Return to Unfiction unforum
 a.r.g.b.b 
FAQ FAQ   Search Search 
 
Welcome!
New users, PLEASE read these forum guidelines. New posters, SEARCH before posting and read these rules before posting your killer new campaign. New players may also wish to peruse the ARG Player Tutorial.

All users must abide by the Terms of Service.
Website Restoration Project
This archiving project is a collaboration between Unfiction and Sean Stacey (SpaceBass), Brian Enigma (BrianEnigma), and Laura E. Hall (lehall) with
the Center for Immersive Arts.
Announcements
This is a static snapshot of the
Unfiction forums, as of
July 23, 2017.
This site is intended as an archive to chronicle the history of Alternate Reality Games.
  

The time now is Sun Nov 17, 2024 4:45 am
All times are UTC - 4 (DST in action)		 View posts in this forum since last visit
View unanswered posts in this forum
Calendar
 Forum index » Archive » Archive: The Haunted Apiary (Let Op!) » The Haunted Apiary (Let Op!): General/Updates
[LOCKED] [SOURCE] Possibly Relevant Server Info
View previous topicView next topic
Page 1 of 1 [12 Posts]  
Author Message
BYTE-Smasher
Greenhorn

Joined: 25 Jul 2004
Posts: 8

 		[SOURCE] Possibly Relevant Server Info
My First Post!
The following may be of interest to some... ilovebees.com has the following ports open:

80 HTTP
389 LDAP
1002 Microsoft Internet Locator Service (LDAP Dependancy?)
1720 h323hostcall (Remote Desktop)
47624 Direct Play Server

This shows that the server is definitely running on a windows box, and is apparently also some sort of gameserver... LDAP is a microsoft network protocol... port 1002 seems to be a dependancy of LDAP.... 1720 is used to remotely access the server graphically, iow: windows terminal remote desktop..... and 47624, the interesting one, is a directplay server.... commonly used as a game server for directx games... most companies use their own network protocol, so you can guarantee this is most likely meant for a Microsoft game... here's the cool part: you may be able to find out some info by using directx to connect to this port... I'm going to try telnetting in to see if I can find anything, but others who have more experience may want to scout this out.... also, packet sniffing on port 80 may turn up some previously unknown info.... that's all for now...

PostPosted: Sun Jul 25, 2004 12:27 am
 View user's profile
 Back to top 
fenrir
Greenhorn

Joined: 24 Jul 2004
Posts: 4
Location: Bryan, TX

 		According to the info on Netcraft, as of 17 July it is running on Windows 2000 and is hosted by Rackspace. in addition, the IP address (69.20.126.147) appears to be dedicated to them only and neither the one above or the one below has anything.

PostPosted: Sun Jul 25, 2004 12:33 am
 View user's profile Visit poster's website
 Back to top 
alaranth
Decorated


Joined: 12 Apr 2004
Posts: 151
Location: Rochester, NY / Albany, NY

 		The following was posted in the Trail on the wiki. I'm going through and doing some editing/cleanup, so I moved that discussion here because of the server talk.

Quote:

Additional Commentary (by ??):

I ran a visual traceroute on ilovebees.com, and it led to a place called Rackspace.com. Theres a half dozen missing/unidentified bounces that aren't necessarily abnormal, but do mask the entire path. From what I have gleaned from the main web site, this is definitely not a mom and pop thing. This isn't the "sign up now and get a domain and 500megs free" type of place, but a serious hosting location that doesn't really even list prices without contacting them. I have tried to find some correlation between bungie, halo, or anyone else sharing space at this location, however they have led to nothing.

--------------------------------------------------------------------------------
Additional Additional Commentary (by JT):
That's actually interesting that it's hosted by rackspace, which answers the question we forgot to ask, "How did they survive the extra bandwidth and slashdotting?" And now we know. Now we just need to know if they are directly colocating with Rackspace or if they host on someone elses box that colocates with rackspace... Looks like from poking and prodding at their ip (69.20.126.147) and ip addresses around it, that they are colocated on their own. I found this because some shared hosting services use an ip range and have one host per IP and others have multiple hosts on the same ip. The ips on each side of their ip and most in the range are unreachable on port 80 (www). Which means that if they're hosting more than one website, they'd have to be doing it on the same ip addres... which means that if you were to connect to the ip address not by hostname, you wouldn't get their website, you'd get a generic one... which isn't the case. If you connect to the ip address w/o using the host, you still get the same site. This person definitely thought ahead and co-located at rackspace... someone should use nmap and do some TCP fingerprinting to find out more information, as well as a portscan to find out what services are running on this box... perhaps I will if I have time later...


PostPosted: Sun Jul 25, 2004 12:36 am
 View user's profile AIM Address Yahoo Messenger
 ICQ Number 
 Back to top 
fenrir
Greenhorn

Joined: 24 Jul 2004
Posts: 4
Location: Bryan, TX

 		According to the info on Netcraft, as of 17 July it is running on Windows 2000 and is hosted by Rackspace. in addition, the IP address (69.20.126.147) appears to be dedicated to them only and neither the one above or the one below has anything.

PostPosted: Sun Jul 25, 2004 12:39 am
 View user's profile Visit poster's website
 Back to top 
Frak
Guest


 		I would say..
Try connecting the IP address from the last Halo game for the PC.

PostPosted: Sun Jul 25, 2004 12:43 am
 Back to top 
vf
Greenhorn

Joined: 24 Jul 2004
Posts: 3

 		Re: [source] Possibly Relevant Server Info
BYTE-Smasher wrote:
1720 h323hostcall (Remote Desktop)
1720 is actually for netmeeting I think, but I couldn't get through when I tried to connect with it. The netstat command did show an outgoing connection to 69.20.126.147:1720 though, while it was connecting. I also tried with Remote Desktop but I got a different port shown with netstat.

PostPosted: Sun Jul 25, 2004 12:44 am
 View user's profile
 Back to top 
aliendial
Unfictologist


Joined: 29 Sep 2002
Posts: 3438
Location: Far Far Away. Nowhere Near You. Really.

 		All very interesting, but is there an in-game reason to get into their server? I'll answer that one - no. So please don't. We use our skillz on the game itself and its puzzles, which sometimes requires "hacking" a character's vmail or email box. Not random hacking.
_________________
aliendial

PostPosted: Sun Jul 25, 2004 8:01 am
 View user's profile
 Back to top 
Icedude
Guest


 		Re: I would say..
Frak wrote:
Try connecting the IP address from the last Halo game for the PC.


Does nothing, tried putting in no port, 1002, and 47624 and it just gives failed

PostPosted: Sun Jul 25, 2004 8:14 am
 Back to top 
BYTE-Smasher
Greenhorn

Joined: 25 Jul 2004
Posts: 8
aliendial wrote:
All very interesting, but is there an in-game reason to get into their server? I'll answer that one - no. So please don't. We use our skillz on the game itself and its puzzles, which sometimes requires "hacking" a character's vmail or email box. Not random hacking.

Don't get me wrong here.... I don't think anyone should be "hacking" the server... I'm not interested in getting in via remote desktop or anything.... I'm more interested in the fact that it's running a directplay server... the implications of that may show who set this up... people have speculated that it's microsoft... this is just one more indication of that... when it comes to packet sniffing, and connecting to directplay, those are two things that wouldn't be considered hacking simply because port 80 and 47624 are there to be public access... connecting to them is not illegal... changing information on the server is however... so I'm not condoning anything illegal... just saying that you may be able to see more if you look in different ways...

PostPosted: Sun Jul 25, 2004 11:22 am
 View user's profile
 Back to top 
subatomicsatan
Boot

Joined: 26 Jul 2004
Posts: 34
Location: in the space above the period at the end of this sentence.

 		it's a mac
i ran a port scan using nmap and got the following (which indicates it is a mac--bungie used to be militantly mac-only):

Starting nmap 3.45 ( http://www.insecure.org/nmap/ ) at 2004-07-26 04:26 EDT
Interesting ports on 69.20.126.147:
(The 1655 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE
80/tcp open http
3389/tcp closed ms-term-serv
No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi).
TCP/IP fingerprint:
SInfo(V=3.45%P=powerpc-apple-darwin6.6%D=7/26%Time=4104C173%O=80%C=3389)
TSeq(Class=TR%TS=0)
T1(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
T2(Resp=N)
T3(Resp=N)
T4(Resp=N)
T5(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
T6(Resp=N)
T7(Resp=N)
PU(Resp=N)

Nmap run completed -- 1 IP address (1 host up) scanned in 305.388 seconds

PostPosted: Mon Jul 26, 2004 4:51 am
 View user's profile AIM Address
 Back to top 
Wishi-san
Unfettered


Joined: 20 Oct 2003
Posts: 602
Location: UK. Southwards.

 		I don't see how port scanning can ever be the answer to anything. And just in case anyone was considering it, be careful, previous games have banned people who've tried to get in to servers etc.
_________________
Given that God is infinite, and that the universe is also infinite... would you like a toasted tea cake?
Wishi-san x Wishi-san x Wishi-san

PostPosted: Mon Jul 26, 2004 7:13 am
 View user's profile
 Back to top 
AnthraX101
Entrenched

Joined: 18 Mar 2003
Posts: 797

 		If this ever produces something fruitful, feel free to open a topic with a direct link in-game. Otherwise, I don't think it's wise to go scanning game servers.

Locked.

AnthraX101
_________________
VGhlcmUgaXMgbm8gc3Bvb24u
ll----ll--ll--ll----l---ll---llll---ll--l--ll---llll-ll-l-ll-llll--l-.

PostPosted: Mon Jul 26, 2004 7:19 am
 View user's profile
 Back to top 
Display posts from previous:   Sort by:   
Page 1 of 1 [12 Posts]  
View previous topicView next topic
 Forum index » Archive » Archive: The Haunted Apiary (Let Op!) » The Haunted Apiary (Let Op!): General/Updates
Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
You cannot post calendar events in this forum



Powered by phpBB © 2001, 2005 phpBB Group