Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: Adam Carter <adamcarter3@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Yahoo and strange traffic.
Date: Tue, 17 Aug 2010 01:32:58
Message-Id: AANLkTi=jtx9fnLhCG+q6vgWnkEztgoO_AXHvrx6FUbyX@mail.gmail.com
In Reply to: Re: [gentoo-user] Yahoo and strange traffic. by Dale
1 >
2 > I just did a killall kopete and it did stop. Is there a way to "see" what
3 > it is sending/receiving? I'm talking like is it a jpeg, some other file or
4 > something else?
5 >
6 >
7 rix portage # nmap -p 5050 -sV cs210p2.msg.sp1.yahoo.com
8
9 Starting Nmap 5.21 ( http://nmap.org ) at 2010-08-17 11:27 EST
10 Nmap scan report for cs210p2.msg.sp1.yahoo.com (98.136.48.110)
11 Host is up (0.20s latency).
12 PORT STATE SERVICE VERSION
13 5050/tcp open mmcc?
14 1 service unrecognized despite returning data. If you know the
15 service/version, please submit the following fingerprint at
16 http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
17 SF-Port5050-TCP:V=5.21%I=7%D=8/17%Time=4C69E58D%P=i686-pc-linux-gnu%r(GetR
18 SF:equest,195,"HTTP/1\.1\x20404\x20Not\x20Found\r\nContent-Type:\x20text/h
19 SF:tml\r\nCache-Control:\x20max-age=0,\x20must-revalidate\r\nExpires:\x20S
20 SF:un,\x2010\x20Jun\x202007\x2012:01:01\x20GMT\r\n\r\n<html><head>\r\n<met
21 SF:a\x20http-equiv=\"content-type\"\x20content=\"text/html;charset=utf-8\"
22 SF:>\r\n<title>404\x20Not\x20Found</title>\r\n</head>\r\n<body\x20text=#00
23 SF:0000\x20bgcolor=#ffffff>\r\n<hr><center>\r\n<H1>Not\x20Found</H1>\r\nTh
24 SF:e\x20requested\x20URL\x20was\x20not\x20found\x20on\x20this\x20server\.\
25 SF:r\n</center><p>\r\n</body></html>\r\n")%r(FourOhFourRequest,195,"HTTP/1
26 SF:\.1\x20404\x20Not\x20Found\r\nContent-Type:\x20text/html\r\nCache-Contr
27 SF:ol:\x20max-age=0,\x20must-revalidate\r\nExpires:\x20Sun,\x2010\x20Jun\x
28 SF:202007\x2012:01:01\x20GMT\r\n\r\n<html><head>\r\n<meta\x20http-equiv=\"
29 SF:content-type\"\x20content=\"text/html;charset=utf-8\">\r\n<title>404\x2
30 SF:0Not\x20Found</title>\r\n</head>\r\n<body\x20text=#000000\x20bgcolor=#f
31 SF:fffff>\r\n<hr><center>\r\n<H1>Not\x20Found</H1>\r\nThe\x20requested\x20
32 SF:URL\x20was\x20not\x20found\x20on\x20this\x20server\.\r\n</center><p>\r\
33 SF:n</body></html>\r\n");
34
35 Service detection performed. Please report any incorrect results at
36 http://nmap.org/submit/ .
37 Nmap done: 1 IP address (1 host up) scanned in 112.82 seconds
38 rix portage #
39
40
41 Well its obviously HTTP, NFI why NMAP cant see that. So you could capture in
42 wireshark, then docode port 5050 as HTTP.

Replies

Subject Author
Re: [gentoo-user] Yahoo and strange traffic. Dale <rdalek1967@×××××.com>
Report Message
Find on MARC Find on Google Groups