Autopsy ascii Fragment Report (ver 1.74) -------------------------------------------------------------- Fragment: 201554 Length: 4096 bytes Not allocated to any meta data structures MD5 of raw Fragment: d247bc871013a41d9a41ba854a3087e9 MD5 of ascii output: 6d95fe59f9a127d53d3349d97663415c Image: /home/kmaster/tools/filesystem/evidence//SOTM29/192.168.1.79/images/root_honeypot Image Type: linux-ext3 Date Generated: Mon Sep 15 19:24:36 2003 Investigator: CGR -------------------------------------------------------------- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++ Informatziile pe care le-ai dorit boss:) +++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Hostname : localhost.localdomain (192.168.1.79) Alternative IP : 127.0.0.1 Host : localhost.localdomain =============================================================== Distro: Red Hat Linux release 7.2 (Enigma) =============================================================== Uname -a Linux localhost.localdomain 2.4.7-10 #1 Thu Sep 6 17:27:27 EDT 2001 i686 unknown =============================================================== Uptime 1:33pm up 22:59, 1 user, load average: 0.16, 0.03, 0.01 =============================================================== Pwd /tmp/sand =============================================================== ID uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) =============================================================== Yahoo.com ping: PING 216.115.108.243 (216.115.108.243) from 192.168.1.79 : 56(84) bytes of data. From 64.152.81.62: Destination Net Unreachable From 64.152.81.62: Destination Net Unreachable From 64.152.81.62: Destination Net Unreachable --- 216.115.108.243 ping statistics --- 6 packets transmitted, 0 packets received, +3 errors, 100% packet loss =============================================================== Hw info: CPU Speed: 666.888MHz CPU Vendor: vendor_id : GenuineIntel CPU Model: model name : Pentium III (Coppermine) RAM: 94420 Kb =============================================================== HDD(s): Filesystem Type Size Used Avail Use% Mounted on /dev/sda1 ext3 905M 296M 564M 35% / none tmpfs 46M 0 46M 0% /dev/shm =============================================================== inetd-ul... =============================================================== configurarea ip-urilor.. inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0 inet addr:192.168.1.79 Bcast:192.168.1.255 Mask:255.255.255.0 =============================================================== Ports open: tcp 0 0 *:https *:* LISTEN tcp 0 0 localhost.localdom:smtp *:* LISTEN tcp 0 0 *:telnet *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 *:ftp *:* LISTEN tcp 0 0 *:cfinger *:* LISTEN tcp 0 0 *:auth