Author: Warren Togami Jr. 2015-08-17 18:54:04
Published on: 2015-08-17T18:54:04+00:00
On August 17, 2015, Jonathan Wilkins shared on the bitcoin-dev mailing list that the server hosting vistomail.com is a mess. He stated that it is a Plesk box with many services with dubious security histories. Wilkins also mentioned that there were many open ports and provided an nmap scan report for vistomail.com (190.97.163.93). The report showed that there were multiple services running on the server, including MailEnable smtpd, MSRPC, RDP, Microsoft IIS httpd 7.5, and more. Wilkins speculated that someone may have popped the box and is entertaining themselves. The scan report also revealed that the server was running on Microsoft Windows operating system and could be a general-purpose device or a phone. The details showed that it could be running on Windows Server 2008 R2, Microsoft Windows 7 Professional or Windows 8, Microsoft Windows Phone 7.5 or 8.0, Microsoft Windows Vista SP0 or SP1, Windows Server 2008 SP1, or Windows 7, Microsoft Windows Vista SP2, Windows 7 SP1, or Windows Server 2008. It is unclear from the information whether the open ports are due to poor security practices or if the server is a honeypot. The purpose of the email was to inform the bitcoin-dev community of the potential insecurity of the vistomail.com server and to prompt further investigation into its security practices.
Updated on: 2023-06-10T20:11:41.765833+00:00