[Beowulf] A careful exploit?

Sun Jun 9 14:26:04 PDT 2019

Hello Beowulf,
An update to my question, not a resolution. Something serious happened here
a couple weeks ago. See below.

Dragonfly BSD runs a much prettier nmap. 0.5 is gone, or so it seems.
Dragonfly is my VM, which has IP 192.168.0.6, thus something is or was at
192.168.0.5.
Here is Dragonfly BSD's nmap -v -sn 192.168.0.0.24

Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-09 14:14 PDT
Initiating ARP Ping Scan at 14:14
Scanning 255 hosts [1 port/host]
Completed ARP Ping Scan at 14:14, 2.03s elapsed (255 total hosts)
Initiating Parallel DNS resolution of 255 hosts. at 14:14
Completed Parallel DNS resolution of 255 hosts. at 14:14, 0.04s elapsed
Nmap scan report for 192.168.0.0 [host down]
Nmap scan report for 192.168.0.1
Host is up (0.0051s latency).
MAC Address: ******************** (Unknown)
Nmap scan report for 192.168.0.2
Host is up (0.00051s latency).
MAC Address: ********************* (Netgear)
Nmap scan report for 192.168.0.3
Host is up (0.021s latency).
MAC Address: ********************** (Shenzhen Four Seas Global Link Network
Technology)
Nmap scan report for 192.168.0.4
Host is up (0.00011s latency).
MAC Address: *********************** (Dell)
Nmap scan report for 192.168.0.5 [host down]

On Sun, Jun 9, 2019 at 1:41 PM Jonathan Engwall <
engwalljonathanthereal at gmail.com> wrote:

> Hello Beowulf,
> Recently we had serious trouble with the internet. A technician had to
> climb the pole. Another technician, an IT specialist in Mexico City, could
> not resolve the issue, sent the man here.
> Now trouble is back. What does this mean? Where are the missing IPs? From
> the pole to the modem, to my repeater, to my machine, and then my VM gives
> this using nmap:
>
> Starting Nmap 6.40 ( http://nmap.org ) at 2019-06-09 13:30 PDT
> Initiating Ping Scan at 13:30
> Scanning 256 hosts [2 ports/host]
> Completed Ping Scan at 13:31, 6.64s elapsed (256 total hosts)
> Initiating Parallel DNS resolution of 256 hosts. at 13:31
> Completed Parallel DNS resolution of 256 hosts. at 13:31, 0.04s elapsed
> Nmap scan report for 192.168.0.0 [host down]
> Nmap scan report for 192.168.0.1
> Host is up (0.0080s latency).
> Nmap scan report for 192.168.0.2
> Host is up (0.00068s latency).
> Nmap scan report for 192.168.0.3 [host down]
> Nmap scan report for 192.168.0.4 [host down]
> Nmap scan report for 192.168.0.5
> Host is up (0.063s latency).
> Nmap scan report for 192.168.0.6
> Host is up (0.00068s latency).
> Nmap scan report for 192.168.0.7 [host down]
> Nmap scan report for 192.168.0.8 [host down]
> Nmap scan report for 192.168.0.9 [host down]
> Nmap scan report for 192.168.0.10 [host down]
> Nmap scan report for 192.168.0.11 [host down]
>
> Is this a new exploit?
> Thank you,
> Jonathan Engwall
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://beowulf.org/pipermail/beowulf/attachments/20190609/5d95870b/attachment.html>