Slashdot Mirror


Microsoft/Unisys Unix-bashing Site Runs FreeBSD

Several people sent in variations on this: "Kind of ironic to see that the the site, dubbed WeHaveTheWayOut from Microsoft and Unisys runs on an Apache Web server powered by FreeBSD. This could have made a great April Fools joke, unfortunately for Microsoft, you can verify it by using Netcraft." This is a follow-up to the original story a few days ago. Other readers noted that there's already a WeHaveTheWayIn site up. Wehavethewayout.com was returning Apache headers yesterday; today it's returning "Server: Microsoft-IIS/5.0", so it appears they've dumped FreeBSD in a hurry, or maybe just changed the headers.

6 of 523 comments (clear)

  1. OS switch by Tom · · Score: 5, Informative

    they didn't just change the HTTP headers. nmap reporst:

    Remote OS guesses: Windows Me or Windows 2000 RC1 through final release, MS Wind
    ows2000 Professional RC1/W2K Advance Server Beta3, Windows Millenium Edition v4.
    90.3000

    it also reports a number of interesting ports as open:

    21/tcp open ftp
    25/tcp open smtp
    80/tcp open http
    110/tcp open pop-3
    443/tcp open https
    1433/tcp open ms-sql-s
    2105/tcp open eklogin
    3306/tcp open mysql
    5900/tcp open vnc

    whoever set this up did it in a real hurry. :)

    --
    Assorted stuff I do sometimes: Lemuria.org
  2. two servers by azosx · · Score: 5, Informative

    They are running two servers at two different IPs. Apparently 130.94.214.143 is running their Windows 2000 IIS server and 198.63.57.204 is still running the Apache server on FreeBSD.

  3. Re:Conspiracy. by RatOmeter · · Score: 5, Informative

    "... they probably just moved the domain..."

    Yup. I said yesterday, their site was hosted by Verio, and their IP address was 198.63.57.204.

    Today some people get the IP address as 130.94.214.143, which belongs to Microsoft. At my location, DNS still resolves it to 198.63.57.204.

    Try this in your browser for fun:

    http://130.94.214.143

    and then

    http://198.63.57.204

    Ain't it neat? Both hosts are up and the name servers haven't all caught up with late yesterday's switchy-changy!

  4. Re:Does Microsoft Care by deacon · · Score: 5, Informative
    Well, the Wall Street Journal cared enough to put a summary on page one, column 2, just below the fold.

    The full article is on page B2.

    A lot more people will see that, and they are your boss, not you.

  5. Re:In other news... by YetAnotherDave · · Score: 5, Informative

    HTTP_USER_AGENT='"Mozilla/4.0 (compatible; MSIE 9.01; Windows NT Sucks)"'

    I've been sending that header for a long time.
    OSS browsers are getting a bit more respect lately, but there are still a lot of sites that only accept browsers with knows USER_AGENTs, so we continue to spoof.

    You should know better than to believe stats based on unproven data.

    :)

    obligatory plug: headers spoofed by JunkBuster

  6. Re:Conspiracy. by 1010011010 · · Score: 5, Informative

    Interesting ports on www.wehavethewayout.com (130.94.214.143):
    21/tcp open ftp
    25/tcp open smtp
    80/tcp open http
    110/tcp open pop-3
    443/tcp open https
    1433/tcp open ms-sql-s
    2105/tcp open eklogin
    3306/tcp open mysql
    5900/tcp open vnc

    Remote OS guesses: MS Windows2000 Professional RC1/W2K Advance Server Beta3, Windows Millenium Edition v4.90.3000

    Interesting ports on www.wehavethewayout.com (198.63.57.204):

    21/tcp open ftp
    25/tcp open smtp
    80/tcp open http
    110/tcp open pop-3
    443/tcp open https
    554/tcp open rtsp
    3306/tcp open mysql

    No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi).
    TCP/IP fingerprint:
    SInfo(V=2.54BETA22%P=i386-redhat-lin ux-gnu%D=4/2%T ime=3CA9D035%O=21%C=20)
    TSeq(Class=RI%gcd=1%SI=CE B2%IPID=I%TS=U)
    TSeq(Class=RI%gcd=1%SI=99E7%IPID= I%TS=U)
    TSeq(Class=RI%gcd=1%SI=85D6%TS=U)
    T1(Res p=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=M)
    T2(Resp=N )
    T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=M)
    T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
    T5(Resp=Y% DF=N%W=0%ACK=S++%Flags=AR%Ops=)
    T6(Resp=Y%DF=N%W= 0%ACK=O%Flags=R%Ops=)
    T7(Resp=Y%DF=N%W=0%ACK=S%Fl ags=AR%Ops=)
    PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL= 148%RID=E%RIPC K=E%UCK=0%ULEN=134%DAT=E)

    --
    Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.