Discussion of Analysis

As we are all excitedly waiting for the full output to complete I am going to theorize about the analysis of the results. In order to do this I will use some intermediate output as shown below.

Loading list of dutch hosts...
Found 43583070 dutch hosts.
Synchronizing threads...
Loading ZMAP IMAP-Banner results...
Loading ZMAP FTP-Banner results...
Loading ZMAP POP3S-Banner results...
Loading ZMAP Heartbleed-Banner results...
Loading ZMAP SMTP-Banner results...
Loading ZMAP IMAPS-Banner results...
Loading ZMAP HTTPS-Banner results...
Loading ZMAP POP3-Banner results...
Found Dutch 112179 hosts with POP3S.
Fetching banners for Dutch POP3S hosts...
Found Dutch 109645 hosts with IMAPS.
Fetching banners for Dutch IMAPS hosts...
Found Dutch 87183 hosts with IMAP.
Fetching banners for Dutch IMAP hosts...
Found Dutch 129094 hosts with POP3.
Fetching banners for Dutch POP3 hosts...
Found Dutch 200067 hosts with SMTP.
Fetching banners for Dutch SMTP hosts...
Found Dutch 240749 hosts with FTP.
Fetching banners for Dutch FTP hosts...
Found Dutch 572534 hosts with Heartbleed.
Fetching banners for Dutch Heartbleed hosts...
Found Dutch 664957 hosts with HTTPS.
Fetching banners for Dutch HTTPS hosts...

The tool has been able to find 43583070 dutch hosts. The distribution of the investigated services among these hosts is shown in the output and summarized below.

112179 hosts running POP3S
109645 hosts running IMAPS
87183 hosts running IMAP
129094 hosts running POP3
200067 hosts running SMTP
240749 hosts running FTP
572534 hosts running Heartbleed (these hosts are insecure and vulnerable)
664957 hosts running HTTPS

For the analysis I propose a random test, in this way we combine the broadness of scans.io with the depth of being able to find pages leading to further investigation HTTP/HTTPS and SSL (through cached pages?). Firstly for each service we take the appropriate sample size. Afterwards for each sample we can determine which version of software the service is running and do a simple SSL investigation to determine possible problems. This SSL research will be combined with the Heartbleed results. Once the versions have been found we can make a quantitative list of software versions used by the population. This list can then be combined with a vulnerability database to determine how many of these servers are vulnerable.

I propose that if a server contains any service with a high risk, the server is marked as being insecure. Otherwise we mark it as secure, in this way we are overestimating how many secure servers there are. This also leads to a result which is biased a certain way, however I expect even though it is biased it will show that in general hosts can be considered insecure.

Update: 6/8 done executing.

[melanierieback]

koenj2: sounds good! (I'm also looking forward to hearing more about your strategy regarding a small number of individual in-depth case studies.) :-)

Update: 7/8 done executing.

[sinteur]

👍🏻

Verstuurd vanaf mijn iPhone

Op 5 sep. 2015 om 17:55 heeft Koen J notifications@github.com het volgende geschreven:

Update: 7/8 done executing.

—
Reply to this email directly or view it on GitHub.

Found 184727 hosts, therefore our random test should contain 384 hosts. These hosts showed the following banners, seemed promising! The ;1 represents a frequency test, eg Hello;1 means the banner occurred only once.

384 random hosts fetched.
Filled host information.
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 2 of 500 allowed.
220-Local time is now 11:59. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 AUTH=PLAIN IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc.  See COPYING for distribution information.
;7
+OK Hello there. <5326.1438224511@localhost.localdomain>
;1
+OK Hello there. <124200.1438545846@localhost.localdomain>
;1
220 86.109.11.31 FTP server ready
;1
220 Ftp firmware update utility;8
+OK Hello there. <142976.1438236035@localhost.localdomain>
;1
+OK Hello there. <5806.1438572545@localhost.localdomain>
;1
220 86.109.6.28 FTP server ready
;1
+OK Dovecot ready.
;38
220 FTP Server ready.
;14
220 DS1949 FTP server ready.
;1
421 4.3.2 Connection rate limit exceeded.
;8
220 hypershop.nl ESMTP Postfix (Debian/GNU)
;1
220 mx.blinkstaircase.com ESMTP Postfix
;1
220 ProFTPD 1.3.5 Server (ProFTPD) [81.4.106.44]
;1
220---------- Welcome to Pure-FTPd [privsep] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 22:30. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.
;1
220 vm5219.vellance.net ESMTP Postfix
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 10:08. Server port: 21.
220 You will be disconnected after 15 minutes of inactivity.
;1
220 glv-03.isp-services.nl ESMTP Postfix
;1
+OK Hello there. <65296.1438276581@localhost.localdomain>
;1
220 lnx10.hosting.nubium.nl ESMTP Postfix
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 5 of 500 allowed.
220-Local time is now 09:46. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 6 of 500 allowed.
220-Local time is now 06:15. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
220 domain.com ESMTP Ready
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 3 of 500 allowed.
220-Local time is now 01:14. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
220 DS1861 FTP server ready.
;1
220 mho-optional.warmlights.net ESMTP service ready
;1
220 ProFTPD 1.3.5 Server (ProFTPD) [213.206.91.50]
;1
220 remote.luhy.nl Microsoft ESMTP MAIL Service ready at Mon, 3 Aug 2015 18:35:12 +0200
;1
220 Microsoft FTP Service
;3
220 server.datingsites.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 11:28:21 +0200
;1
220 ProFTPD 1.3.4b Server ready.
;4
220 intermax-mail01.exed.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 18:06:21 +0200
;1
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot DA ready.
;9
+OK Dovecot DA ready.
;23
220 vps178.123-webhost.net ESMTP Exim 4.76 Mon, 03 Aug 2015 13:35:09 +0200
;1
+OK Hello there. <11298.1438267853@localhost.localdomain>
;1
220 vps-1021692-341.cp.ashosting.nl ESMTP
;1
220 ProFTPD 1.3.2e Server (ProFTPD) [62.212.152.89]
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 5 of 500 allowed.
220-Local time is now 14:42. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
;3
220-amsrv20.fastcpanelserver.com ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 13:07:38 -0400 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 2 of 50 allowed.
220-Local time is now 16:15. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
220 ProFTPD 1.3.3e Server ready.
;4
220 d168.webcreators.nl ESMTP Exim 4.84 Mon, 03 Aug 2015 17:55:58 +0200
;1
220 ns1.wvmkb-server.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 10:52:39 +0200
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 22:46. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.
;1
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
;2
+OK POP3 server ready <8ecbe651-cf16-452d-84e7-8a3d00cc2b13@asphost72.asphostserver.net>
;1
220 vps.spark-it.nl ESMTP Exim 4.82 Mon, 03 Aug 2015 15:08:40 +0200
;1
220 local-elixir.warmlights.net ESMTP service ready
;1
220 smtp.merit.unu.edu ESMTP ready.
;1
220 2.0.0 ms2.mailendo.in ESMTP ecelerity 4.1.0.46749 r(Core:4.1.0.4) Mon, 03 Aug 2015 12:54:32 -0500
;1
220 astaro.magneet.com ESMTP ready.
;1
220-server.main-computers.net ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 17:10:03 +0400 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 15:51. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 08:05. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
220-dexter.webcare360.info ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 14:03:04 +0200 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
;1
+OK Hello there. <6552.1438565661@localhost.localdomain>
;1
+OK Hello there. <24482.1438246362@localhost.localdomain>
;1
220 jeugdzorgmakelaar.flexvps.nl ESMTP Postfix
;1
220 ProFTPD 1.3.4c Server (ProFTPD) [89.255.16.215]
;1
220 ProFTPD 1.3.5a Server ready.
;3
220 pm.themasterlabs.com ESMTP Exim 4.76 Mon, 03 Aug 2015 15:35:00 +0200
;1
220 ProFTPD 1.3.5 Server (ProFTPD) [212.204.198.230]
;1
220 ProFTPD 1.3.4a Server (Debian) [::ffff:5.79.77.80]
;1
220 vps42098.public.cloudvps.com ESMTP Exim 4.82 Mon, 03 Aug 2015 19:15:06 +0200
;1
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready.
;1
220 server.mespromo21.com.br
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 15:25. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 4 of 500 allowed.
220-Local time is now 03:40. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
220 vacationli2.webair.com ESMTP
;1
220-vacationli2.webair.com NcFTPd Server (licensed copy) ready.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 18 of 1000 allowed.
220-Local time is now 23:44. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 240 minutes of inactivity.
;1
220-After a while you learn the subtle difference
220-Between holding a hand and chaining a soul,
220-And you learn that love doesn't mean security,
220-And you begin to learn that kisses aren't contracts
220-And presents aren't promises
220-And you begin to accept your defeats
220-With your head up and your eyes open,
220-With the grace of a woman, not the grief of a child,
220-And you learn to build all your roads
220-On today because tomorrow's ground
220-Is too uncertain.  And futures have
220-A way of falling down in midflight,
220-After a while you learn that even sunshine burns if you get too much.
220-So you plant your own garden and decorate your own soul, instead of waiting
220-For someone to bring you flowers.
220-And you learn that you really can endure...
220-That you really are strong,
220-And you really do have worth
220-And you learn and learn
220-With every goodbye you learn.
220-        -- Veronic Shoffstall, "Comes the Dawn"
220 This is a private system - No anonymous login
;1
220 N1NW8SHG115.ams1.gdhosting.gdg Microsoft ESMTP MAIL Service, Version: 7.0.6002.18264 ready at  Mon, 3 Aug 2015 06:32:39 -0700 
;1
220 AP8959 Network Management Card AOS v5.1.2 FTP server ready.
;1
220 srv06.zo-host.nl ESMTP Exim 4.85 Mon, 03 Aug 2015 19:16:20 +0200
;1
220 srv854.flexwebhosting.nl ESMTP Exim 4.61 Mon, 03 Aug 2015 13:09:18 +0200
;1
220 directadmin1.shared.nforce.com ESMTP Exim 4.73 Mon, 03 Aug 2015 14:10:36 +0200
;1
220 ProFTPD 1.3.3d Server ready.
;1
+OK Hello there. <84230.1438569173@localhost.localdomain>
;1
+OK Hello there. <108666.1438287300@localhost.localdomain>
;1
220 86.109.14.194 FTP server ready
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 4 of 500 allowed.
220-Local time is now 09:11. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 8 of 500 allowed.
220-Local time is now 11:56. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=PLAIN ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2004 Double Precision, Inc.  See COPYING for distribution information.
;1
220 42.jdns.nl ESMTP
;1
+OK Hello there. <22363.1438251518@localhost.localdomain>
;1
+OK Hello there. <20681.1438601885@localhost.localdomain>
;1
220-server.dns-europe.com ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 11:27:41 +0200 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
;1
220-
220-                  Welcome to the PostgreSQL FTP Server
220-                  ====================================
220-
;1
220-ip-146-255-33-34.ip.secureserver.net ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 08:41:40 -0700 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 15:51. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 3 of 500 allowed.
220-Local time is now 08:31. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1
220 zamarkowani.pl ESMTP Postfix (Ubuntu)
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 5000 allowed.
220-Local time is now 05:38. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
+OK Hello there. <3110.1438579819@localhost.localdomain>
;1
+OK Hello there. <10819.1438279593@localhost.localdomain>
;1
220 vzl-0142.psp.uniserver.nl ESMTP Postfix
;1
220 hsv-ede-igw.hsv.nl ESMTP ready.
;1
220 aviva.2fast.nl ESMTP Postfix (2Fast Internet Services) (Debian/GNU)
;1
+OK Hello there.
;1
220 (vsFTPd 2.0.3)
;1
220 VDS123397 FTP server ready.
;1
220-bcu.transip.nl ESMTP Exim 4.85 #2 Mon, 03 Aug 2015 11:35:04 +0300 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 2 of 50 allowed.
220-Local time is now 18:05. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
220 Hello
;1
220-FTP Server ready...
220 5 second delay to prevent hammering.
;1
220 kopmtasrv.net ESMTP Postfix
;1
220 honk9.domeinhuis.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 12:56:10 +0200
;1
+OK Welcome to MailEnable POP3 Server
;1
220 mail.camping-frankrijk.nl ESMTP MailEnable Service, Version: 7.53-- ready at 08/03/15 16:16:50
;1
220 woutersserver ESMTP Postfix (Ubuntu)
;1
220 lb1 FTP server (Version 1.9.2.4 - 2005/01/11 13:03:28) ready.
;1
+OK Hello there. <9266.1438589298@localhost.localdomain>
;1
+OK Hello there. <6853.1438292119@localhost.localdomain>
;1
220 v01.compu.nl ESMTP Postfix
;1
220 ProFTPD 1.3.4a Server ready.
;1
220 vps01.woei.nl ESMTP Exim 4.72 Mon, 03 Aug 2015 15:04:05 +0200
;1
+OK Hello there. <233501.1438551380@localhost.localdomain>
;1
+OK Hello there. <98998.1438255645@localhost.localdomain>
;1
220 86.109.13.198 FTP server ready
;1
220-Welcome to cc-ftpd.
220-You are user number 1 of 50 allowed.
220-Local time is now 17:27. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
+OK Hello there. <1566.1438229201@localhost.localdomain>
;1
+OK Hello there. <15534.1438597397@localhost.localdomain>
;1
220 ns1.v5v.eu ESMTP
;1
220 ProFTPD 1.3.5 Server (ProFTPD) [83.172.146.101]
;1
220 Serv-U FTP Server v6.4 for WinSock ready...
;1
220 trakinc ESMTP Postfix (Ubuntu)
;1
220 i3d005.lovepuddin.com ESMTP Exim 4.72 Mon, 03 Aug 2015 09:51:56 +0100
;1
220 server.lrhitsolutions.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 18:56:59 +0200
;1
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 19:48. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
;1
220 vps1.socialbrands.nl ESMTP Exim 4.77 Mon, 03 Aug 2015 16:15:03 +0200
;1
220 server.altus.com ESMTP
;1
220 ghost ESMTP Postfix (Ubuntu)
;1
220 vm3573.vellance.net ESMTP Postfix
;1

[melanierieback]

Koen: did this information come from zmap?

Cheers!
Melanie

On September 23, 2015 11:16:40 AM GMT+02:00, Koen J notifications@github.com wrote:

Found 184727 hosts, therefore our random test should contain 384 hosts.
These hosts showed the following banners, seemed promising!

384 random hosts fetched.
Filled host information.
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 2 of 500 allowed.
220-Local time is now 11:59. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 3 minutes of inactivity.
;1

• OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE
  THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5
  AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 AUTH=PLAIN IDLE ACL ACL2=UNION]
  Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc. See
  COPYING for distribution information.
  ;7
  +OK Hello there. 5326.1438224511@localhost.localdomain
  ;1
  +OK Hello there. 124200.1438545846@localhost.localdomain
  ;1
  220 86.109.11.31 FTP server ready
  ;1
  220 Ftp firmware update utility;8
  +OK Hello there. 142976.1438236035@localhost.localdomain
  ;1
  +OK Hello there. 5806.1438572545@localhost.localdomain
  ;1
  220 86.109.6.28 FTP server ready
  ;1
  +OK Dovecot ready.
  ;38
  220 FTP Server ready.
  ;14
  220 DS1949 FTP server ready.
  ;1
  421 4.3.2 Connection rate limit exceeded.
  ;8
  220 hypershop.nl ESMTP Postfix (Debian/GNU)
  ;1
  220 mx.blinkstaircase.com ESMTP Postfix
  ;1
  220 ProFTPD 1.3.5 Server (ProFTPD) [81.4.106.44]
  ;1
  220---------- Welcome to Pure-FTPd [privsep] ----------
  220-You are user number 1 of 50 allowed.
  220-Local time is now 22:30. Server port: 21.
  220-This is a private system - No anonymous login
  220 You will be disconnected after 15 minutes of inactivity.
  ;1
  220 vm5219.vellance.net ESMTP Postfix
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 1 of 50 allowed.
  220-Local time is now 10:08. Server port: 21.
  220 You will be disconnected after 15 minutes of inactivity.
  ;1
  220 glv-03.isp-services.nl ESMTP Postfix
  ;1
  +OK Hello there. 65296.1438276581@localhost.localdomain
  ;1
  220 lnx10.hosting.nubium.nl ESMTP Postfix
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 5 of 500 allowed.
  220-Local time is now 09:46. Server port: 21.
  220-This is a private system - No anonymous login
  220 You will be disconnected after 3 minutes of inactivity.
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 6 of 500 allowed.
  220-Local time is now 06:15. Server port: 21.
  220-This is a private system - No anonymous login
  220 You will be disconnected after 3 minutes of inactivity.
  ;1
  220 domain.com ESMTP Ready
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 3 of 500 allowed.
  220-Local time is now 01:14. Server port: 21.
  220-This is a private system - No anonymous login
  220 You will be disconnected after 3 minutes of inactivity.
  ;1
  220 DS1861 FTP server ready.
  ;1
  220 mho-optional.warmlights.net ESMTP service ready
  ;1
  220 ProFTPD 1.3.5 Server (ProFTPD) [213.206.91.50]
  ;1
  220 remote.luhy.nl Microsoft ESMTP MAIL Service ready at Mon, 3 Aug
  2015 18:35:12 +0200
  ;1
  220 Microsoft FTP Service
  ;3
  220 server.datingsites.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 11:28:21
  +0200
  ;1
  220 ProFTPD 1.3.4b Server ready.
  ;4
  220 intermax-mail01.exed.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 18:06:21
  +0200
  ;1
• OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
  IDLE AUTH=PLAIN] Dovecot DA ready.
  ;9
  +OK Dovecot DA ready.
  ;23
  220 vps178.123-webhost.net ESMTP Exim 4.76 Mon, 03 Aug 2015 13:35:09
  +0200
  ;1
  +OK Hello there. 11298.1438267853@localhost.localdomain
  ;1
  220 vps-1021692-341.cp.ashosting.nl ESMTP
  ;1
  220 ProFTPD 1.3.2e Server (ProFTPD) [62.212.152.89]
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 5 of 500 allowed.
  220-Local time is now 14:42. Server port: 21.
  220-This is a private system - No anonymous login
  220 You will be disconnected after 3 minutes of inactivity.
  ;1
• OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
  IDLE NAMESPACE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
  ;3
  220-amsrv20.fastcpanelserver.com ESMTP Exim 4.85 Update #2 #2 Mon, 03 Aug 2015
  13:07:38 -0400
  220-We do not authorize the use of this system to transport
  unsolicited,
  220 and/or bulk e-mail.
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 2 of 50 allowed.
  220-Local time is now 16:15. Server port: 21.
  220-This is a private system - No anonymous login
  220-IPv6 connections are also welcome on this server.
  220 You will be disconnected after 15 minutes of inactivity.
  ;1
  220 ProFTPD 1.3.3e Server ready.
  ;4
  220 d168.webcreators.nl ESMTP Exim 4.84 Mon, 03 Aug 2015 17:55:58 +0200
  ;1
  220 ns1.wvmkb-server.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 10:52:39 +0200
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 1 of 50 allowed.
  220-Local time is now 22:46. Server port: 21.
  220-This is a private system - No anonymous login
  220 You will be disconnected after 15 minutes of inactivity.
  ;1
• OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
  IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
  ;2
  +OK POP3 server ready
  8ecbe651-cf16-452d-84e7-8a3d00cc2b13@asphost72.asphostserver.net
  ;1
  220 vps.spark-it.nl ESMTP Exim 4.82 Mon, 03 Aug 2015 15:08:40 +0200
  ;1
  220 local-elixir.warmlights.net ESMTP service ready
  ;1
  220 smtp.merit.unu.edu ESMTP ready.
  ;1
  220 2.0.0 ms2.mailendo.in ESMTP ecelerity 4.1.0.46749 r(Core:4.1.0.4)
  Mon, 03 Aug 2015 12:54:32 -0500
  ;1
  220 astaro.magneet.com ESMTP ready.
  ;1
  220-server.main-computers.net ESMTP Exim 4.85 Update #2 #2 Mon, 03 Aug 2015
  17:10:03 +0400
  220-We do not authorize the use of this system to transport
  unsolicited,
  220 and/or bulk e-mail.
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 1 of 50 allowed.
  220-Local time is now 15:51. Server port: 21.
  220-IPv6 connections are also welcome on this server.
  220 You will be disconnected after 15 minutes of inactivity.
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 1 of 50 allowed.
  220-Local time is now 08:05. Server port: 21.
  220-This is a private system - No anonymous login
  220-IPv6 connections are also welcome on this server.
  220 You will be disconnected after 15 minutes of inactivity.
  ;1
  220-dexter.webcare360.info ESMTP Exim 4.85 Update #2 #2 Mon, 03 Aug 2015 14:03:04
  +0200
  220-We do not authorize the use of this system to transport
  unsolicited,
  220 and/or bulk e-mail.
  ;1
  +OK Hello there. 6552.1438565661@localhost.localdomain
  ;1
  +OK Hello there. 24482.1438246362@localhost.localdomain
  ;1
  220 jeugdzorgmakelaar.flexvps.nl ESMTP Postfix
  ;1
  220 ProFTPD 1.3.4c Server (ProFTPD) [89.255.16.215]
  ;1
  220 ProFTPD 1.3.5a Server ready.
  ;3
  220 pm.themasterlabs.com ESMTP Exim 4.76 Mon, 03 Aug 2015 15:35:00
  +0200
  ;1
  220 ProFTPD 1.3.5 Server (ProFTPD) [212.204.198.230]
  ;1
  220 ProFTPD 1.3.4a Server (Debian) [::ffff:5.79.77.80]
  ;1
  220 vps42098.public.cloudvps.com ESMTP Exim 4.82 Mon, 03 Aug 2015
  19:15:06 +0200
  ;1
• OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
  IDLE AUTH=PLAIN] Dovecot ready.
  ;1
  220 server.mespromo21.com.br
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 1 of 50 allowed.
  220-Local time is now 15:25. Server port: 21.
  220-IPv6 connections are also welcome on this server.
  220 You will be disconnected after 15 minutes of inactivity.
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 4 of 500 allowed.
  220-Local time is now 03:40. Server port: 21.
  220-This is a private system - No anonymous login
  220 You will be disconnected after 3 minutes of inactivity.
  ;1
  220 vacationli2.webair.com ESMTP
  ;1
  220-vacationli2.webair.com NcFTPd Server (licensed copy) ready.
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 18 of 1000 allowed.
  220-Local time is now 23:44. Server port: 21.
  220-This is a private system - No anonymous login
  220-IPv6 connections are also welcome on this server.
  220 You will be disconnected after 240 minutes of inactivity.
  ;1
  220-After a while you learn the subtle difference
  220-Between holding a hand and chaining a soul,
  220-And you learn that love doesn't mean security,
  220-And you begin to learn that kisses aren't contracts
  220-And presents aren't promises
  220-And you begin to accept your defeats
  220-With your head up and your eyes open,
  220-With the grace of a woman, not the grief of a child,
  220-And you learn to build all your roads
  220-On today because tomorrow's ground
  220-Is too uncertain. And futures have
  220-A way of falling down in midflight,
  220-After a while you learn that even sunshine burns if you get too
  much.
  220-So you plant your own garden and decorate your own soul, instead of
  waiting
  220-For someone to bring you flowers.
  220-And you learn that you really can endure...
  220-That you really are strong,
  220-And you really do have worth
  220-And you learn and learn
  220-With every goodbye you learn.
  220- -- Veronic Shoffstall, "Comes the Dawn"
  220 This is a private system - No anonymous login
  ;1
  220 N1NW8SHG115.ams1.gdhosting.gdg Microsoft ESMTP MAIL Service,
  Version: 7.0.6002.18264 ready at Mon, 3 Aug 2015 06:32:39 -0700
  ;1
  220 AP8959 Network Management Card AOS v5.1.2 FTP server ready.
  ;1
  220 srv06.zo-host.nl ESMTP Exim 4.85 Mon, 03 Aug 2015 19:16:20 +0200
  ;1
  220 srv854.flexwebhosting.nl ESMTP Exim 4.61 Mon, 03 Aug 2015 13:09:18
  +0200
  ;1
  220 directadmin1.shared.nforce.com ESMTP Exim 4.73 Mon, 03 Aug 2015
  14:10:36 +0200
  ;1
  220 ProFTPD 1.3.3d Server ready.
  ;1
  +OK Hello there. 84230.1438569173@localhost.localdomain
  ;1
  +OK Hello there. 108666.1438287300@localhost.localdomain
  ;1
  220 86.109.14.194 FTP server ready
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 4 of 500 allowed.
  220-Local time is now 09:11. Server port: 21.
  220-This is a private system - No anonymous login
  220 You will be disconnected after 3 minutes of inactivity.
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 8 of 500 allowed.
  220-Local time is now 11:56. Server port: 21.
  220-This is a private system - No anonymous login
  220 You will be disconnected after 3 minutes of inactivity.
  ;1
• OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE
  THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=PLAIN ACL
  ACL2=UNION] Courier-IMAP ready. Copyright 1998-2004 Double Precision,
  Inc. See COPYING for distribution information.
  ;1
  220 42.jdns.nl ESMTP
  ;1
  +OK Hello there. 22363.1438251518@localhost.localdomain
  ;1
  +OK Hello there. 20681.1438601885@localhost.localdomain
  ;1
  220-server.dns-europe.com ESMTP Exim 4.85 Update #2 #2 Mon, 03 Aug 2015 11:27:41
  +0200
  220-We do not authorize the use of this system to transport
  unsolicited,
  220 and/or bulk e-mail.
  ;1
  220-
  220- Welcome to the PostgreSQL FTP Server
  220- ====================================
  220-
  ;1
  220-ip-146-255-33-34.ip.secureserver.net ESMTP Exim 4.85 Update #2 #2 Mon, 03 Aug
  2015 08:41:40 -0700
  220-We do not authorize the use of this system to transport
  unsolicited,
  220 and/or bulk e-mail.
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 1 of 50 allowed.
  220-Local time is now 15:51. Server port: 21.
  220-This is a private system - No anonymous login
  220 You will be disconnected after 15 minutes of inactivity.
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 3 of 500 allowed.
  220-Local time is now 08:31. Server port: 21.
  220-This is a private system - No anonymous login
  220 You will be disconnected after 3 minutes of inactivity.
  ;1
  220 zamarkowani.pl ESMTP Postfix (Ubuntu)
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 1 of 5000 allowed.
  220-Local time is now 05:38. Server port: 21.
  220-IPv6 connections are also welcome on this server.
  220 You will be disconnected after 15 minutes of inactivity.
  ;1
  +OK Hello there. 3110.1438579819@localhost.localdomain
  ;1
  +OK Hello there. 10819.1438279593@localhost.localdomain
  ;1
  220 vzl-0142.psp.uniserver.nl ESMTP Postfix
  ;1
  220 hsv-ede-igw.hsv.nl ESMTP ready.
  ;1
  220 aviva.2fast.nl ESMTP Postfix (2Fast Internet Services) (Debian/GNU)
  ;1
  +OK Hello there.
  ;1
  220 (vsFTPd 2.0.3)
  ;1
  220 VDS123397 FTP server ready.
  ;1
  220-bcu.transip.nl ESMTP Exim 4.85 Update #2 #2 Mon, 03 Aug 2015 11:35:04 +0300
  220-We do not authorize the use of this system to transport
  unsolicited,
  220 and/or bulk e-mail.
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 2 of 50 allowed.
  220-Local time is now 18:05. Server port: 21.
  220-IPv6 connections are also welcome on this server.
  220 You will be disconnected after 15 minutes of inactivity.
  ;1
  220 Hello
  ;1
  220-FTP Server ready...
  220 5 second delay to prevent hammering.
  ;1
  220 kopmtasrv.net ESMTP Postfix
  ;1
  220 honk9.domeinhuis.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 12:56:10 +0200
  ;1
  +OK Welcome to MailEnable POP3 Server
  ;1
  220 mail.camping-frankrijk.nl ESMTP MailEnable Service, Version: 7.53--
  ready at 08/03/15 16:16:50
  ;1
  220 woutersserver ESMTP Postfix (Ubuntu)
  ;1
  220 lb1 FTP server (Version 1.9.2.4 - 2005/01/11 13:03:28) ready.
  ;1
  +OK Hello there. 9266.1438589298@localhost.localdomain
  ;1
  +OK Hello there. 6853.1438292119@localhost.localdomain
  ;1
  220 v01.compu.nl ESMTP Postfix
  ;1
  220 ProFTPD 1.3.4a Server ready.
  ;1
  220 vps01.woei.nl ESMTP Exim 4.72 Mon, 03 Aug 2015 15:04:05 +0200
  ;1
  +OK Hello there. 233501.1438551380@localhost.localdomain
  ;1
  +OK Hello there. 98998.1438255645@localhost.localdomain
  ;1
  220 86.109.13.198 FTP server ready
  ;1
  220-Welcome to cc-ftpd.
  220-You are user number 1 of 50 allowed.
  220-Local time is now 17:27. Server port: 21.
  220-This is a private system - No anonymous login
  220-IPv6 connections are also welcome on this server.
  220 You will be disconnected after 15 minutes of inactivity.
  ;1
  +OK Hello there. 1566.1438229201@localhost.localdomain
  ;1
  +OK Hello there. 15534.1438597397@localhost.localdomain
  ;1
  220 ns1.v5v.eu ESMTP
  ;1
  220 ProFTPD 1.3.5 Server (ProFTPD) [83.172.146.101]
  ;1
  220 Serv-U FTP Server v6.4 for WinSock ready...
  ;1
  220 trakinc ESMTP Postfix (Ubuntu)
  ;1
  220 i3d005.lovepuddin.com ESMTP Exim 4.72 Mon, 03 Aug 2015 09:51:56
  +0100
  ;1
  220 server.lrhitsolutions.nl ESMTP Exim 4.76 Mon, 03 Aug 2015 18:56:59
  +0200
  ;1
  220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  220-You are user number 1 of 50 allowed.
  220-Local time is now 19:48. Server port: 21.
  220-This is a private system - No anonymous login
  220-IPv6 connections are also welcome on this server.
  220 You will be disconnected after 15 minutes of inactivity.
  ;1
  220 vps1.socialbrands.nl ESMTP Exim 4.77 Mon, 03 Aug 2015 16:15:03
  +0200
  ;1
  220 server.altus.com ESMTP
  ;1
  220 ghost ESMTP Postfix (Ubuntu)
  ;1
  220 vm3573.vellance.net ESMTP Postfix
  ;1

---

Reply to this email directly or view it on GitHub:
#5 (comment)

Sent from my Android device with K-9 Mail. Please excuse my brevity.

Yes, zgrab results from scans.io

[melanierieback]

Cool! Have you already also started playing with Shodan and Google Dorks?

Cheers! :-)
Melanie

On September 23, 2015 5:45:24 PM GMT+02:00, Koen J notifications@github.com wrote:

Yes, zgrab results from scans.io

---

Reply to this email directly or view it on GitHub:
#5 (comment)

Sent from my Android device with K-9 Mail. Please excuse my brevity.

No, not yet.

[melanierieback]

Okay. Something to do in the upcoming period of time.. :-)

Melanie

On September 23, 2015 6:18:10 PM GMT+02:00, Koen J notifications@github.com wrote:

No, not yet.

---

Reply to this email directly or view it on GitHub:
#5 (comment)

Implemented the Rapid7 structure and now making the final output.