July 7th, 2005 04:08 AM
ah...that makes since...thnx for all the replies...o yea..and i ran port scan on the 10.x.x.x and the only port that was open was port 514 with a service called cmd running(reported by nmap). I tried to telnet to it see if it was the cmd from windows but all i got was a blank screen.
Originally posted here by Maestr0
Erm, are you kidding me?Try a whois on 127.0.0.1. OMFG IANA owns my localhost!! lol, seriously they are RFC 1918, of course they are reserved. Does 192.168.x.x ring a bell? And of course the second hop is also a rfc1918 like the first, they are both internal networks. the 10.x.x.x (also rfc1918) is probably the wired network which gets NATed to the internet. On that wired network is a wireless AP, the wireless AP is gets its addy from 10.x.x.x DHCP and then runs its own DHCP on 192.168.x.x, this way the WLAN and LAN are separate. Its not a honeypot its some dude with a linksys AP plugged into his Linksys router.
July 7th, 2005 09:02 AM
How about an AP with a spoofed MAC..
That would make it a Fake vendor ID..
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio
the best station for C64 Remixes !
July 7th, 2005 10:11 AM
Hi Maestr0 ,
Thanks, I had spotted the first one it was the second 10.x.x.x that had me confused. I didn't even think about wireless.................here in "log cabin country" we don't even have cable TV
Your explanation makes it all fit now
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?