Results, articles and questions about internet phenomena.
Net Census = primary source
Detailed x.y/16 profiles
by country and domain
Maj. Hog Denies
NEW in GypsyProxy 1.3:
Faster data transfer
CGI/1.1 in web server
Honeypot SMTP server
Http proxy & SMTP capture
Gypsy woman spam scam.
Funny Things Computers Say
Net Census Data
X/8 Prefix Top Players
(Heavy Weight Division)
Big Three Ping Kings:
211/8 APNIC-Pacific Rim
ICMP Error Reporter:
010/8 IANA-Private Use
[Private networks give it up.]
Top Ten TCP Acceptors:
006/8 Army Information Systems Center
131/8, 132/8, 153/8, 171/8,
137/8, 162/8, 147/8, 155/8,
140/8 ARIN (much .mil)
Connection Refused Champ:
20/8 Computer Sciences Corp.
X/8 Strangeness Winner:
55/8 Boeing (military)
X.Y/16 Prefix Top Players
(Middle Weight Division)
Ports Final Four:
21 FTP 0.76%
23 TEL 0.69%
25 SMTP 0.61%
139 NBT 0.56%
of 1/8 to 219/8 addresses
other countries 34%
of relayed mail received
Best Email Filtering:
other countries 56%
of relay mail accepted
Number of Relays:
Almost 1/4 million
Web Hogs Pen
Central Bank Club
Cookie Kooks Club
Telnet Tango Club
With gopher exploits reported,
use Webhogs, not your browser,
to retrieve these web pages.
One Hundred Club
ITSecurity.com web page
requires java (insecure) !?
ActiveX to download
some security patches.
Since when are people
with insecure browser
settings interested in
security patches !?
World Order Exchange™
Production-Ready Motion Picture Property
Upcoming Operation Funnel Headlines
Operation Funnel also found in select .gov, .edu, .com, .us and foreign domains.
Many Operation Funnel sites accept connections on numerous random ports numbers.
Sources report possible proxy firewall implementation of IP address funnels.
The Operation Funnel Vulnerability of the U.S. Military
Exhibit C: Address-funneled internet services: seven, and still counting. Updated: Mar 1, 2003
U.S. Military and SQL Slammer Smoking Guns
Exhibit B: Net Census data analysis reveals amazing details. Updated: Feb 9, 2003
U.S. Military Role in SQL Slammer Worm Attack
Exhibit A: Exclusive empirical data tracking the SQL Slammer worm. Updated: Feb 18, 2003
Internet Router: Return to Sender, Address Unknown
Construct an internet router table. A router vulnerability. An Elvis Presley hit. Sept 19, 2002
Computer Science Corporation: Buy or Sell?
The connection refused vulnerability in an IT giant. Sep 4, 2002
Internet Host Behavior Statistics by Port
These data may be used to estimate the total number of internet servers per port.
Aug 19, 2002
Network Profiling with Randomly Sampled Data
Network internet behavior patterns were profiled. Do you know your network profile?
Aug 17, 2002
A TCP Ping Reveals Hosts by Connection Refused Error
TCP connection refused errors may be used to discover and describe networks.
Aug 17, 2002
Computers Connected to IPv4 Address Space
Hey, What's Going On With 60% of Internet Addresses? Aug 17, 2002
Pentagon Email Relays in SMTP Census
Empirical data was collected to estimate SMTP population values
and identify email relays which may be used for spam. July 28, 2002
Web Hogs Pen: Web Page Hall of Shame
The WebHogs internet tool gathered data to inaugurate the Web Hogs Hall of Shame.
This report lists major results and web sites with the highest Pig Scores in the world.
July 16, 2002
WebHogs Does Central Banks
You may have grown up, but you can still have a piggy bank. Thank you, Maj. Hog.
Sep 11, 2002
If you would like to participate in data collection, please contact Global Services.
NetGain maintains work productivity during worm attacks like SoBig. The NetGain program includes both software and installation components. Join organizations protected by NetGain, the Net Census business version of Microsoft Windows operating systems. Continue working and earning income while users of the "net loss" version scramble to resume services. Contact us and join the NetGain program.
Editorial & Commentary
Windows Backdoors: Greatest Security Breach Ever? Aug 6, 2004
Windows Buffer Overflows: Bugs or Intended Backdoors? Oct 22, 2003
When All Else Fails, Set Up Networks Properly June 20, 2003
Internet Explorer Cannot Read Microsoft Web Site
Microsoft home page stumps IE. www.microsoft.com, heal thyself. Oct 26, 2002
The Smart Gateway: Port-to-Local-Host Address Mapping
Doctor Electron Solves Internet Address Space Problem. July 21, 2002
News & Press Releases
For immediate release. All Media.
ISP Assassin aka Spam Assassin
Wolf in sheep clothing exploiting anti-spam sentiment and violating privacy? Dec 23, 2002
Reader feedback. Selected alt.computer.security posts
Please use "contact us" below to report other abuses by such programs.
Microsoft Office Users Assess Damage
"Demonstrable and indisputable fact" may be scandal or industrial sabotage. Nov 1, 2002
Microsoft Excel Corrupts Its Spreadsheet Files
An apparent deliberate effort by Microsoft to prevent third-party access is documented.
Please see the XLS Test utility program in the Downloads section below. Oct 29, 2002
Pentagon Email Relays Found
Probably the same as others -- just wrongly configured mail servers. July 28, 2002
Bubba to Driver, "Internet Virus Road Block Ahead"
A mysterious silence of self-propagating virus activity detected. July 29, 2002
RapidQ Basic Tips
Registry Edit to Reduce Connect Timeout.
Tired of waiting "for ever" when a connection fails?
Download and double click on TimeOut.txt to reduce the timeout to less than 10 seconds!
Download TimeOut.txt 110 bytes
Freeware Program Downloads
These programs do not alter your registry or windows directory.
GypsyProxy 1.4 multi-port and multi-client servers and honeypots.
Screen shot and specifications. Separate log files by port number.
Port 25 is a honeypot smtp server. http CONNECT by spammers goes to local smtp.
Port 80 is a CGI/1.1 http server from root directory specified by user.
Port 1080 is a socks version 5 proxy server (per RFC 1928).
Ports 3128 and 8080 are anonymous http proxy servers.
Port 6667 is a chat server, with encryption-friendly features.
Download includes source code for simple cgi tester.
Download Gypsy.zip 84K Feb 3, 2012
XLS Test 1.0 utility program to document and assess Excel file corruption
XLS Test reads all .xls files in a directory for two purposes:
(1) Instances of corrupted user data are documented with the file hex offsets.
Get a BIFF8 manual and use a hex viewer to see the corruption in your data records.
(2) The resulting damage can be assessed and summary statistics are printed.
Type "xlstest" at the command prompt to get help information on usage.
XLS Test does not alter your .xls files in any way. View sample xlstest output.
Download XlsTest.zip 159K May 10, 2003
WebHogs 1.1 Maj. Hog exposes intruder html code in web pages
"Maj. Hog knows pigs well."
Scripts, links, email addresses, objects, applets and more are displayed and logged.
Customize with your own search items for text or tag content.
View WebHogs screen shot and description. WebHogs FAQ. View the Web Hogs Pen . Download WebHogs11.zip 349K May 10, 2003
RandScan Free 1.1 stealth multi-feature port scanner
"RandScan is cute and gets the man."
View RandScan screen shot and description.
Download RandScan11.zip 296K May 10, 2003
Comment on RandScan Free
RSocket non-blocking socket programming including raw socket example.
This source code adds 9 NEW functions. Requires free RapidQ Basic compiler.
Download RSocket.zip 11K Updated: June 6, 2003
icmp uses icmp.dll for echo requests. HotBasic source and .exe
Download icmp.zip 8K June 14, 2005
Mail is a command-line POP3 mail reader and SMTP mail sender
which can automate mail functions with a configuration file or command arguments.
Download executable and source code Mail.zip 160K May 10, 2002
|Thanks to Angelfire for easy-to-use, efficient, free hosting!||
about us - contact us
Copyright © 2002-2012 James J Keene
Net Census, HotBasic and NetGain are trademarks 2002-2012 of James J Keene.
Position: Cyber-babe needed in Net Census shop.
All content on this site is copyright © James J Keene