Houston, we have a problem...

Hi Controler.

Oh, look! You are behind a router, and your TDS-3 is lying to you... OR ~~ the word "Connected" doesn't really mean connected.

Thank you!

Hilly.

 

Hi Pawthentic! This is interesting! I was busy editing my last post so didn't see your next one. No, I do not hide my IP. I use ZoneAlarm. I can give you an annotated list of your hits but that would be redundant. I was just trying to help you out. I am also behind a router! It's part of my DSL hookup. Didn't mean to startle you!

 

Hi. No, I promise you didn't startle me. I routinely get all kinds of incoming, and the only things that scare me are apps and utilities that I run here at home.

Can I correctly assume that you're the one who I scanned after seeing your IP address in my router's log? (xxx.xxx.71.174)

If so, did you see my Interrogation of -your- IP address? Are you actually running anything that would hold those common ports open?

Thanks for replying, feel free to run whatever tools you wish against my IP address.

Regards,
Hilly.

 

Would like to add...Thanks for not publishing my IP. And, I am part of a LAN, which would influence your readings to some extent.

This is weird. Each time I make a posting, you post at the same time. Good wavelength. Yes, I am the one referred to.

(This is also a good test of ZoneAlarm! Thanks!)

 

Your welcome, and I should be the one thanking you for posting in this thread and helping me.

I understand that you being behind a LAN will have significance when I scan your WAN IP address, but are you at home or at work? Don't answer that. What I meant to ask is -- Do you know if your LAN has Mail, Web, and DNS services running? If you're at work, then this is probaly why I saw the connections, and they could be seen as accurate then. If you're at home, you'll know if you're running those services... are you?

Thanks again.
Regards,
Hilly.

note: I'll be offline for a couple of hours now, but I'll be back later today.

 

I get the same results with the TCP inspector Plugin
but like you pointed out Paw, No way to copy the info
can only do screen shots quickly LOL
One nice thing about the TCP inspector is the explaination of the ports
being scanned. FTP, backdoor ect.

 

Hi all,
sorry i keep out of the discussion, which is not my field of knowledge, so to spare you unnecessary bandwidth.
But for the copying of the TDS screens i can tell you:
in most TDS screens it's possible to just click the mouse somewhere in it, you might need to select/hightlight all first, click contr+C and contr+V to find it on your clipboard and from there you can easily copy it to where you want.
Same with some lines from the main console: highlight the part you want, contr+C / contr+V or copy it from the logfile of course.
Just tried it out with this TCP inspector and that copies fine this way!
Have fun with them!

 

I just wanted to post a note saying that my IP address is -still- 24.58.230.189.

...because I'm seeing crazy-mad hits inbound, obviously because many people are reading this thread and trying TDS-3 (and various other tools?) on me.

All I ask is that anyone who does so, and sees any results indicating that I'm running common services or open ports, please post here with some info ~~ like are you behind a router or not... what is your scan(s) reporting to you... etc.

Thanks again to everybody.

Regards,
Hilly.

 

Sorry for coming so late with this reaction:
also in the trial version i might suppose the logging works, if you enable it in the TDS > Configuration > Options, check enable logging > Save
You should find the log files from the console TDS > View logfile. If not, manually in the logs folder in the TDS-3 directory.

 

I can't get a copy from the TCP Inspector screen while it is running
After I highlight it kicks my highlight out as it is still running
Jooske try it on yours. Try copy and paste while the scanner is still running
Oh perty please?

 

You have to wait till the scan is over. As with selecting / highlighting in general, with a mouseclick or movement the selection is undone, so also with the running inspector.

Hilly seems now either off line or has closed the router and all rulesettings so tight... ! No, no ping answer, no trace to the last address, not any TCP inspector results, so is off line. What a pity
Triend on myself and all connections failed.
Hmm, thought i could have been in my own local trusted zone and all ports wide open for my own local scans, but not! Ping and trace ok, but not that inspector.

 

Hi Jooske. I'm still here. Router set to block pings, so pinging me won't work, and traceroute to me will die after a few hops.

Believe me, I'm not going anywhere until someone at DCS helps me.

Best Regards,
Hilly.

 

Then you know with the TDS Inspector i did not get any results on you, interrogate this moment..... not even 135!
Just ordinary FW and TDS, nothing more on my side.

 

Jooske, I want to thank you for jumping in and helping ~~ every bit counts!

The results you're seeing right now are exactly what you should be seeing, because I'm behind a router. I can make a good guess that you aren't behind a router, if you were I think you would get drastically different results... or maybe your TDS-3 isn't broken like mine is.

I have your IP address, may I please run some scans against you?

Regards,
Hilly.

 

I'll even wave at you in the meantime
But don't post the results in the open I'll uncheck even some things, so you should have about full access (so much trust)

 

Okay on the waving. ::Hilly waves back::

Not okay on unchecking things. It would be best if I hit as much of a brick wall as I can. I don't want open doors, I want locked ones.

Thanks -so- much.

Regards,
Hilly.

 

Hihi, tried to tcp connect and udc broadcast, but....
ahh forgot to open the port listening to see you coming in!
hmm should only work on one port at a time. I hear my system activity! You're quite busy

 

Okay Jooske, I'm finished. I definitely didn't get my usual results when scanning you with Interrogate under TDS-3. I also ran nmapNT against you, and got more strange results.

If I promise to blank-out any and all possibly identifying information, may I post the results here?

Thanks and Regards,
Hilly.

 

I've always been strange already so what else to expect? I scanned some of you in the meantime, broadcasting and connecting, pinging and backtracing you and in this case not even used one of the nice emu scripts
You know what's in the logging, so you can see if there is any danger when blanked out the personal parts. But of course i like a copy in the PM with all included (or email, whatever you'd prefer).
Of course i'm very curious now what you got for me!

 

PM sent.

Thank you, Jooske.

Regards,
Hilly.