:Site Navigation:
- A Discovery - I got interested - IP Range - Results: 175.45.176 - Results: 175.45.177 - Results: 175.45.178 - Results: 175.45.179 -


A Discovery

So today i discoevered that the DPRK managed to get some servers in their country
This may be old news to some people, but since it is the only true communistic dictatorship
left in the world i thought that it is quite interesting.
The information is from 10.06.2010. Computer world reported that the 1024 internet adresses
reserved for DPRK have been registered to a company with connections to the Pyongyang government

I got interested

So a long story short i decided to take a look, after a few minutes of using the all mighty google
I discovered that their Korean Central News Agency moved their japan based hosting to DPRK.
They can be found at: http://175.45.179.68/

My curiosity rised again, they have a working server? A quick look with Tamper Data plugin for firefox
returned that they are using... wait for it:
175.45.179.68 -> Server=Microsoft-IIS/5.0

Strange ain't it, that they are using MS services. Especially that they are using Windows 2000 based IIS...
Is it legal? Anyways, i decided to fireup ye olde trusty nmap to find out more
You can find the results in the next section. Have fun with the north koreans and their so called
Internet Expert, who knows STRONG webdesign!

IP Range

The DPRK Currently has the following IP ranges: 175.45.176.0 - 175.45.179.255 : 175.45.176/22 : kp : 175.45.176 - 175.45.179 : APNIC
[via APNIC]

The Preview

---
Discovered open port 80/tcp on 175.45.176.14 <-- Looks like someone has a http server running there

Discovered open port 80/tcp on 175.45.176.7 <-- wow another http server oO

Discovered open port 25/tcp on 175.45.176.10 <-- SMTP server? I wonder what happens when i email Kim.Jong-il@175.45.176.10 ?

Discovered open port 443/tcp on 175.45.176.7 <-- Woah and https page, shame that their certificate is invalid
--- Snip Snip ---
* Issuer: root@spwebh2.star.net.kp
* CN = spwebh2.star.net.kp
* OU = SomeOrganizationalUnit
* O = SomeOrganization
* L = SomeCity
* S = SomeState
* C = --
* Valid From: ?October-?06-?10 08:19:01
--- Snip Snip ---
This also refers to a wierd page: spwebh2.star.net.kp, shame that this one isn't online : (
Also if you accept the certificate you will see, that the communists are really true to their life style! They use Red Hat Linux.

Discovered open port 110/tcp on 175.45.176.14 <-- POP3 mail, Mr. Jong-Il, has some true skills with the interweb!

Discovered open port 25/tcp on 175.45.176.11 <-- _ANOTHER_ stmp server? c'mon, just because you have 1024 ip adresses doesen't mean that you need to have a redundant smtp system!

Discovered open port 443/tcp on 175.45.176.14 <-- Another https!? Seriously, Mr. Jong-Il, just because you can doesen't mean that you have to : /
And when you accept the certificate: Could not connect to Session DBMS

Discovered open port 8080/tcp on 175.45.176.14 <-- https, It seems to be down : /

Discovered open port 443/tcp on 175.45.176.6 <-- https, Ditto, i has a sad : (


IP: 175.45.176

--- snip snip ---
Download the whole results as txt
--- snip snip ---

Small example:
Completed Parallel DNS resolution of 255 hosts. at 21:53, 0.49s elapsed
Nmap scan report for 175.45.176.1 [host down]
[...]
Nmap scan report for 175.45.176.13 [host down]
Initiating SYN Stealth Scan at 21:53
Scanning 8 hosts [65535 ports/host]
Discovered open port 443/tcp on 175.45.176.14
Discovered open port 443/tcp on 175.45.176.7
Discovered open port 443/tcp on 175.45.176.6
Discovered open port 110/tcp on 175.45.176.14
Discovered open port 25/tcp on 175.45.176.11
Discovered open port 25/tcp on 175.45.176.10
Discovered open port 80/tcp on 175.45.176.14
Discovered open port 80/tcp on 175.45.176.7
Discovered open port 80/tcp on 175.45.176.6
Discovered open port 8080/tcp on 175.45.176.14
Nmap done: 255 IP addresses (11 hosts up) scanned in 3167.77 seconds


IP: 175.45.177

--- snip snip ---
Download the whole results as txt
--- snip snip ---

Small example:
Discovered open port 23/tcp on 175.45.177.198
Nmap scan report for 175.45.177.198
Host is up (0.39s latency).
Not shown: 65526 closed ports
PORT STATE SERVICE VERSION
23/tcp open telnet Cisco router
Nmap done: 255 IP addresses (6 hosts up) scanned in 2309.51 seconds


IP: 175.45.178

--- snip snip ---
Download the whole results as txt
--- snip snip ---

Small example:
Nmap scan report for 175.45.178.1 [host down]
[...]
Nmap scan report for 175.45.178.255 [host down]
Nmap done: 255 IP addresses (0 hosts up) scanned in 14.41 seconds
Raw packets sent: 288 (8.556KB) | Rcvd: 455 (24.350KB)

This one was pretty ineventful... it seems that none of the IP's are assigned : (
Now i has a sad


IP: 175.45.179

--- snip snip ---
Download the whole results as txt
--- snip snip ---

Small example:
Discovered open port 25/tcp on 175.45.179.67
Discovered open port 110/tcp on 175.45.179.67
Discovered open port 80/tcp on 175.45.179.68
Nmap done: 255 IP addresses (2 hosts up) scanned in 658.45 seconds





I know that i am the last person who should comment about web design and setting up a webserver, but c'mon it's the north koreans, i'm sorry if i pissed some of you guys off, you can flame me @ here

Official Mirrors: http://web.zone.ee/wasabe/ - http://hot.ee/zmm/

Page Last Modified: We, 25/11/2010 04:24 GMT+1