 ProFTPD 1.3.3e Server ready. ;4 220 d168.webcreators.nl ESMTP Exim 4.84 Mon, 03 Aug 2015 17:55:58 +0200 ;1 220 ns1.wvmkb-server.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 10:52:39 +0200 ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 22:46. Server port: 21. 220-This is a private system - No anonymous login 220 You will be disconnected after 15 minutes of inactivity. ;1
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. ;2 +OK POP3 server ready 8ecbe651-cf16-452d-84e7-8a3d00cc2b13@asphost72.asphostserver.net ;1 220 vps.spark-it.nl ESMTP Exim 4.82 Mon, 03 Aug 2015 15:08:40 +0200 ;1 220 local-elixir.warmlights.net ESMTP service ready ;1 220 smtp.merit.unu.edu ESMTP ready. ;1 220 2.0.0 ms2.mailendo.in ESMTP ecelerity 4.1.0.46749 r(Core:4.1.0.4) Mon, 03 Aug 2015 12:54:32 -0500 ;1 220 astaro.magneet.com ESMTP ready. ;1 220-server.main-computers.net ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 17:10:03 +0400 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 15:51. Server port: 21. 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 08:05. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. ;1 220-dexter.webcare360.info ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 14:03:04 +0200 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. ;1 +OK Hello there. 6552.1438565661@localhost.localdomain ;1 +OK Hello there. 24482.1438246362@localhost.localdomain ;1 220 jeugdzorgmakelaar.flexvps.nl ESMTP Postfix ;1 220 ProFTPD 1.3.4c Server (ProFTPD) [89.255.16.215] ;1 220 ProFTPD 1.3.5a Server ready. ;3 220 pm.themasterlabs.com ESMTP Exim 4.76 Mon, 03 Aug 2015 15:35:00 +0200 ;1 220 ProFTPD 1.3.5 Server (ProFTPD) [212.204.198.230] ;1 220 ProFTPD 1.3.4a Server (Debian) [::ffff:5.79.77.80] ;1 220 vps42098.public.cloudvps.com ESMTP Exim 4.82 Mon, 03 Aug 2015 19:15:06 +0200 ;1
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. ;1 220 server.mespromo21.com.br ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 15:25. Server port: 21. 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 4 of 500 allowed. 220-Local time is now 03:40. Server port: 21. 220-This is a private system - No anonymous login 220 You will be disconnected after 3 minutes of inactivity. ;1 220 vacationli2.webair.com ESMTP ;1 220-vacationli2.webair.com NcFTPd Server (licensed copy) ready. ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 18 of 1000 allowed. 220-Local time is now 23:44. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 240 minutes of inactivity. ;1 220-After a while you learn the subtle difference 220-Between holding a hand and chaining a soul, 220-And you learn that love doesn't mean security, 220-And you begin to learn that kisses aren't contracts 220-And presents aren't promises 220-And you begin to accept your defeats 220-With your head up and your eyes open, 220-With the grace of a woman, not the grief of a child, 220-And you learn to build all your roads 220-On today because tomorrow's ground 220-Is too uncertain. And futures have 220-A way of falling down in midflight, 220-After a while you learn that even sunshine burns if you get too much. 220-So you plant your own garden and decorate your own soul, instead of waiting 220-For someone to bring you flowers. 220-And you learn that you really can endure... 220-That you really are strong, 220-And you really do have worth 220-And you learn and learn 220-With every goodbye you learn. 220- -- Veronic Shoffstall, "Comes the Dawn" 220 This is a private system - No anonymous login ;1 220 N1NW8SHG115.ams1.gdhosting.gdg Microsoft ESMTP MAIL Service, Version: 7.0.6002.18264 ready at Mon, 3 Aug 2015 06:32:39 -0700 ;1 220 AP8959 Network Management Card AOS v5.1.2 FTP server ready. ;1 220 srv06.zo-host.nl ESMTP Exim 4.85 Mon, 03 Aug 2015 19:16:20 +0200 ;1 220 srv854.flexwebhosting.nl ESMTP Exim 4.61 Mon, 03 Aug 2015 13:09:18 +0200 ;1 220 directadmin1.shared.nforce.com ESMTP Exim 4.73 Mon, 03 Aug 2015 14:10:36 +0200 ;1 220 ProFTPD 1.3.3d Server ready. ;1 +OK Hello there. 84230.1438569173@localhost.localdomain ;1 +OK Hello there. 108666.1438287300@localhost.localdomain ;1 220 86.109.14.194 FTP server ready ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 4 of 500 allowed. 220-Local time is now 09:11. Server port: 21. 220-This is a private system - No anonymous login 220 You will be disconnected after 3 minutes of inactivity. ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 8 of 500 allowed. 220-Local time is now 11:56. Server port: 21. 220-This is a private system - No anonymous login 220 You will be disconnected after 3 minutes of inactivity. ;1
- OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=PLAIN ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2004 Double Precision, Inc. See COPYING for distribution information. ;1 220 42.jdns.nl ESMTP ;1 +OK Hello there. 22363.1438251518@localhost.localdomain ;1 +OK Hello there. 20681.1438601885@localhost.localdomain ;1 220-server.dns-europe.com ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 11:27:41 +0200 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. ;1 220- 220- Welcome to the PostgreSQL FTP Server 220- ==================================== 220- ;1 220-ip-146-255-33-34.ip.secureserver.net ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 08:41:40 -0700 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 15:51. Server port: 21. 220-This is a private system - No anonymous login 220 You will be disconnected after 15 minutes of inactivity. ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 3 of 500 allowed. 220-Local time is now 08:31. Server port: 21. 220-This is a private system - No anonymous login 220 You will be disconnected after 3 minutes of inactivity. ;1 220 zamarkowani.pl ESMTP Postfix (Ubuntu) ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 5000 allowed. 220-Local time is now 05:38. Server port: 21. 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. ;1 +OK Hello there. 3110.1438579819@localhost.localdomain ;1 +OK Hello there. 10819.1438279593@localhost.localdomain ;1 220 vzl-0142.psp.uniserver.nl ESMTP Postfix ;1 220 hsv-ede-igw.hsv.nl ESMTP ready. ;1 220 aviva.2fast.nl ESMTP Postfix (2Fast Internet Services) (Debian/GNU) ;1 +OK Hello there. ;1 220 (vsFTPd 2.0.3) ;1 220 VDS123397 FTP server ready. ;1 220-bcu.transip.nl ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 11:35:04 +0300 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 2 of 50 allowed. 220-Local time is now 18:05. Server port: 21. 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. ;1 220 Hello ;1 220-FTP Server ready... 220 5 second delay to prevent hammering. ;1 220 kopmtasrv.net ESMTP Postfix ;1 220 honk9.domeinhuis.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 12:56:10 +0200 ;1 +OK Welcome to MailEnable POP3 Server ;1 220 mail.camping-frankrijk.nl ESMTP MailEnable Service, Version: 7.53-- ready at 08/03/15 16:16:50 ;1 220 woutersserver ESMTP Postfix (Ubuntu) ;1 220 lb1 FTP server (Version 1.9.2.4 - 2005/01/11 13:03:28) ready. ;1 +OK Hello there. 9266.1438589298@localhost.localdomain ;1 +OK Hello there. 6853.1438292119@localhost.localdomain ;1 220 v01.compu.nl ESMTP Postfix ;1 220 ProFTPD 1.3.4a Server ready. ;1 220 vps01.woei.nl ESMTP Exim 4.72 Mon, 03 Aug 2015 15:04:05 +0200 ;1 +OK Hello there. 233501.1438551380@localhost.localdomain ;1 +OK Hello there. 98998.1438255645@localhost.localdomain ;1 220 86.109.13.198 FTP server ready ;1 220-Welcome to cc-ftpd. 220-You are user number 1 of 50 allowed. 220-Local time is now 17:27. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. ;1 +OK Hello there. 1566.1438229201@localhost.localdomain ;1 +OK Hello there. 15534.1438597397@localhost.localdomain ;1 220 ns1.v5v.eu ESMTP ;1 220 ProFTPD 1.3.5 Server (ProFTPD) [83.172.146.101] ;1 220 Serv-U FTP Server v6.4 for WinSock ready... ;1 220 trakinc ESMTP Postfix (Ubuntu) ;1 220 i3d005.lovepuddin.com ESMTP Exim 4.72 Mon, 03 Aug 2015 09:51:56 +0100 ;1 220 server.lrhitsolutions.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 18:56:59 +0200 ;1 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 19:48. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. ;1 220 vps1.socialbrands.nl ESMTP Exim 4.77 Mon, 03 Aug 2015 16:15:03 +0200 ;1 220 server.altus.com ESMTP ;1 220 ghost ESMTP Postfix (Ubuntu) ;1 220 vm3573.vellance.net ESMTP Postfix ;1
Reply to this email directly or view it on GitHub: https://github.com/radicallyopensecurity/PassiveNLSurvey/issues/5#issuecomment-142537783
Sent from my Android device with K-9 Mail. Please excuse my brevity.
ghost
commented
8 years ago Yes, zgrab results from scans.io
melanierieback
commented
8 years ago Cool! Have you already also started playing with Shodan and Google Dorks?
Cheers! :-) Melanie
On September 23, 2015 5:45:24 PM GMT+02:00, Koen J notifications@github.com wrote:
Yes, zgrab results from scans.io
Reply to this email directly or view it on GitHub: https://github.com/radicallyopensecurity/PassiveNLSurvey/issues/5#issuecomment-142644071
Sent from my Android device with K-9 Mail. Please excuse my brevity.
ghost
commented
8 years ago No, not yet.
melanierieback
commented
8 years ago Okay. Something to do in the upcoming period of time.. :-)
Melanie
On September 23, 2015 6:18:10 PM GMT+02:00, Koen J notifications@github.com wrote:
No, not yet.
Reply to this email directly or view it on GitHub: https://github.com/radicallyopensecurity/PassiveNLSurvey/issues/5#issuecomment-142652182
ghost
commented
8 years ago Implemented the Rapid7 structure and now making the final output.
As we are all excitedly waiting for the full output to complete I am going to theorize about the analysis of the results. In order to do this I will use some intermediate output as shown below.
The tool has been able to find 43583070 dutch hosts. The distribution of the investigated services among these hosts is shown in the output and summarized below.
For the analysis I propose a random test, in this way we combine the broadness of scans.io with the depth of being able to find pages leading to further investigation HTTP/HTTPS and SSL (through cached pages?). Firstly for each service we take the appropriate sample size. Afterwards for each sample we can determine which version of software the service is running and do a simple SSL investigation to determine possible problems. This SSL research will be combined with the Heartbleed results. Once the versions have been found we can make a quantitative list of software versions used by the population. This list can then be combined with a vulnerability database to determine how many of these servers are vulnerable.
I propose that if a server contains any service with a high risk, the server is marked as being insecure. Otherwise we mark it as secure, in this way we are overestimating how many secure servers there are. This also leads to a result which is biased a certain way, however I expect even though it is biased it will show that in general hosts can be considered insecure.