Telnet into Dreamcast?

Jeos wrote to us with a fun Saturday afternoon project: "OK so today I was bored, and I did what anyone with a Dreamcast and a portscanner would do, I did a port scan on my Dreamcast. The results are interesting"-click below to read more.Update: 09/12 08:02 by H : Yes, this is a hoax - or sources from inside Sega say it is.

Starting nmap V. 2.12 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
Host (129.***.**.***) appears to be up ... good.
Initiating TCP connect() scan against (129.***.**.***)

Port State Protocol Service
23 open tcp telnet
80 filtered tcp http
113 open tcp auth
179 open tcp bgp
12345 filtered tcp NetBus
12346 filtered tcp NetBus
TCP Sequence Prediction: Class=random positive increments
Difficulty=561888 (Good luck!)
Sequence numbers: 2B26AFA0 2B49A760 2B5316DA 2B647480 2B7655AB 2B852F62
No OS matches for host (see for more info)
Nmap run completed -- 1 IP address (1 host up) scanned in 33 seconds

The OS fingerprinting didn't guess the OS, big surprise, but the interesting thing is all the ports that are open. The ones that interested me the most were 23 and 80, the normal telnet and web server ports. I tried to connect to my Dreamcast with a web browser, no luck there. Then I tired to telnet into it, jackpot! I was able to telnet in, and prompted to give a username/password. Of course I had no idea what the username or password would be, I wonder if it's some sort of backdoor for Sega?
Now i have to see if I can do anything interesting with the other ports.

Re:GD-ROMs are easy to copy...

[poohbear_honeypot]

*Rubs hands together* And this just happens to be the one I ordered at work! Muhahahahahahahahahahahhahahahahahahahha!

---
Joseph Foley
InCert Software Corp.

Re:Convergence

[Kris_J]

The res. of a TV is not so low that a web browser on it is "useless". I use a decidedly average Sanyo 52cm as the monitor for the stranger of my two PCs, and it's passable, though to be able to use it at a distance you really have to increase the font size one notch.

I've used it in both 640x480 underscan and 800x600 overscan. (both PAL) You lose a few lines, but it copes.

I'm sure with HDTV, or even a "normal" Sony Trinitron, it would be perfectly workable. Then the issue is the web browser program itself.

CJ.

Re:It really sounds like he portscanned a router

Agreed. The two high ports were probably outgoing NAT'ed connections. Although, nmap should've figured out the OS.

Re:DCC into DC-IRC client through port 113 ?

There is a Zip drive connector in the works for DC.

Re:ethernet connection

[dufke]

Yes, this is highly likely, as there are still countries that have non-standard dialtones.

I remember having one BigAss(tm) fight with the compuserve dialup software in Hungary some years ago, until i realized that the damn modem didn't consider the Hungarian dialtone to be a dialtone!

dufke


________________________________________________ ___________

Re:dc + vga monitor

while I don't have a DC, my neighbor does...
he also got one of those converters,
and (unlike some vga converters I have seen in the past), this one had EXCELLENT video quality...on a nice 21" monitor, probably at 1024x768, or something...it looked like it was running off the computer. 'Course, that was one of the games, not the browser...It might look really bad.

more FUD(?)

username: NSA

password: if i told you, i would have to kill ya. ;-)

Re:more FUD(?)

[PovRayMan]

With this new moderation system in place, you should have gotten (Score:0 Funny)


---------
PovRayMan

Re:Need GD-ROM specifications please!

[Money__]

I would concure that they are prolly not using a differnt light (laser) source. Getting more bits onto a CD style platter involves layers, and varying the focal point of the reader head. The very top layer of the disk would have data on it, but is semi opaque. The layer under that has data on it, and it accessed by focusing the reader head laser to a deeper depth, thus attaining double the density of a traditional disk. Then there are 2 sided disks requiring a dual focus/dual reader head drive to read them. Bottom line: the CD style storage disk (CDrom/DVD/DreamCast) could hold a LOT MORE data than the dreamcast or the current DVD format is exploiting today. (Byte had an interesting article on this topic when DVDs first came out.

Re:GD-ROMs are easy to copy...

I'd like to see some of the documentation that says a Yamaha CDR can burn a GDR on a standard CDR disc. Have any of you actually seen a GDR? The GD-ROM is actually written in two sessions. There is a single density session near the center of the disc that can be read by any CD-ROM drive. The majority of the disc however is a high density session that is on the outer part of the disc. This is achieved by using a proprietary compression format. The high density section is also read from the outer edge of the disc inward, instead of from the inner edge outward. Also, GD-ROMs currently CAN NOT be burned on regular CDR machines. Burning a GDR currently requires a special Sega produced machine. A standard game disc takes approximately 1.5 hours to burn.

Knock people off the game service??? i dont think

This is rather pointless, the server itself could easily diconnect the client, rather than make the client disconnect itself. Does the IRC server politely tell the irc client to please disconnect itself when someone issuses a KICK or BAN command on a user? hell no, it just freaking boot em out, doesnt care what the client does, cause after that point, it doesnt matter.

Re:A Little more info

[TeddyR]

quick test:

visit http://www.mav.net/teddyr/access/info.shtml

dial in via ppp with a normal pc/mac/etc/machine, find out what the ip address that is assigned to your machine is (the domain name); then check the page above if its within the same "range"... (ie; if it says proxy or cache in the machine name... then it is transparantly proxied; same if the machine ip shown is not the same as winipcfg or pppd tells you that you have....

https://www.mav.net/teddyr/syousif/

Re:Convergence

[sammy+baby]

But what's so special about that - I can hook up my computer's G400 to a TV display, too. The really cool thing is the power of the Dreamcast is hidden from the user.

Actually, that's only part of the cool thing. The other is that a Dreamcast costs between 10% and 20% of a good "gaming" PC, and somewhat less than a more basic model. If Sega is on the ball, this could be a huge selling point with parents: "Buy the Dreamcast. It's cheaper than a PC, your kid can browse the web with it, and it's at least a US$1000 less than a computer that'll play the same games." Sounds like a winning pitch to me.

Attn:Dreamcast owners can you DCC in IRC ?

[Money__]

I was considering picking up one of these kewl little boxes, but I really wouldn't have much use for one. If a user can DCC information back and forth over the DCIRC client, then a person could download MP3s onto a zip drive while playing "kill em all!"(c)anygame inc. That might make buying one a little more tempting.

Re:Need GD-ROM specifications please!

[Zurk]

GDROMs are regular CDROMs with less error checking IMHO. You can burn GDROMs from Yamaha(?) Cd writers.

don't lose sleep over it

[supz]

Of course I had no idea what the username or password would be, I wonder if it's some sort of backdoor for Sega?

I don't know about you guys, but I wouldn't store any personal documents on my game system (I don't even think I could), so Sega can have all the backdoors they want on my dreamcast (not that I even own one, yet).

It is interesting however. Maybe they could use it to check for illegally bootlegged games (If the games come on CD, I'm pretty uneducated on the subject).

Re:don't lose sleep over it

[TeddyR]

The problem for a paranoid person would be the following:

It can be easy for a developer (either intentionally or via a rogue cracker/disgrunteled employee) to install a sniffer or other trojan running on a game console {that is if they do get an ethernet port.. which I hope that it does}... The amount of data that can be gatherd would be phenominal..

A paranoid person would consider ANY dreamcast cd that is given away free to be suspect...

[extremely paranoid mode /on: Hmm.. I wonder if the cds that were recalled had any....problem....with them /off] :-)

https://www.mav.net/teddyr/syousif/

Re:don't lose sleep over it

[Tim+Browse]

I don't know about you guys, but I wouldn't store any personal documents on my game system (I don't even think I could), so Sega can have all the backdoors they want on my dreamcast (not that I even own one, yet).

You know you can get a Dreamcast keyboard, right? And that it's intended for things like email?

You work it out.

Tim

The real story

[Ephro]

Ok so from previous posts we know that they are filtering the 12345 etc ports. Thus stopping BO and other such harrasment. We also know he is connecting through his school. Now what ports are 'open,' well it's the 80 and 23. To follow up we all know what 80 and 23 are used for. The simple answer is that his school is blocking these ports so you can't run servers. In fact I'm suprised that 21 isn't showing the same thing. We see that nobody else is getting this, and with his web broswer open he was useing the other ports for the browsing, notice they are not filtered. Come on people we are smarter then this.

Re:The real story

[Money__]

I would agree that this apears to be a very good scan of his ISP :)

Re:Need GD-ROM specifications please!

[Ryan+Amos]

Last I knew blue lasers hadn't been perfected to work for more than about 30 seconds, so I really, really doubt that it's a blue laser. I can stick a GD-ROM in my normal CD ROM drive and it will read the disc as well, so it's seeing something on the normal CD wavelength. It could be using some sort of overlay, which could concievably up the capacity to 1 GB.

Re:modem

[Mandrias]

Well the modem is included with the system...seeing that I have on right next to me and it came with the modem.

(It rules by the way. I have sonic and soul calibur and I'm having a blast.)

Re:Need GD-ROM specifications please!

[doomy]

Try 80 min media : 700MB storage. Most new PC games are stored on this format.. thus limiting the number of ppl getting a sucessful backup. :)
--

Re:Whoa

Are you crazy???? Hydro Thunder is an arcade perfect port and the grafx are incredible! I can't believe some people's bias towards something can warp their perception of other products so much..

umm - no

Routers have static ips, which makes them completely different targets from the destination ip being scanned. The router cannot give a response for the host machine on the other end; that is not its function.

Interesting idea, though - make a firewall that responds to scans with canned port info meant to mislead (or trap) script kiddies ;)

This, ladies and Gentlemen

Is what seperates a Hacker from Users. Natural curiosity.

Re:This, ladies and Gentlemen

[Jedi]

i think it is in the interest of all to see what some manufacturer is doing with our money.... i wouldnt like hidden surprises.....

Re:or put linux on it!!!

[linuxonceleron]

I would doubt it most ti calcs are powered by a z80 which i think is not 32-bit clean :) OTOH, the 89 is a much better calc than the 83-87s, its actually a 92 without the kewlness. Anyways maybye i'll convince my parents to buy me an 89

Nice Linux Box...

Forget Soul Calibur... install Slackware on it

Re:Need GD-ROM specifications please!

[Money__]

I would concure that the DC drive prolly isn't using any special light/laser source. One of the things that makes todays CDrom/DVDdrives so afordable is the cheap/safe laser. Getting more data on a optical platter involves layers, and focusing. The disk would have 2 layers (the top layer would be semi opaque/seethrough. and the bottom layer would not) When the reader head focuses the laser on the top of the disk, that layer of data would be read. When the laser focuses further down into the disk, *that* lower layer of data would be read. This gives you double the data density without a lot of cost. Then there is a double sided/dual focal point drives that can read twice as much again. The bottom line? You will be seeing cheap plastic optical platters storing 4.7Gbytes(todays DVD) / 10Gbytes / 20Gbytes without having to alter the laser source or sector structure. (I think Byte magazine had an article on this when DVD first came out) comments welcome.

Decreasing cost

Unfortunately if cost is the only difference. This will soon disappear with the decreasing cost of PCs and the trickling down effect of good hardware.

Dreamcast Hacking Contest?

[Hacksworth]

So if I'm the first person to crack into the dreamcast and change its files, do I get to keep it? (a la LinuxPPC :)

Re:Dreamcast Hacking Contest?

No. Protocol dictates that one must spank the owner with a diseased hairbrush before such an occurrance can happen. See the LAQE Guidelines, section 316, sub-section 1.22, part (v).

Re:Dreamcast Hacking Contest?

i dont understand!! l a q e ???

Re:Dreamcast Hacking Contest?

[PWideChar]

It is interesting that you can communicate between your videogame console and your computer, but it's also less secure.

I mean, having a Dreamcast system that listens tcp connections allow in some way, a people to join your system, and soon will probably be updates to Dreamcast's security holes.

It is not bad, but requires responsibility from the manufacturers.

Re:Dreamcast Hacking Contest?

[PWideChar]

It is interesting that you can communicate between your videogame console and your computer, but it's also less secure. I mean, having a Dreamcast system that listens tcp connections allow in some way, a people to join your system, and soon will probably be updates to Dreamcast's security holes. It is not bad, but requires responsibility from the manufacturers.

Re:Dreamcast Hacking Contest?

[Mark__]

I fail to see the point ... so what if some one can hack into your dreamcast ??? It's not as if they'd be able to do anything interesting once there anyways surely ???

Re:Dreamcast Hacking Contest?

Perhaps they could erase your saved games off your memory card. Or they could replace the built-in game in some memory cards with a program that taunts you for having lame security on your DC. Of course, any security is in the version of the OS that they put on the CD-ROMs....

Re:Dreamcast Hacking Contest?

[sux0rz]

I dont think the issue right now is security with the dreamcast. The only reason anybody would hack one at this point in time is because, no one outside of sega knows the login, or password. And every hacker wants to be the one to be able to say, "They did it." Thats what we all thrive on....

Re:A Little more info

[mindstrm]

So... what probably happened is that the website you accessed to tell you your IP gave you the IP of whatever proxy server (remember, it could be transparent, esp. at a university) you were using.
The remote site only tells you the IP of the packets it gets from you.. which probably come from a proxy.

As a Dreamcast developer I can tell you...

That Windows CE might be used for porting web apps or things like that, but you'd be a complete fool to write a game on it. The native Dreamcast OS works great for games, as a matter of fact it the the main purpose of the OS. Whereas Windows CE is just stripped down Win32. As for the telnet port being open I'll look into it and see what I can find out.

Re:As a Dreamcast developer I can tell you...

dude. it's not funny.

Whoa

[Straker+Skunk]

This is too weird... I just have two questions:

1. (dumb one) How was this thing getting its TCP/IP? Ethernet port, serial PPP, what?

2. Doesn't the Dreamcast run WinCE?

Re:Whoa

[j_d]

re you crazy???? Hydro Thunder is an arcade perfect port and the grafx are incredible! I can't believe some people's bias towards something can warp their perception of other products so much.

The only thing my perception's been warped by is the video on the demo disk. I think the graphics look muddy and washed out, and most of the boats are really small. Of course, the arcade version could feature muddy, washed out graphics, I dunno.

Re:Whoa

[ZeroLogic]

Yes, the dreamcast does run a _version_ of windows ce, and from what I understand the dreamcast comes with a modem...

Re:Whoa

[m3000]

It is FUD because when /. hears the word "Microsoft" they automatically assume, "Oh, I guess it has to always run MS CE as it's OS, and it has to run Internet Explorer as it's browser, and if it crashes, that must mean it's Microsofts fault". You don't do any checks to see how true that is or anything.

Re:Whoa

[$nyper]

What we know:

1> Runs Windows CE
2> Leaves open Port 21
3> Has an obvious Shared directory

Questions:

1> Is Share to gain OS access or is it an encryted password given to each box to allow them to talk?

2> Is the OS accessable at all or is the default set so that universal access to the OS is read only to prevent us from screwing it up?

3> Why would Sega need a back door into your dreamcast system in the first place.

Re:Whoa

Actually, the Dreamcast is _capable_ of running a version of CE, but unless the CD you are booting off of has the CE OS, you aren't actually running CE. From what I understand, only 1 CD actually uses WinCE, some kind of Asteroids knock off that blows. But it is fast in CE, apparently.

Re:Whoa

[Slayback]

Yes the graphics on that video do suck, but all the video quality on that demo disk suck. It's not the game, the game itself is virtually identical.

Marc

Re:Whoa

[tm2]

No, the Dreamcast browser does not run on Windows CE. If you boot Sega Rally which uses Windows CE, you will see a "Windows CE" logo at the bottom right corner of the Sega logo screen. iirc the Windows CE logo is quired on all Dreamcast Windows CE titles. Besides which, I happen to know for a fact that the browser doesn't run on Windows CE anyway because I was peripherally involved in that project. Toshi

Re:Whoa

This might be stupid but...Does anyone know if windows ce has those ports open already? Maybe it's not just Dreamcast.

Re:Whoa

[m3000]

Doesn't the Dreamcast run WinCE?

How many times do we have to explain it! This has been rehashed countless times over Slashdot, and al it really amounts to is FUD. Anyway, to explain it read this.

Re:Whoa

How is it FUD? He just asked a simple question.

Re:Whoa

Are you nuts? I could care less who gets the money. If the thing works great, Bill deserves the cabbage.

Re:Whoa

[Foogle]

CE running a Telnet server? That doesn't make a whole world of sense - but I suppose anything is possible.

Re:Whoa

[ToiletDuk]

The technical term for a modem of this type is a "Host Signal Processing" or HSP modem. This means that instead of a chipset on the modem itself doing all of the calculations for compression, error checking, etc, those tasks are handled by the processor of the computer the modem is plugged into.

However, this type of modem setup requires software (in the form of a driver) to handle all the tasks the computer's supposed to perform for the modem, and most modem companies who make HSP modems are too lazy to write drivers for anything but windows. That's the only reason why they're referred to as WinModems.

Re:Whoa

[pen]

Actually, I use a program called Dunce to automatically dial up when my box starts up and load my IRC client and ICQ.

I think Dunce stands for "Dial-Up Networking Connection Enhancer", or something that tastes like that.

More info at http://www.vecdev.com/dunce.html

And before you flame me for using Windoze, please remember, this is Slashdot: News for Nerds, not News for Linux Users. Windoze suits me fine until I get a box with standard hardware.

---

Re:Whoa

[toriver]

comes with a modem

So, what program do they use to configure modem connections? DUNCE? :-)

Re:Whoa

Well if it runs microsoft software it will crash, and it will be all microsofts fault.

Re:Whoa

[.pentai.]

The dreamcast itself does not run CE. CE was ported to the dreamcast so that developers which choose to use it (none do that I know of, but I may be wrong) can.

Since he was booting with the the web browser disc (I'd assume) it most likely is running CE however...

Re:Whoa

I am getting sick of posting this every time someone mentions the DC. No the DC doesn't run windows CE all the time. Windows is not in the ROM and when you buy a DC you DO NOT pay an MS tax. Windows is on SOME (very few at the moment) game CDs. The DC DOES come with a modem (except in Asia.) The modem is removable and can eventualy (when it comes out) be replaced with cable modem or maybe ethernet. The modem is a winmodem of sorts. But since it does not normally run windows I guess we must call it something else :)

Re:Whoa

You're talking about the video on the demo disk??? No wonder? The actual game looks much better than the shitty video...

Re:Whoa

Okay, I have a Dreamcast and some info about it, so:

1. You dial into your existing (Dial-Up -- *shudder*) ISP, and log in just as you normally would.

2. The Dreamcast runs a proprietary OS that is Windows CE compatable. On certain game discs, there is a boot ROM with WindowsCE pre-loaded as the operating system.

Some additional information that might be of interest: The CD-ROM format for Dreamcast is proprietary, and it holds 1 gig plus FAT and Boot ROM, so copying would be... interesting... to say the least.

Re:Whoa

[linuxonceleron]

Sega Rally 2 does, i think , and that's because it can do modem games.

Re:Whoa

Before everyone goes on an MS bashing rampage, let me just say that the US games do NOT yet use Win CE. The browser disc comes from a company called Planet Web, www.planetweb.com.

Re:Whoa

It's not Sega that want's the back door, it's the NSA!!!!!!! (Just kidding everyone, just kidding! Conspiracy theorists may sit down again.)

Re:Whoa

[j_d]

This is too weird... I just have two questions:

1. (dumb one) How was this thing getting its TCP/IP? Ethernet port, serial PPP, what?

2. Doesn't the Dreamcast run WinCE?

Question 1 : The dreamcast comes with a web browser, and a 56kbs modem. It lets you set up a connection to whatever service you like, or you can use worldnet, which is Sega's "preferred provider". I'd assume that when you've got the browser up and running, you've also got these ports open so Sega can nefariously check your system out. Muah ha ha!

Question 2 : The Dreamcast CAN run Wince. It doesn't have to. Games load everything from the GD, so a developer could roll his own, go with sega's or go with Wince.
So far, the only wince game I've seen (Hydrothunder) looks Really Bad.

and there you are

Re:Whoa

[scrytch]

> 2. Doesn't the Dreamcast run WinCE?

For what probably won't be the last freakin time, NO, the Dreamcast does not run WinCE. It CAN run WinCE.

Just some thoughts..

[MrPlab]

This little article really started to make me think about the possiblility of companies and their control over almost anything that they want to sell. I've seen the many articles on SlashDot about this topic, but this never really hit home until I saw some concrete evidence (at least in my opinion). Very interesting..

It's a shame that the docs of the hardware don't cover this or at least give some insight into why those particular ports are open, etc.. I think users that actually spend hard earned money (or not so hard earned) to buy the product deserve to know.

Matthew
_____________________________________

Re:Just some thoughts..

Portscanning the DC, is about the same as trying to hack a Furby

Hahhaha, that's a good way to put it. Maybe then you could get it to crash and shut up.

Re:Just some thoughts..

[bmetzler]

It's a shame that the docs of the hardware don't cover this or at least give some insight into why those particular ports are open, etc.. I think users that actually spend hard earned money (or not so hard earned) to buy the product deserve to know.

What I don't understand is why does Sega taught that people wouldn't find out! Portscanning is really easy and can be done by a lot of people.

The total market that Sega is marketing this to is not inclusive of techies/hackers. It just happens to include this segment. Portscanning the DC, is about the same as trying to hack a Furby. Most Furby owners don't try to hack it. And most DreamCast users would just be confused by a section in the manual describing something called "ports" that has absolutely *nothing* to do with the ability to use the Dreamcast

Then again, I'd like to think if you'd inquire directly to Sega, they'd answer a few of your questions. But they may have reason not too....

-Brent
--

Re:Just some thoughts..

[gfilion]

It's a shame that the docs of the hardware don't cover this or at least give some insight into why those particular ports are open, etc.. I think users that actually spend hard earned money (or not so hard earned) to buy the product deserve to know.

What I don't understand is why does Sega taught that people wouldn't find out! Portscanning is really easy and can be done by a lot of people.

Re:or put linux on it!!!

But you can't use a 92 on the SAT (QWERTY keyboard) so wouldn't that be neat, have Linux on a calculator to help you on the SAT. Just in case you were wondering, the last time I took it, they never said anything about clearing your memory. If it was a screw up or if that's the way it always is, I don't know.

What kind of crack are you ingesting?

[tm2]

Here's the nmap -v against my Dreamcast on the net via ppp at the ISP Best.com: [root@pocket tm]# nmap -v 205.x.x.x Starting nmap V. 2.3BETA5 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/) No tcp,udp, or ICMP scantype specified, assuming vanilla tcp connect() scan. Use -sP if you really don't want to portscan (and just want to see what hosts are up). Host (205.x.x.x) appears to be up ... good. Initiating TCP connect() scan against (205.x.x.x) Adding TCP port 113 (state Open). The TCP connect scan took 40 seconds to scan 1487 ports. Interesting ports on (205.x.x.x): Port State Protocol Service 113 open tcp auth Nmap run completed -- 1 IP address (1 host up) scanned in 40 seconds. Note: the browser was on irc at the time, which is how I figured out the IP address, and probably why port 113 was open (for username authentication) Why the heck would a Dreamcast let you telnet in anyway? It's not like you can store files on a Dreamcast, or run apps remotely... Toshi

Re:What kind of crack are you ingesting?

113 is ident. IRC uses ident. poop.

Re: What kind of crack are you ingesting?

[Ian+Schmidt]

When in the web browser I don't even see the auth port open, so I think that IS an IRC specific thing (and it makes sense - no EFNet server lets you on without an auth response these days).

Re:What kind of crack are you ingesting?

[SlapAyoda]

This is horribly off-topic, but it's something I've been DYING to know. Where the hell can I use irc with the DC browser? I tried one site but it only worked in Netscape. Please help me out.

Re:What kind of crack are you ingesting?

Damn people do the smart thing and have the dreamcast connect to your computer (a linux box) and then scan to see what ports are open. Everyone is submiting tons of shit about it and it hasn't even been confirmed that the ports are open. Hell send me a dreamcast and I'll do it.

just ask sega

[neonmatrix]

just call up sega and say you want the username and password. maybe they'll give it to you...
hopefully its not a defualt username and pwd for every machine...
=P

Re:just ask sega

[xlr82xs]

hell you could do it over the net on a modem connection if you could find one...

anyone else remember pop3.c ?


--
I'm tired of your big time, Hard Line, BAD LUCK, FIST FUCK --NIN
--

Re:just ask sega

[mastagee]

well what else would it be? unless its based on a serial number of some kind.

but what the hell would you do once you were in the system?

if it is actually used as a backdoor, the commands may not be obvious either. the purpose of it as a backdoor would most likely be to disconnnect the user from the game services. somebody should start working on cracking it just for the hell of it, because i doubt sega will give out info about a backdoor.

Re:just ask sega

[Foogle]

That sounds like a pretty good guess to me, but now I'm scared. Imagine if someone *did* crack the Username/Password (with, say, some inside info). They might be able to start knocking people off the game network like crazy. What could Sega do? Recall the Dreamcasts??

Re:just ask sega

[znu]

Would they have to recall them? I know that if I were putting out a console system with a modem in it I'd use a flashable ROM. Why not? You can just have it download updates when users connect to the gaming service.

--

Re:just ask sega

[ailuaic]

But couldn't someone then hack into a Dreamcast and flash the ROM themselvs? Instead of asking Sega, wouldn't it be possible to do some brute force cracking over a LAN?

It really sounds like he portscanned a router

[pp]

If the DC was behind NAT/MASQ the IP would show
up to be the router that does the NAT:ing.

The open ports are consistant with this (telnet, BGP4, http), all are services that are running
on pretty much every cisco router.

Re:It really sounds like he portscanned a router

[c0mawhite]

Yeah, does sound like a portscanned router. Most of the cisco range prompt for a username and password. No banner.

However, it would have been useful to know what the DC was doing at the time. Like, were they using the WinCE disc at the time?

Dreamcast GD-ROM

Apparently Sega developed the GD-ROM format so that it could be pressed in regular CD plants. The Dreamcast will read standard CDs(music and some types of data) and GDs. To run burnt GD discs you have to have a system boot disc from Sega, like we do, being developers and all. It will NOT run Dreamcast programs burnt on standard CDs. So unless someone makes a mod chip, it's a waste of time to try and copy a GD-ROM.

P.S. - Some people mentioned Yamaha burners will burn GD-ROMs. This is sorta true, it's a specific model made for it. Your off the shelf Yamaha won't and I don't think most people want to pop for the $5000 it cost us to get ours.

Great. More firewall rules.

[Just+Some+Guy]

I'll be dialing up to a Linux box sitting about 2 feet away from it, and connecting it to the 'net through a gateway to my ISP.

This means that I'll have a machine sitting behind my firewall giving God-knows-what responses to God-knows-what requests.

Great.

It never occurred to me that my video games would be a security risk...

finding user/pw

[DAVEO]

surely these will surface soon after realease, but what can happen once you get in? if it runs wince, maybe you could change the software (do video systems such as these even use disk drives, daveo is not familiar with them?) and write your own video-game api! now that would be one certain sweet project!

Oh boy..

[Thomas+Charron]

Now, give it a few months, and see the script kiddies crashing Sega consoles.. ;-P

Uh, oh. I wonder...

[smoondog]

Ok, so if Dreamcast accepts telnets, wonder why? Some undocumented connection for later use? Anyway, I can just feel a hundred /.'ers right now trying to get in. I wonder how long it will take?


-- Moondog

Re:Uh, oh. I wonder...

[Mach5]

mabye its for remote updating of a flashable BIOS

wouldnt that suck, CIH for dreamcast
turn that mofo into a paperweight :/

imagine the possibilities...

Re:Uh, oh. I wonder...

[Foogle]

remote update of flashbios over Telnet? Not likely - Telnet's not exactly ideal for sending binary data over a network. If that were the case, they would've been better off designing their own network protocol. As it is, if they needed a backdoor, I can't see why they didn't do it in a more obscure way. This is just begging for trouble.

Re:How DVDs really work.

[Money__]

I found the Byte Magazine article mentioned in my previus post. I think this article will answer your questions regarding today optical storage.

Re:Hack a FURBY /w GameBoyColor

matter fact you can. you can hack your Furby with a Game Boy Color. since the GBC has an infared port, you can intercept the signals sent out by the Furby and probably send some back. ive seen remote controls for televisions coded for the GBC. you can get some stuff to write the gameboy programs from Bung. i dont know why you would want to do this, however.

Re:AOL on Dreamcast

[scrain]

Nope... 4.0 and up.

What you're thinking of is internet access that comes via a tunneled IP protocol atop AOL's proprietary internal communication protocol.

PPP dialup is in beta testing for the newer clients (and what better test platform than all them Dreamcast users -(

Slashdotting

[BELG]

We should follow the proud tradition created by the users of SlashDot and done since the begining of time and slashdot someones Dreamcast just for the hell of it.

If we dont, someone might think we dont exist anymore, and therefore that Linux is dead, that since WinCE runs on the Dreamcast and we failed to slashdot the Dreamcast that Sega is actually MS and that Bill Gates is actually Sonic and that Im waaaay off topic. What a world.

Time to go to bed.

I can partially confirm this..

Ok...lets step back and take a look at what we have here, 80, and the netbus ports were listed as filtered..IGNORE THEM. Telnet, however, was not, it was listed as open, along with port 113..auth. Now If you've ever seen a person on irc using a dreamcast, you'll notice that their userhost lacks a ~ in front if they are on undernet. This means that the server got a response when it did an identd response and therefore, DREAMCAST MUST BE RUNNING PORT 113. This at least partially confirms his portscan.

Re:I can partially confirm this..

[Fazed]

actually a ~ infront of the ident means it FAILED to get a response back from 113. When the IRC Server gets a response from the identd it allows the user to be set exactly as configured. Therefore either 113 is blocked or not open

Re:I can partially confirm this..

[linuxci]

He said that the tilde (~) wasn't there when the user was on IRC with a dreamcast, therefore ident port 113 must have been open.
--

Proxy?

[superlame]

While is entirely possible that the Dreamcast has it's own TCP/IP stack, I suspect that what you port scanned was really a proxy server of some sort that the dreamcast uses for it's internet access.

Bored???

[bray]

Waitaminute.... the damn thing just came out. And your all ready bored with it????

------------------------------------------
Byron Ray

Re:CNN Article on Dreamcast

Just return your disk to get a new one. No big deal really. Sega is new at stamping GD-ROMS. The Screw ups are annoying -- but maybe to be expected at first. Give them a few weeks and all defective games will be off the shelfs. At least Sega is being nice about it. The admitted the problem and are doing all they can to make it right.

TV display quality

[Ian+Schmidt]

Not bad actually - it uses some pretty legible fonts, and of course they're at a pretty large size. So you have to scroll a lot, but it's quite good in general. Better quality than the video out on my old Voodoo Rush board for sure.

Re:clueless jerkey

[MindStalker]

Accually I think the sega rep does, he just wasn't expecting such a question and probably didn't realize there was a telnet port open on the dreamcast.
a: no. i tried scanning for open ports on my dreamcast, i saw telnet was open, and i tried using telnet to access it. i did this from my dsl-connected computer. i got the login and password prompt in the telnet window. the dreamcast works fine, even when i'm using telnet.
r: whoa, man. i dunno.
a: alright..
r: i couldn't give you any dns or anything
a: yeah?
r: that'd be ILLEGAL!
It seemed that he was starting to catch on towards the end there.

Re:NetBSD

Go research where OpenBSD came from - You'll find that it's an improved NetBSD.

Re:Dreamcast and mp3?

The rumor mill has it that the VMUs (memory pack/ portable game machine) may eventually be able to store and play mp3s. The DC is more than powerful enough to play mp3s (the sound cpu is 32 bit and by itself is more powerful than an entire next gen (32 bit) console!) The question is if anyone has made an mp3 player for it yet? Perhaps someday.

CNN Article on Dreamcast

[Cycon]

CNN is carrying an article regarding the release of Dreamcast, apparently quite a few games made it out that were defective. For more info:

http://www.cnn.com/TECH/computing/9909/10/dc.pro blems/index.html

PS: I know this isn't directly related to port-scanning the box, please don't moderate me down!

Re:CNN Article on Dreamcast

[m3000]

Yes, this has been all over the DC boards and web sites. Probally half the threads are about the defects. Very big problem for some people. I don't have one, yet, but needless to say, I'm a little bit more wary now. But Sega is doing all it can to fix it and help them, so at least they aren't ignoring them.

Re:CNN Article on Dreamcast

Yup, my Sonic CD won't work. From visual inspection, it appears that only about 50 megs were written to the disc.

spending money

[delmoi]

Um... CE comes with the dream cast, so you wouldn't have to spend any money on it...
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Re:spending money

CE comes with the dreamcast but its not as if MS is giving it away.

Anyone for "Dreamcast Refund Day" :)

Re:spending money

No, WinCE comes on the individual games that use it. The cost is primarily to the developer and last I heard MS wasn't treating it as a revenue center. For a developer cutting major time off a PC port it could be extremely valuable, making all the difference between a profitable product and a money pit. This in turn encourages more titles form companies that now have both the time and funds as a result. Sega made a very good decision here to accomodate developers.

Re:spending money

[Aglassis]

This isn't really true. CE comes with the dreamcast but its not as if MS is giving it away. You are still paying for the WinCE even if it is bundled.

Re:The real message

The poster just doesn't have Soul Calibur yet. I've had my j-spec Dreamcast since May and I'm not bored yet!

Already a BSD project

There's already a project underway to put some form of BSD (I forget which) on the dreamcast. It was posted in a Slashdot news item.

wait till shenmue comes out.

That game looks so cool, my guess is you'll be so busy playing it you won't be able to do much else. (like trying to telnet into your console) Oh my god the DC kicks butt!

Remote flashable to let Sega disable mod chips!

mabye its for remote updating of a flashable BIOS

Sure! I think you've hit on me boy-o! That's gotta be it. This will allow Sega to remote flash BIOSes to defeat each successive generation of mod chip. Heck, flashable BIOSes scare the crap out of me anyway bacause maybe Final Fantasy XIXIXIXIX will flash the bios to defeat all previous known mod chip schemes.

Didn't work for me - hoax?

[Ian+Schmidt]

I tried portscanning my DC (US DC, running the packed-in web browser, showing this very article on /. on my TV :) and the latest nmap showed no ports open. I could ping the DC but telnet on any of the ports mentioned did nothing. I'm positive I got the right machine because my PPP dialup has a fixed IP and DNS =)

Anyone else tried this and had it work? What disc did you have running in the DC?

Re:Didn't work for me - hoax?

[Zurk]

he has the web browser disc loaded i believe. try it with that and let us know.

Re:Didn't work for me - hoax?

[biafra]

Ian Schmidt wrote
showing this very article on /. on my TV :)
Just out of curiostity, how well does the DC display text on a TV? Most PC2TV style devices I've seen are really crappy for displaying text.

Re:Didn't work for me - hoax?

[CowJason]

I could ping the DC but telnet on any of the ports mentioned did nothing.

Now, am I the only one that sees a problem with this? Am I horribly mistaken, or does the fact that the Dreamcast will respond to a ping seem to be a horrible flaw in a system that is meant to run games? I mean, all I need is to be on the final lap of a net race in SegaRacingGameX when the sore loser on the other side runs over to his computer and pings my connection to death. Could someone verify this?

Re:Didn't work for me - hoax?

[Serfer]

It will respond to pings only with this disc loaded. Game developers can choose whether or not to respond. Some web sites and other internet activities (like irc) require that you respond to icmp pings. So, I suspect that most game developers won't respond to pings or do much of anything else.

Re:modem

It is a host-based modem. Apparently the PVR2 chip is the controller for it. And the GD-ROM drive too, oddly enough. I'm sure that it's feature bullet points that Videologic put in to sweeten the deal for them vs. 3dfx.

Re:A Little more info

[MindStalker]

Did you try diconnecting your dreamcast and trying the port again? If it still works... it ain't your dreamcast. If it doesn't.. it MAY have been

Gaming/Authetication

[_scar_]

Perhaps, if it does exist, it is used for some authentication of sorts, when you initiate games online with it ?

I'm not sure how it works, I dont have one, but it seems to me connections through a medium, like some big gaming server, instead of direct connection between the two isps and hence the dreamcasts, would be a waste of bandwith.

The authentication could be to avoid country mixups, lets say it was Sonic adventure japanese and american ( heh if that game cannot use gaming online, forgive me on that, i dunno virtually anything about it )
Username: SonicAdventure
Password: here the japanese game connects to the american, hence tries a password like 'jappa'.
It cannot connect, the connection dies, and the game gives you an error. This could also work with version differences, if you can download some game-patches or similar that would change the two games.

that's about it


-scar

Windows CE development

[delmoi]

Well, you might end up spending more mone for Visual C++ then you're dream cast (pluss running somthing like a webserver would be slow of a CD-rom). *but* you can code stuff for CE if you want, check out:

http://msdn.microsoft.com/cetools/ for more info. but I don't know if you would need to burn CE on the CD as well or not.

writing a CE application would probably be easyer then writing somthing that would actualy run on a DreamCast.

also, was the 'dream cast portscan' done while a game that used CE was running? I would think that nmap would detect CE. Or was it just the sega ROM that was scanned?
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Re:Windows CE development

[Ventilator]

What does the "CE" in Windows CE mean anyway?

Re:Windows CE development

[Pascal+Q.+Porcupine]

Connected Edition or something.
---
"'Is not a quine' is not a quine" is a quine.

Re:Windows CE development

[RebelScum]

"Champion Edition" ;-)

Re:Convergence

[quasipunk+guy]

While I know TV's resolution sucks, I am interested in this question because I rented a Dreamcast a while ago. Anyways...

Did you use the RF modulator when you tried it? The RCA's produce a much much much higher quality picture... Didn't come with S-Video or I would have tried it...

Re: Telnet heavily used for binary transfer

[howardjp]

The Kermit protocol sends data similarly to the way uuencode encodes data.

Re:Boy... they weren't helpful...

[starman97]

Could it just maybe be the Slashdot effect, and you were the 1000th caller asking the same question? I'd be pretty annoyed if I were Tech support and had to answer the same question 1000 times already within a single day...

Then again, it 'could' be a big conspiracy...

Be patient, the whole thing will be hacked withing a month or two anyway...

Re:A Little more info

Why not take your Dreamcast to the computer science department and let the classes fool around with it and see what turns up... Maybe someone there has access to the schools network and can trace it right back with out proxy and things of that sort... Just a thought... pax

Port 113 is auth...

[Da+w00t]

Port 113 is reserved for the autb protocol.. I don't see why someone'd want to 'auth' a DC... I could just see it returning 'Sonic' :)

Re:Wow! Dreamcast as an affordable router!

Just because a portscan says it's HTTP, BGP, or NetBus, this doesn't mean it actually IS that protocol. All the scanner does is check TCP ports and compare against a list of commonly used port numbers. If it gets a response on port 80, it guesses that this is HTTP.. It does absolutely no verification. I can run an HTTP server on port 60437 if I want.. There is nothing magic about port numbers. So... The Dreamcast is not doing BGP or NetBus.. They just happened to choose those ports for some other purpose. Aside from it's networking support... NFL 2K Kicks ASS!!! Ready to Rumble Boxing is also great. I just can't wait for Virtua Fighter 3tb.

Port 23, open, closed...

[nickh]

I got my DC's IP address from a web site that reports your IP. Then I tried telneting to port 23. It seemed to work, because it asked for a password (no user name though). A couple of hours later, I did the same thing. Figured out my new IP, and then tried to telnet to port 23. This time though, I got nothing. I tried turning the unit off and on, and repeating the same process. Using the Web Broswer CD that came with it. Still, I coudlnt get anything from port 23. I'm not sure what this means. Maybe, I'm just missing something here, but I thought it would be something worth mentioning.

Re:Port 23, open, closed...

[nickh]

Oh yea, in case anyone is interested, I'll try to keep the DC from disconnecting for a while, so that it maintains its IP. Right now, its 209.50.100.176 - As of 2:30 am EST Best of luck to ya.

Re:Boy... they weren't helpful...

[DAVEO]

could you answer the obvious question? ;0)

Re:or put linux on it!!!

I believe the 92 and 89 run on m68k chips

Re:off topic, but something came to my attention

[DAVEO]

no,. daveo has done no such thing, just so people do not become mis-informed. the karma of daveo has reached -16 which is at the 0 level, not so bad.

Re:hack it.

[SvenH]

How about removing the GD-rom drive from Dreamcast and then connect it to PC? Has anyone examined if the GD-rom is using a standard IDE connector? I assume Sega must be using IDE or something very similar. They can reduce production costs by using standard PC components.

Has anyone tried crashing the DC?

Anyone DoS'ed this thing yet? daft_punk

Beowoulf Cluster

Imagne a beowulf cluster of all of the Dreamcasts Out there

Re:Convergence

Look at what happened with Playstation's mod chip; if there aren't external ports, people will make them. If there's not a way of doing something, someone will end up finding a clever way around it, thus benefitting everyone. I have no doubt that some industrious person out there will risk the life of their Dreamcast by opening one up and seeing if there's a good way to "harness that power" that you speak of. It's just a matter of time.

nickd@ticalc.org

Yes, that's what I said :)

[Ian+Schmidt]

Not only did I have it loaded, it was showing this very /. article on my TV when I ran the portscan.

Again, no ports were open and the Dreamcast only responded to pings. I suspect the original guy accidentally hit an NT box or something :)

That's exactly what I was thinking.

Also, I've noticed that nmap gets confused by nat'ted hosts. I tried portscanning my computer and it couldn't detect the OS.

Re:That's exactly what I was thinking.

[mindstrm]

'confused' by NAT'd hosts? No kidding...
If something is hiding behind address translation.. you *cant* scan it...

I think I can smell...

[ainsoph]

A great idea: A dreamcast linux port!

Every platform! Whats next?

then, a Beowulf Cluster!!!!!

[delmoi]

what would slashdot be without this post?

Actualy, I belive that work was done to get NetBSD to run on the thing, so you may not need to port linux.

I don't know how usefull the system is for *general purpose* computing (IE they spent all there money on sweet graphics chips). With built in networking it might be posible to build a beowulf cluster, but I don't know how easy it would be to get a program to run on dreamcast (Sega may have 'locked it down' to prevent game piracy, and unlicensd games)
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Re:then, a Beowulf Cluster!!!!!

[redhog]

...but that makes it an ideal X-terminal!

Re:A backdoor for Sega?

[noosphere]

if I understand correctly, not just for Sega perse, but for anyone writing the GDROM that goes into the Sega, since the internet connection software is part of the GDROM.

Anybody remember back to the days of prodigy when people were finding all sorts of personal information in their cache files that had nothing to do with Prodigy?

Now if they used it to gather information on playing habits to make a database and use some Baysian logic to make AI smarter it might be worth it!

'Net connections aren't neccessary

Yeah, but there's nothing forcing you to connect this puppy to the internet. (I don't have a PPP account anywhere, so I can't even try it.) The games (right now) work fine without the net.

Re:Everyone has missed the big question

[Mandrias]

Maybe he didn't have a game ;)

Re:AOL on Dreamcast

[Uart]

AOL 4.0 and up can also dial PPP connections. (Top secret beta-tester info. but i never liked them anyway...) My sister forces us to keep our account.

my, quite the hypocrate, eh?

[delmoi]

It's kind of silly to call someone else an anoying idiot, when you infact, are one.
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

What is the telnet banner?

[mattc]

What exact words come up when you telnet to the machine? We can determine if you are just hitting a router or proxy server or something of that sort by the telnet banner. If it says "User Access Verification" followed by "Password:" it is probably a cisco router (for example). Or if it says Linux or FreeBSD or something.. you get the idea. If it says Sega login: then things will be very interesting :-)

NetBus

[mplex]

Of course it's a redirect, why would netbus be open. Think about it, it's obvious what's going on.

DCC into DC-IRC client through port 113 ?

[Money__]

Well...if the Dreamcast unit has an IRC client - is it capable of recieving DCC file transfers?

Re:DCC into DC-IRC client through port 113 ?

[hellish]

what exactly would you dcc to someone on a dreamcast?

Re:DCC into DC-IRC client through port 113 ?

[Money__]

I realise that there isn't any storage on a DC, but I'm curious if the DC-IRC client suports it.

dreamcast and open ports

I believe that poster near the bottom is
correct, the open ports are dependent
on what CD you are running. When I dialed
up on my dreamcast (using the supplied
browser disc) and nmapped it, I found
NO open ports at all ( I did not use the irc
client, just the web browser) nmap says:

Remote OS guesses: Cyclades PathRouter V 1.2.4, Cyclades PathRAS Remote Access S
erver v1.1.8, Cyclades PathRAS V 1.1.7
OS Fingerprint:
T5(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
T6(Resp=Y%DF=N%W=0%ACK=S%Flags=R%Ops=)
T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
PU(Resp=N)

mailed it off to fyodor maybe he will include
it.

Re:"Filtered" in nmap

re:port 80 Its not blocked, forced through their proxy rather..

MUDs on DC?

Way ahead of myself here, but wouldn't that be the coolest misuse of technology?

daft_punk

Re:Port 80 redirects

[blue]

I'm sure it's just filtering (notice nmap reports "filtered") HTTP requests so that users can't run http daemons, and 12345/12346 to block NetBus crackers from getting in. I doubt it's proxying/monitoring. Entirely the ISPs fault.

Re:can a DC-IRC client DCC ?

[Money__]

An earier post to this topic mentioned that this his DC was using Port 113 for IRC . . regardless of what port is being used . . my question still remaines... can a DC-IRC client DCC

VA Research

[blue]

Good point. I remember seeing in my logs a VA Research host (kernel.varesearch.com, I think) that was surveying my kernel. Well, at least I hope that's what they were doing. Has anyone else noticed this?

Re:How about trying a sniffer next..

[ryanr]

It's pretty inconvienient to sniff an analog modem connection directly.

Here's how you might go about it:

Never used Dreamcast myself, but I presume you can program in a phone number that it dials to get ot the net?

If for some reason you can't pick an arbitrary number, take it to work and make friends with your PBX admin. They can get it to drop on a particular extension no matter what number it dials.

Have your own PPP server answer the call. If it's a *nix machine, you can probably sniff the PPP interface directly.

If you can't sniff the PPP, or your PPP server is a Windows box or some such, just pull it off the Ethernet after it's routed.

Re:Mindspring = Scientologists

[expunged]

As far as I remember, that was Earthlink, not Netcom.

Search through deja.com or some (anti) scientology websites and it should show the "truth". I'm 99% positive it was Earthlink.

I know I'm off topic... just correcting :o)

-nicole

Sega Hides true host

[rbouwens]

In case anyone didn't already notice, when using IRC the host of the clients are listed always as NS-XXXXX.real.host.net aka mine was... NS-27268.dialup.anchorage.greatland.net I recently quit working at that ISP so I no longer have access to the portmaster. I just emailed a friend there to get the real IP address.

Re:Sega Hides true host

[mindstrm]

Okay. My bad.
I arrogantly thought it connected to EFNET or other popular IRC servers.

Re:Sega Hides true host

[mindstrm]

Umm....
this is a reverse DNS issue, not a Sega issue.
The ISP would have NS-XXXXXXXX set as the name for the particular IP you are using.

This is not 'hiding' the 'real' hostname... for all intents and purposes, as far as DNS is concerned.. this *IS* the hostname.

Re:Sega Hides true host

[rbouwens]

Nope. Its a java IRC client thing. Every user logged in to IRC through there Dreamcast has their hostname changed.If anyone wants to try to get into a Dreamcast, email me at rbouwens@nospamgreatland.net and for a limited time I will give you the IP address of one live on the net.

Re:Sega Hides true host

worldnet(?) or worldcom irc chats do that too.

Re:Sega Hides true host

[TeddyR]

If the IRC server is run by sega, it is very simple to have the IP address masked (only for clients that connect to that server). I remember seeing an "anonymizer" type patch for an IRC server which gave the options to do just that... either have the form of
"UNIQUEID.anon.ircnetwork.com" or
"UNIQUEID.realnetworkname.com" where the hostname (first item till the first dot) was replaced by a uniqueid/sessionid... The IRC Ops can see the real information, and the log does contain the mapping info...

so to repeat... if they connect to a fixed irc server, then it is trivial to make the server hide the hostname info, or even "totally fake it"....


https://www.mav.net/teddyr/syousif/

UCITA conspiracy theory! :-)

[weave]

I know, I know, the remote telnet allows Sega, under the UCITA, to be able to telnet into your machine whenever it's on the net and disable it!

Just think, run a copied game -- zap your dreamcast.

Mod your Dreamcast? First time you hook it to the net, your firmware gets erased.

Try and port Linux to it (a non-licensed product), the Charo in your VMU pops to life and kills your penguin!

:-)

Re:clueless jerkey

[yomahz]

Catching on?? I thought he was loosing him even more.. Since when is giving out DNS illegal (someone better inform internic)??? Not like it matters, that wasn't even what he was asking.
--

A mind is a terrible thing to taste.

Re:"Filtered" in nmap

[blue]

My best guess would be that the ISP doesn't want users to run web servers (bandwidth?).

Re:More Information Please! (Is this a Hoax?)

There is no trojan in the Dreamcast (or if there is, you cant tell from that nmap scan). That netbus port that nmap reported just means that port is being filtered by the ISP. If I portscan my gateway from my local lan I get:

Port State Protocol Service
23 open tcp telnet
80 open tcp http
2064 open tcp distrib-netassholes

but if I scan it from the anywhere else on the internet I get:
23 open tcp telnet
80 open tcp http
139 filtered tcp netbios-ssn
2064 open tcp distrib-netassholes
12345 filtered tcp NetBus

The ports that nmap reports as 'filtered' are just that - filtered (by ISP routers) before they get to their destination and are reported as such.
No more Microsoft backdoor conspiracy theories here I'm afraid (at least not for today)..

NET Yaroze, PSX development

[delmoi]

Sony sold a system called the Yaroze, that was supposed to be used to hack the playstation with a PC and GCC, but the licencing requirements were rediculis (you couldn't sell your game yourself, sony had first dibs on marketing, also the system was missing some of the advanced modeling libs)

I don't know if you can use a Stock CE dev kit for the dreamcast however, Sega may have put some locks in the DC to stop unauthorized games from being sold
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Re:NET Yaroze, PSX development

Sega has/had an amateur programming system in Japan and it would be a pretty cool use of WinCE if they did something similar for Dreamcast. What could really be interesting is that VB 7 will direct hooks to the DirectX API set and will be able to output binaries to WinCE. This is about as easy as it could get for absolute beginners. Kick in the ZIP drive Sega has announced and you have an easy way of doing largish projects, as opposed to the RAM limit on the PSX Net Yaroze system. (Many of the best games from that have appeared on Sony's Playstation Underground CD Magazine. Takes me back to the Atari APX contest.) Using the ZIP would also get around the GD-ROM copy protect issue. This may not be satisfying to many here but it would a great way to encourage beginners without asking for a large investment. How many of us got started on a 6502 system, learning techniques from BASIC game listings in magazines? Anybody else here remember the agony of typing in the hex listing of Fill 'Er Up in Analog?

"Hack" www.dreamcast.com

[Mad77]

Some areas in www.dreamcast.com are accessible
only trough a Dreamcast.
I think they check "User-Agent" browser's header.
Once you know it, you can browse these areas
from a PC (ok, a really stupid idea, but... ;)
Can anyone try to connect a dreamcast's browser
with a machine running 'nc -l -p 80'?

Oh my!

[Markonen]

What are the crackers going to do? Steal your high scores?

Re:or put linux on it!!!

[PurpleBob]

That reminded me - I see that someone's come out with a C compiler for the TI-89, called TI-GCC... And the TI-89 has enough archive memory to hold a Linux kernel. So how long do you think it'll be before someone ports Linux to the TI-89?

That'd make my calculator so much cooler. The 89 is already closer to a computer than a calculator, so it's too bad it's got such a clunky OS.
--

Re:hack it.

That doesn't make any sense. The "ROM" is the a GD-ROM, something propietary that is smaller than a DVD but bigger than a CD. The internet connection software is not built into the machine, but into the game disc. You'd have to get a disk drive that could read the GD-ROM and dump it.

Re:or put linux on it!!!

[Linux_n_JesusRule]

Both the 89 and 92/92+ are running 10 mhz m68000 chips, just like the old Macs but 2 mhz faster. The latest ROM gives the 89 just over 600k mem total I believe. I could see Linux on it pretty easy, and since there's already a mk68k Linux port I bet it wouldn't take much at all to adapt to the screen and mem type.

Filtered ports

Has anyone noticed that 3 ports (80, 12345, 12346) are filtered? My, oh, my are there a lot of silly replies here.

Bah

Anyone serious about connectivity already has a router setup. I want ETHERNET.

that posting was bogus.

i just wrote a quick cgi script on my linux box to print out the ip address of the client visiting it. I then went to the cgi script on the dreamcast, and telneted into it. didn't work. i don't have nmap installed, so I'm not going to telnet random ports, but i can tell you that i couldn't get anything out of port 23 and 80. And the cgi script worked right- the client address was different than my linux box's and was on the subnet my isp uses- so it seems to be pretty valid. gr, i hate bogus posts, especially when it gets all the slashdot readers all excited like that. ah well. -ethan

Re:that posting was bogus.

[mindstrm]

Because, what appears to have happened is this:
1) Dialed into his Univeristy account with his dreamcast
2) Use the Dreamcast web browser to go to a web page with a CGI that tells you your IP
3) Took the reported IP and ran nmap on it.


Insert: step 2.5, Univeristy network transparently proxies web traffic, therefore the IP reported is that of the proxy server, not the Dreamcast.

Not hard.

Re:that posting was bogus.

[DAVEO]

hmm well that would not account for telnet, since it was not filtered, how is that?

and would it be possible for one on a cd-rw to create a program for the bsd api that basically turns it into a full-fledged pc, or at least run a specially-writen telnet server or open ports? if this were possible, it would still be worth its money in hacking value.

AOL at work?

[delmoi]

get another job... man... :)
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Re:AOL at work?

[Kenshin]

It was at the request of the client that we test the website under AOL. They pay the bucks, we don't question it. (Sorry, got offtopic, won't do it again... for a while)

Jacob Rens
Daily Videogame News and Info: http://www.the-nextlevel.com

Possible answer for question #3

[tragedy]

One reason I can think of that Sega might want a back door into someone's dreamcast is so that they can run diagnostics offsite. It might save money in the long run if problems with the machine can be diagnosed by the tech support operative while you're on the phone (provided that you have a second phone line just for your Dreamcast), in some cases that would otherwise require that the machine be shipped in for repair. Possibly, the support person could update the machine's firmware remotely.
That's about all I can think of. As for why they use Telnet instead of some proprietary protocol... who knows.

Ahh haa

I have to admit, that sounds like the most plausible explanation I"ve read here. He should have specifed if it just said username: or something funny like AIX Version 4 (C) Copyrights by IBM and by others 1982, 1996. login: Wouldn't that be funny. And if AIX is not popular for ISPs, don't jump all over me. I'm just using an example and don't care.

What Kind of crackhead............

who would do try this on there game box and why? the effects of sniffing glue are great underrated.

Re:What Kind of crackhead............

[Tyrell+Hawthorne]

Ya know, if you've spent so much money on such a powerful piece of equipment you might just want to know a little about it...

dissconnecting

[delmoi]

uh, the last time I checked you didn't need to have access to a machine in order to disconnect it from somthing...
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Re:�ISP?

The default ISP to register with is the AT&T Worldnet service - you don't have to use them specifically though, you can use any ISP that allows CHAP authentication, POP3/SMTP mail servers and dynamic IP's.
AOL probably won't work, but why would you want to anyway :)
The DC comes with it's own browser (Planet Browser or something like that), and this browser sucks! Honest to god, IE3 is better than this one. It's still in developement though and they are talking about adding more features like Java support.

Beowulf Cluster

Maybe this is a way for Sega to make a big group and as each Dreamcast connects to the Internet, it let's Sega HQ know of it's IP, it downloads RC5 blocks on a Sega-made RC5 client for the Dreamcast and starts cracking it. I wouldn't mind having millions of 200 MHz proprietary CPU's cranking out RC5 blocks for myself.

help! my dc just got 0wned

someone netbussed my dreamcast and now sonic is giving me the finger! :(

Re:Scan != crack

[QuantumG]

Bah.. if you leave your car doors or your windows open in my neighbourhood I'm gunna come knock on your door and tell you how lax your security is. The security of your box/house affects my security.

Re:using the dreamcast as a pc/hacking toy

[Money__]

has anyone been able to verify that the dreamcast does accept telnets, during any specific game, web browser, or otherwise? Can't be done!

how complicated would it be to write simple programs for the dreamcast? could this be done in c or c++ for a win ce or *bsd api? Can't be done!

if one were to write a program for the dreamcast, could it be put on any normal cd-rw and used immediately, or would any special modifications be needed. The disk is propitary so,.....wait for it . . . . . . . . . Can't be done! It turns out that the original poster did a wonderfull deep scan of a router. I think your odds of hacking said router would be more interesting/fun.

or put linux on it!!!

[MarNuke]

that would be cool as hell use it as some X11 web brower type deal

Re:or put linux on it!!!

[DAVEO]

what could the http port be open for? maybe on the release date (when is that?) daveo could get one, and become the first to write a web server for a video game system. wow, the possibilities surely are endless! if they do use disks drives, would there be a way to hook one up to a pre-existing computer, examine the data, and find the user names and pw? it *is* windows, so the .pwd file could be easily replaced if this goes by the concept of 9x. no /etc/passwd

Re:or put linux on it!!!

[Microlith]

after posting in comp.os.linux.m68k i was told that the 68k that the 89/92 use did not have an FPU or MMU, AND that the memory available was below the requirement of linux? Anyone wish to clarify/append info?

Re:or put linux on it!!!

[Phroggy]

I was thinking about the possibilities with my TI-82. I made a two-player Chess game (you can't play against the calculator, sorry) and a working version of Cannons and Castles (http://www.bigfoot.com/~phroggy/cannons/). And Hangman. I tried to make a multiplayer Tic-Tac-Toe game, but wasn't able to get the networking worknig right. However, I was rather discouraged by the fact that the TI-82 doesn't support string variables. Hangman without strings was an interesting trick, let me tell you. Oh yeah, and I got it to display a scanned photo of my face on the screen. :-)

Re:or put linux on it!!!

[vectro]

Actually, if I read that correctly, the http port was filtered, not open. In this case, all it means is that the portscan packets for the http port were left unanswered. They could have been filtered by the dreamcast itself, or by some router along the way.

Many ISPs deny access to ports like http to discourage dialup users from running services.

Re:or put linux on it!!!

[linuxonceleron]

You don't need linux to cheat on a test, The calc itself with a few programs could do it.

Re:or put linux on it!!!

[Jedi]

the SAT!!! math is simple as hell and you cant even have a calc on you desk while you do the verbal besides... in the time you take to get things from your linux calc you could do more

Re:or put linux on it!!!

[linuxonceleron]

Linux m68k only runs on the 68020 and above(not many 020 machines can though), it cant run on the 68000 for the reasons you stated, hmmm wonder if you could emulate a mac plus on it :)

Re:or put linux on it!!!

[pen]

I wonder if we could put together into a Beowulf cluster...

---

Re:or put linux on it!!!

[PurpleBob]

The TI-89 is actually powered by a Motorola.
--

Re:or put linux on it!!!

[m3000]

Speaking of pictures, my friend actually found some porno program on his calculator. It should a naked women bent over, but it was realy hard to make it out clearly. He brought it to school and showed all of us, and the ones that had a TI-83 he gave it to.

Re:or put linux on it!!!

There are commonly avialable .bmp viewers for TI calculators. He probably just downloaded some porn pictures he downloaded from the web and was showing htem off, I know I have done it...

Re:or put linux on it!!!

[linuxonceleron]

My friend wants to run a web server off his ti-83+ calculator. I guess he'd have to write tcp/ip for it using slip over the graph link :)

Re:or put linux on it!!!

And one of my friends has begun development for a webbrowser for TI-89. Much easier, since it's a much better calculator, more flexible.

Re:Convergence

[ncc74656]

They have succeded in that, but their machine is completly useless as an Internet Browser (mail, web, other). This is because of the resolution on a TV it's way to low.

TV resolution is fairly low, but it's not completely useless for web browsing...look at all the WebTV boxen out there. :-) On a more serious note, I have a K6-200 here with a Velocity 128 that I use primarily as a DVD/CD/MP3 player (parked under the TV just like a VCR). I've also fired up Internet Explorer on it, just to see what it looked like. With the display set to 640x480 and large characters, it's usable on most reasonably well-designed sites. On sites that were designed with more screen area in mind, it doesn't work so well. (People who hack their own HTML with vi/emacs/Notepad/[insert the text editor of your choice here] are more likely to generate pages of the former type. People who think FrontPage is the end-all-be-all of webpage editors are more likely to generate pages of the latter type.)

In addition to the design of the site you're viewing, the quality of your video card's TV-out signal has a lot to do with whether you'll get usable results. If your card has some kind of flicker-reduction capability (the Velocity 128 does), you should get a reasonably solid picture. If your card doesn't, the interlace will drive you batty. (I turned off the flicker reduction once to see what it was like...not recommended.)

Re:NetBSD

FreeBSD/Sparc ? Where ? I think that NetBSD port-sparc support Sparc systems.

hm

try some exploits or ping flood it

Re:hm

[Foogle]

Isn't ping flood a DOS attack? What would the point of that be - unless you just wanted to crash your Dreamcast. This is pretty weird, if you ask me - I'd hate to think that Sega had less-than-honorable intentions with this one... Although I can't imagine what those might be, if any. Maybe it's for the NSA :)

Re:hm

[Mawbid]

Nah, it's for the Marine Corps. They wanna pick out the kids who have been desensitised the most from exposure to violent games and are known to have great reflexes. The kids who aim for the head, shoot once, and move right along to the next one. No point in wasting their valuable talents on their classmates. They're needed in the Corps!

I thought this would make a good joke but then I realised it wasn't the least bit funny.
--

Insightful??

DHCP is a protocol used on ethernet LANs to do dynamic host configuration. ISPs use "dynamic IP" setups where RADIUS or TACACS spits out a random unused IP from a network for the user to use. DHCP is NOT used in dialup connections.

Re:Insightful??

Yer.. the post probably was "insightful".. in that it incited people with a clue to post something that was "informative". please.

Re:Convergence

[RomulusNR]

Many of us [hear] complaints that computers are too hard to use - there's no simple way to operate a computer like a television (push a button, and you're there). (We all know we hate these comments, but almost have to admit it.)

Of course not. The only thing you can do with a TV is watch it. Computers are far more useful. The fact that the average shmoe doesn't appreciate how useful is computer can be is a different matter.

The good thing about Dreamcast is that any John Q. Gamer (even their parents) can use this thing - they don't have to be computer literate!

If people want a simple entertainment device, they should get a TV. They might even do well to support the onset of digital / interactive TV. These people obviously have no desire for a useful machine like a computer, or an expensive and slow replacement for a telephone like a WebTV.

Question: Was Dreamcast built to be a game machine, or a hacker toy?

Romulus

modem and wince

[savvy]

The Dreamcast comes with a 56k modem for internet game play and web browsing and the like (it actually includes an irc chat client which I thought was awesome).

The OS issue is not as clear cut. The dreamcast supports two OS's, and games are allowed to pick and choose which one they want to run on top of. A heavily modified version of WinCE is one choice, which should allow for easy ports of PC games (or rather, would make for easy ports to Win32 from the Dreamcast I would be willing to bet). The other choice is Sega's own proprietry OS, that is rumored to be based on the Saturn's OS. It would be interesting to know if the person who did this TCP/IP scan was running the web browser CD when he did this, or one of the games that supports internet play, such as Sonic Adventure.

Re:modem and wince

[cananian]

Yeah, it seems clear that TCP/IP support is part
of the OS (two choices) and probably which ports
are open is strictly a function of software; ie which CD is in the drive on power-up.

Calling sega to get the password will probably do no good -- you should call the manufacturer of the
game CD that you had in the drive.

Re:modem and wince

[Foogle]

Are we sure that's the case? That these ports were opened by the software or the embedded system in the Dreamcast. I wonder if there's a way to find out. That would make a lot more sense (although I can't imagine why a *game* would need telnet).

Correction

[rbouwens]

Not a java IRC thing. Its a Sega IRC server thing. They protect the hosts of ALL users logged in.

Policy based routing

Routers, or at least decent Cisco routers, can very easily redirect ports to another machine. I could for instance, redirect all incoming requests to port 23 on an interface to another machine.. say my firewall, where you would then authenticate and telnet on from that host into the internal network.

Re:A new name, a new light?

USR trademarked WinModem if i'm not mistaken, so other manufacturers would kind of _have_ to call their modems something else...

lewp

it doesn't have to be a telnet client

telnet to port 80 of slashdot.org.

Why would you use telnet to browse the web? how silly! Telnet offers no advantage over a web browser!

Telnet just opens up a socket to a port on a remote machine. You don't have to use telnet, and you sure as hell don't have to use telnetd.

Information about nmap

[Inoshiro]

"Did anyone try to access the web server and see what was open (if not exactly what happened)? "
Netcat+telnet experiments would be nice.

"What about the two "NetBus" ports? Is there a version of NetBus for WinCE (or whatever Dreamcast runs) that I don't know about?"

No, when Nmap says it's filtered, it means it's a connection denied thing (ie: no open port). 100061 on Win32 ;-)

I'm wondering WTH is on port 179, and why there's a Netbios/WINS server port open on the damned thing.

ethernet connection

[mastagee]

does anyone know if sega plans to implement an ethernet card in dreamcast?

I know it would be initially not practical for the common user, but with more and more cable providers and isps offering high speed access, it would be a good idea in the near future.

Re:ethernet connection

[m3000]

It's been rumored, but I'm not sure if one has been officially announced. I for one would love it so I wouldn't have to get a phone ISP again for the DC.

Re:ethernet connection

I have my home network masqueraded over modem. It would be alot more advantageous to get an ethernet adapter than disconnect my network from the internet so I can play the Dreamcast. Also, can you play multiplayer games on it and like you can talk to some guy, setup a special game within the software, then the dreamcast maps a controller port over the internet to the other guy or whatever. Cause I think that to play Soul Calibur over the internet would be the best, I'd battle other people. Also, you can setup the team battle but have people around the country playing on teams, that would rock.

Re:ethernet connection

[Falrick]

I don't know about an ethernet card, but I read a quick little blurb in an "unofficial" sega dreamcast magazine stating that Sega plans to be releasing ISDN and ADSL modems for the DreamCast sometime in the future.

Re:ethernet connection

[EEEthan]

OOh...hook into the campus network and be a Dreamcast lpb. I sure hope they do that...I mean, I can't compete without a huge ping advantage, and the hottest hardware around.

Re:ethernet connection

[MonkeyBoy]

Manual? Pah! My Courier has almost all the useful AT commands silkscreened on the bottom.

When you make the modem larger than an external hard drive there's plenty of space for text. ;)

Re:ethernet connection

[Erik+Hollensbe]

ATX1
'nuff said (ahh... the days of doom & 2 modems in 1 room....)

It kind of disturbs me that so many people in here know so many languages, yet never spent 10 minutes reading their modem manual to figure this out.

Actually, all ATX1 does is disable the "NO DIALTONE" message, which most modem clients use to detect whether there is one or not. Technically, as long as the modem itself gets a handshake, it doesn't give a flying shit.

so, on the client...

ATX1(CR)
ATD(CR)

server...
ATX1(CR)
ATA(CR)

you *MUST* initiate the client first. Never gotten it to work the other way around.

blammo. you hear blackboard-scratching noises.. wait for "CONNECT" and you're ready to go :).

Although, don't waste your time with PPP if you can do SLIP over that kind of a connection... No sense in having to bother with all the bullshit involved in a PPP server.

-Erik-

Re:ethernet connection

[MindStalker]

ATX1 duh we know that. We're talking about the dreamcast though, how do you even go about sending AT commands to it in the first place, noone yet knows (outside of Sega of course). And for some reason I doupt Sega has SLIP installed.

Re:ethernet connection

[MindStalker]

Been way to long sense I've seen it done, but I believe you can simply hook up your dreamcast to your computers modem, dial out on the dreamcast and send an ATA to the modem on the computer. Then just run a ppp server. ok accually its not that simple as you have to force the dreamcast to ignore the fact there is no dialtone.. but if you can pull that off.

Re:ethernet connection

[TeddyR]

Dont know if they are or not.... But it would be a VERY cool move if they did.. think of it...

1-Dorm rooms with Ethernet
There are many of those cropping up every day

2-Cable modems (ethernet interface)
It would be worth it to pay the extra $5 to get a second ip for a dream cast since I already have a cable modem

3-ADSL modems (ethernet interface)
This would probably be a better bet than an integrated ADSL modem..

4-Home network
friends brings their dreamcasts to play multiplayer in a home lan.

5-LAN parties
If there is a Quake2 for the dreamcast, i have a feeling that it will quickly become the lan party tool of choice for many

an ethernet port opens up MANY more multiplayer possibilities... thus more sales... (of hardware and software).. [the question becomes; can the IP address be configured manually, or does it have to use DHCP; or will it use that autonegotiation stuff in 98 and macos; falling back to dhcp]



https://www.mav.net/teddyr/syousif/

Re:ethernet connection

[Rhys+Dyfrgi]

It should be simple to, in either software or hardware, setup a device that will play the dialtone until it receives input (the phone # the DC is dialing), then run a PPP server over that link. Software would probably be really easy, if someone has written a decent interpreted language for controlling modems. Otherwise it'd probably be easier to implement in hardware, and still really simple. All it has to do is play a tone and wait for input, then wait a few seconds before connecting the two sides (computer and DC). Sure, it's a hack, but it'd work.
---

Re:ethernet connection

The modem, even though it looks like it's part of the console corner, is actually detachable, and I've heard that they're working on an ethernet card accessory to replace the modem module. I think the port is the same one they're going to attach the zip drive to.

Re:ethernet connection

[kriston]

The web browser disc supports "blind dialing" which waits 2 seconds and dials whether there is a dial tone or not. You could get away with that and another modem waiting on an ATA. I suspect any internet game would allow you to do blind dialing if the web browser disc does.

Kris

Kriston J. Rehberg
http://kriston.net/

Re:ethernet connection

[IntlHarvester]

Forget other countries -- How about Pacific Bell voicemail in San Francisco, CA. The message-waiting sound screws up the DT enough that my USR modem won't pick it up.

But that's OK - I always long for another chance to crack open the AT command manual.

Re:A new name, a new light?

ermmm... 3com

prort 80

[delmoi]

You don't use port 80 to surf the web, outgoing connections use a random port for connecting, if it was, you couldn't surf the web and serve pages at the same time.

Also you don't need to have a outgoing port listening for connections...
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Re:Any chance for an RC5 client?

[jcrosby]

That would be a great way to crack the username and password. Hook one up to a network and start giving out distributed clients. After we cracked it, we could see if all of them matched.

I think this proves I don't have a life :)

"One World, One Web, One Program" - Microsoft Promotional Ad

Ummm, no....I don't think so.

I work tech support at MindSpring and I can assure you that there are not a large number of Scientologists here. I'm a fairly strong Christian myself, but most people here are not religious at all if anything. MindSpring has never done anything particularly against or for the Scientologists and have never had any unfounded allegations of child molestation against anyone. And there are no scientologist in the top officials as far as I know. Earthlink is the one with a lot of Scientologists, or so I'm told. Like the last "Anonymous Coward" said, do your own research.

Port80 open for surfing?

[LousyGeek]

If there isn't a web server inside, which would be tough, maybe this port is open for surfing, something similar to WebTV?

Re:Port80 open for surfing?

[vectro]

Well, actually if port 80 were open it would be only useful in accepting connections. Outgoing connections work differently.

But it's irrelevant anyway, as port 80 is not really open. Read my comment above.

Re:AOL on Dreamcast

[pen]

Actually, I was talking about being able to connect to AOL through TCP/IP (i.e. dial up to a real ISP and then connect to AOL through it)

---

PSX 2 and linux, telneting

[toonse]

Well now that I have a NGPS (PSX2) dev box, I've been contemplating trying to compile up a linux kernel for it :D Wouldn't be much use without a keyboard and stuff but it would be interesting just for the sake of cool-ness.

Motivation and Brute Force

[quux26]

Geez.. I might get one of these things just to have it on the network. Wonder if you could burn something and use it as a server. Heh.

Anyone tought about bruting the telnet session? After all, no admins to monitor the attempts, right?

quux26 --> Lazlo

good for dorms,

[delmoi]

In my dorm room I've got two RJ-45 jacks, one for phone, and one for ethernet... a regular modem wouldn't do me much good...
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Re:Any chance for an RC5 client?

[NotQuiteSonic]

I know my parents don't like computers being left on... imagine billy saying "but ma, I can't turn it off I'm helping crack RC-5"

Re:Stop lying

[rread]

If that is true, then why doesn't somebody put Linux (or something) on a game disk?

A suggestion

[MbM]

Put a modem into your computer and dial from your dreamcast directly into you machine. I suspect what nmap picked up was a filtered port (as someone hinted to earlier) many isp's do this in an effort to stop users from hosting websites and wasting bandwidth. If indeed there is a telnet port open you can run a standard dictionary crack on it but that raises a few interesting questions:

What would you see once you logged in? if i remeber correctly these machines are based on winCE chips.

What prevents you from getting into any other dreamcast machine on the web? They aren't likely to have set the passwords different on each one.
- MbM

Why would there be a telnet port?

[emufreak]

Why would there be a telnet port open if:

a. You can't telnet into your DC.
b. You can't telnet out from your DC.

It doesn't make sense.


*-emufreak-*
www.kontek.net/pp

�AOL?

[delmoi]

not PPP, they use a propritary link protocol
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Just wait...

[Beguile]

The real test will be when SEGA releases the 10/100 card for the dreamcast and we can simply test this on a LAN. That way there would be no ISP routing or monitoring going. According to everything I've read so far the 10/100 NIC should be released within the next 6 months (as long as it's in time for Quake 3 Arena). At least then we can get a definite answer to the whole telnet idea. It should be interesting if nothing else.

-Beguile

Re:web on tv

I have to completely agree. I have all of the "normal" computer stuff ( adsl, a couple of workstations, a nt machine) but I was playing with my brothers webtv, although it was slow( modem) I would pay the money neccesary to have a ethernet based internet browser on my tv.

Re:Knock people off the game service??? i dont thi

[mastagee]

ok obviously if sega runs all the game services this will serve no purpose, but how about if games allow you to start your own servers independant of segas services in the future.

now i dont see why they would need it, but why the hell did id software need a backdoor in quake 2?

Re:Need GD-ROM specifications please!

The GD-ROM has a 30-odd megabyte normal CD-ROM format partition that contains, among other things, an audio warning to the effect that this is a game, not an audio CD. Could this be what you are seeing in your normal CD-ROM drive?

Re:using the dreamcast as a pc/hacking toy

[Graymalkin]

You could write dreamcast programs as easily as writing a Win CE program, the problem comes when it's time to compile.

Re:hack it.

Accually, that's not quite true. If you've ever installed a playstation mod chip, you'd see that the only thing on the CD-ROM reader was the lens asembly and the motor asembily. The interface for the GD-ROM reader/lens assembly is accually in the PowerVR2 chip. Must have been another selling point from VideoLogic to pull the carpet out from under 3Dfx ;) Anyway, I'm making an educated guess that it's just a simple lens/motor attached to the DC's mainboard. (educated meaning I traced the traces on the motherboard to the PVR2 chip) Kamilion

ISPs are offered money for tracking information.

You better believe it; the main purpose is the tracking information, NOT improving download speeds (heck, the increased latency actually DEGRADES the perceived performance). I work at an ISP, and an offer to do this to our users has recently been proposed. Evil. Resist.

Re: SAT calculators

[colmore]

they don't let you use calculators when you're taking a verbal part.

And the math is all basic geometry or simpler, so if you've got the brains to be putting stuff on your calculator, you can memorize the pythagorean theorum.

now the GRE's...

Dial up server

Why not put up a dial up server, then you could set your own IP and have the Dreamcast connect to that. You would get direct replies with the port scanner after determining the IP address all the packets were coming from. Then telnet in or do whatever you want.

Re:Dial up server

[QuantumG]

werd man.. screw going through an ISP.. put the damn dreamcast on your LAN.

Re:Need GD-ROM specifications please!

[Graymalkin]

They use a higher density structure than CDs. You can probably think of it as a Mode 3 CD-ROM. Whereas Mode 1 is 650 megabytes and Mode 2 is 740 megabytes. On a normal CD the pits near the center of the disk are much closer together than the ones on the outer layer. Why is this so? Because the first CD-ROMs were single speed, the servo that spun the disc couldnt go from 4x to 6x which means the farther out on the disc you go the slower you have to spin it in order to be able to read the data. So they made the outer layers less dense so they would only need a single speed motor, this kept the price relatively low. Newer CD-ROMs have multi speed motors that can slow down on the outside and speed up on the inside, this is allows them to read Mode 2 CDs, which have a little higher density than Mode 1 CDs. Sega's GD-ROM packs the outside of the disc as densly as the inside of the disc and has a very good variable speed motor. This is what enables a regular CD-ROM to read the first track of a GD.

Re:hack it.

How about dumping the gd-rom thru this port?

Ask a stupid question...

[D.+Mann]

I wonder if he tried an anonymous login, or standard root/root & other default passwords.

Since we already know the Dreamcast can run FreeBSD, it would be interesting to have a Linux port.

Re:Ask a stupid question...

[skullY]

Since we already know the Dreamcast can run FreeBSD, it would be interesting to have a Linux
port.

And of course, with the running Linux comment, comes the obligitory "What about a beowolf cluster of Dreamcasts" post.

(You knew someone was going to do it)

Re:using the dreamcast as a pc/hacking toy

[DAVEO]

what is the compile problem? also, some people say that the dreamcasts read cds, so can they also read programs off cds? oh yes, one last question, can they be somehow hooked up via ethernet cards? sega's site says it has only an internal modem.

I work at Sega Tech Support.

I have no idea what the name and pass is for the machines. We have never even heard about this...

Re:Wow! Dreamcast as an affordable router!

Hmm has anyone thought that maybe port 80 is a web proxy? just an idea..... I mean if you found routing software on it? who knows -Goober

Re:Whoa(wince)

[captredballs]

Where do you get this version of twitch, I mean winCE? Could an average joe compiler something for? Does anybody know what this would entail? It would make a nice little generic network device: cheap, easily configured with the change of a cd...

Re:Stop lying

[m3000]

OpenBSD has already been ported, maybe Linux isn't too far behind...

Re:modem

Pretty par for the course in console design. In a similar bit of efficiency the silicon on the PSX2 that includes the previous generation Playstation circuitry for backward compatibility is also the I/O processor supplying the USB, 1394, PCMCIA, etc. on the new machine. If you can get ahold of the MicroDesign Resources report by Keith Diefendorff on the chipset, read it. It's amazing stuff but it also makes it clear that Sony and Toshiba may have major problem delivering on schedule.

Re:Whoa(wince)

[captredballs]

Where do you get this version of twitch, I mean winCE? Could an average joe compile something for it? Does anybody know what this would entail? It would make a nice little generic network device: cheap, easily configured with the change of a cd...

what are ye sitting there for? crack it!

get out yer cracking tools and crack that baby! try the most ovbious ones first. and i doubt sega wil just give out the login and password...

Re:IE

[golemite]

apparently to reset the Dreamcast's internal memory, hit and hold X+B on your controller with the Worldnet disc inside (while booting up) until you get to the sign up page. on gamesages they say the controller has to be on port 'B'

Re:Need GD-ROM specifications please!

The GD-Rom is a hybrid sort of storage. The first part of the disc is normal, cd-readable, data. The rest of the part of the disc is a single layer data track that is just more tightly packed than a normal cd is.

Debugging

[Sludge]

I theorise no consperacies here. Although I acknowledge that games for console systems aren't developed on the consoles, bugs may arise at a later date.

I am willing to bet that the telnet entrance gives the user read-only access to registers, and maybe even snapshots of memory. Such tools could be useful to have memory snapshots show up in a web browser on the same PC as the development going on.

Unfortunately, I haven't followed the specs of the system, but I'll assume also, that Sega may exploit open ports with later addon products.

Re:Need GD-ROM specifications please!

[Sethb]

I know this is sort of off-topic, but are the new Office & Frontpage 2000 CD's 800MB? I ask for legitimate reasons, as we just buy the licenses needed for additional copies at work, but needed more physical disks for techs to run around with installing it, and I couldn't duplicate them.

DC username:password

[earlytime]

if you're concerned about sega having a basckdoor to your dreamcast, why don't you just intercept it's internet connection and see what gets sent on port 23? You can set up a ppp server on your linux box, and then have it get to the internet through there. Just use tcpdump, and you're golden. I suspect if sega had some kind of backdoor access to it, the auth would be based on serial #.
Since they probably never expect 99.999% of dc owners to try to access their DC via telnet, but they know crackers will do scans and find em eventually, they'd want to make sure that somebody getting one username:passward pair wouldn't then have access to every dreamcast box. So when you connect to their equivalent of battle.net, you tell them your ip, and your serial # and then they use the predetermined username:pass for your box to do whatever it is they wanted to do. Not too tricky. You may even get to see the "arcane" commands they've programmed into the thing.
-earl

Re:DC username:password

[jimmypop]

Would it not be elementary once you are telnetted in to perform a ROM dump? I could think of quite a few who would be very interested in using this to write a DC emulator and save themselves alot of time. Just my 2c,

Scan != crack

[QuantumG]

pfft.. read the damn docs that come with nmap.. people scan boxes all day, every day.. it is no more an attack or "invasion of privacy" than a neighbourhood watch.

Re:Scan != crack

[substrate]

I did read the 'damn docs' that came with nmap. Just because people are doing it all day doesn't mean that it is ethical. If it were a Microsoft product that were initiating the examination all Hell would break loose here. There's a big difference between a neighbourhood watch that looks for suspicious activity (did a beat up van circle the block a half dozen times at 2 am?) and somebody looking through my windows to see what colour my bedspread is.

Unless you're invited to scan me its an invasion of my privacy. It may not be a major invasion but thats up to the targets personal tolerance.

Re:Need GD-ROM specifications please!

[kriston]

Ahh.. that's probably the best explanation of GD-ROM I could find. I always wondered why manufacturers wasted the surface area as the laser tracks outward on the disc. The trick is to use a good variable-speed motor in combination with a more sensitive pickup laser to read the dense data that is now spinning exponentially faster than it is in the center (someone correct my math here and tell me how fast it really is going).

Kris

Kriston J. Rehberg
http://kriston.net/

Re:Is Ping a problem ?

[Money__]

I mean, all I need is to be on the final lap of a net race in SegaRacingGameX when the sore loser on the other side runs over to his computer and pings my connection to death

I don't see where ping is problem. All netwroked versions of quake (at least since since quakeworld/1996) have responded to ping. Have you been ping flooded playing quake? no? I thought not. It's an very efficient way to judge network latency, and generally pretty harmless.

NetBus???

[laptop006]

Why would a CE macine ie. the dreamcast have ports open for netbus??? there are just enought mistakes to prove this is a hoax:

1. How do you install the NetBus crack onto CE, let alone NetBuster?
2. How do you port scan a machine that only has a serial port (how did you find a connector & the pinout) or a modem that only connects to the numbers in the dreamcast's database (game servers)
3. A proper port scan actually tells you the machine's IP adress, & why are you so afraid of showing your dreamcast's IP if it's only a dreamcast not your PC.

Re:NetBus???

Actually, NetBus was ported to CE a long time ago... Once that DreamCast hits TCP/IP its open season if you can get the IP, easily done by sending an email... He probably doesn't wanna post his IP because after portscanning his dreamcast he feels its unsecure....

Re:NetBus???

[laptop006]

Sounds reasnoble, i'd never trust microsoft's security in the first place! As for netbus, I only get my kicks out of crashing other 95/98/NT machines at work, just to piss people off. And as most people still don't have ethernet adapters for their Nino's (or other CE machines) i didn't know about NetBus CE.

Re:modem

Yes, I agree that it's cool. I just went to Hitachi's website and read up on the SH-4 that the Dreamcast uses. Several interesting things stuck out: 360 MIPS 1.2 GFLOPS (Not 1.4 as Sega advertises, but still very impressive) 800 MB/Sec bus, not too shabby (especially for $199) Code compatible with the SH-3 Further down we find details on processor utilization from several tasks... v.90 software modem: %15! I see that it's a good thing the PVR2 allegedly does the modem controlling. That is a tremendous number. All in all very impressive.

Re:Telnetting into a game

's how they debug windows. rterm into the com port.

Re:using the dreamcast as a pc/hacking toy

[ghazban]

You have to compile programs for a specific architecture. eg. i386, PPC, m68k. Thus, you need a compiler that compiles specifically for the dreamcast.

Re:Ports open for system info/upgrading DreamBurn

you forget the games are distributed on ROM. READ ONLY.

Re:a little info for someone with no hardware

I am posting from my Dreamcast. All you need is name/password, phone number, and dns address.

Re:modem

[mattACK]

Okay, more info. I just read through some of Hitachi's SH4 programming manual (ouch) and it says that the Dreamcast can only sustain 900 MFLOPS. Interesting. Marketing didn't mention that.

Re:Whoa(wince)

[Foogle]

Um, they've already done a basic port of BSD (Net, I think) - why spend money on WinCE when you can use BSD for free. Besides: Do you really trust WinCE?

ya know what else?

Y'know what else is funny... its running netbus... -Trashman

Nope, it's Net/OpenBSD from NetBSD/SH3 port

http://www2.kame.net/~itojun/netbsd-sh3/

More Information Please! (Is this a Hoax?)

[Cycon]

I don't personally have access to a Dreamcast of my own to experiment on, but let's have a little more information, please! A have a few questions about this article...

1) Through what means was the portscan performed? Was the modem attached to some sort of ISP or what?

2) What about the other protocols running:
23 open tcp telnet
80 filtered tcp http
113 open tcp auth
179 open tcp bgp
12345 filtered tcp NetBus
12346 filtered tcp NetBus

Did anyone try to access the web server and see what was open (if not exactly what happened)? What about the two "NetBus" ports? Is there a version of NetBus for WinCE (or whatever Dreamcast runs) that I don't know about? If people are concerned about telnet insecurities, wouldn't NetBus be a larger risk?

3) Has anyone attempted to brute-force their way through telnet, or any known exploits for the other protocols to check against a faulty implementation?

I find this information very interesting, but honestly I'm not sure whether or not I believe it without further details!

Re:More Information Please! (Is this a Hoax?)

[flamingdog]

I doubt the ports 12345 and 12346 are for netbus, I beleive nmap just throws the name of the service that NORMALLY runs on that port and puts it on the list of open ports. I mean, what kind of moron would waste their time porting netbus over to whatever OS the dreamcast runs when they could just code their own in less time...
Not to mention it would be a copyright infringment on NetBus Inc. or whatever now....Unless Sega paid to use netbus, which again, would be retarded.

---------------------------
"I'm not gonna say anything inspirational, I'm just gonna fucking swear a lot"

Re:More Information Please! (Is this a Hoax?)

[Catatonic+Dismay]

Don't jump to conclusions here. The info given by nmap as to what the ports are, are just looked up in /etc/services or something of the sort. Just because theres 'something' on port 12345 does not mean at all that there is netbus running on it. especially since that port is >1024. Also, the person checking this out failed to realize that you can telnet to any port, including 80 and check out whats on it. Telnet to each port and type things like 'help' or just jibberish to see what comes out of it. I would but I don't have a dc.

--

Re:More Information Please! (Is this a Hoax?)

One thing that confused the hell out of me when I 1st started using nmap was all the weird ports (>1024) that would appear and suddenly disappear when I portscanned my own computer. 12345 might be the start of user created connections and it might increment from there. It might be 12347 the next time it was scanned.

Re:More Information Please! (Is this a Hoax?)

From www.titan.co.nz/ferita/page77.html:

Services running on 12345 and 6 are:

12345 TCP GabanBus, NetBus, Pie Bill Gates, X-bill
12346 TCP GabanBus, NetBus, X-bill

Re:More Information Please! (Is this a Hoax?)

i've noticed that alot of ISPs filter ports 12345 and 12346, this is just a quick (and inefficent) way to block netbus. I think all of the @home network does (or maybe its just my local provider)

Re:More Information Please! (Is this a Hoax?)

[Glint]

I don't know, it seems to me that Sega wouldn't be one to pre-install a Trojan into their latest console. 12345 and 12346 are probably just ports they picked out of a hat.

Now if they picked 31337 that would be interesting :)

Mozilla??

[linuxci]

How difficult would it be to port Mozilla to the dreamcast? It would be useful I think for these users to have a standards compliant web browser that works similar to those on a PC. If the porting of Mozilla was done through WinCE we'd have to pay license fees wouldn't we? What about the other options? Do you have to pay fees to Sega for distributing dreamcast software? Would Sega be interested in helping the Mozilla project to get a decent web browser on their platform?
--

Re:Java irc clinents?

[DAVEO]

daveo is big on java, a java port to dreamcast would be very interesting, or maybe an existing (bsd?) version could be put on cd and used? daveo has not yet seen the dreamcast, is there a way to save data to disk, a memory card or such? this would be useful. if telnet is possible (or could be created on a cd for bsd to open the telnet port) it would be worth the $200 just as a hacking tool... hours of fun on end! now how would the apis be received from sega, inc?

Convergence

[Shaheen]

I would suspect Sega enabled this feature as a way to debug the Dreamcast - I would also suspect most other console manufacturers do the same, only with proprietary hardware interfaces.

But what really interests me in how well the Dreamcast pulls off this 'convergence' thing that big companies like Microsoft, Sun, and others have been harping about. I mean, last year, these two companies were saying "We're gonna make it easy for everyone to access and use the Internet! Just watch!"

Here we are a year later and out of nowhere comes Sega with this console that not only plays some really great games, but also connects to the Internet and enables you to browse the web. But what's so special about that - I can hook up my computer's G400 to a TV display, too. The really cool thing is the power of the Dreamcast is hidden from the user.

Many of us here complaints that computers are too hard to use - there's no simple way to operate a computer like a television (push a button, and you're there). (We all know we hate these comments, but almost have to admit it.) The good thing about Dreamcast is that any John Q. Gamer (even their parents) can use this thing - they don't have to be computer literate! On the other hand, there's enough power in the device that real computer hackers like us can go to the length of making interfaces to the device (provided there are external ports and such) to harness that power - and the fact of the matter is, we will if given the chance.

- Shaheen

Re:Convergence

I read on one of the sega sites (forgot the url; sorry, I surf so many sega web sites.) that there are already a couple of mod chips on the way for the DC. Most seem to plug into the port used for the vmu (sega's memory card that doubles as a portable machine to play minigames (all for the same price as a Sony memory card no less!)) I bet we will be playing Japanese games on a US DC (and vice versa) by the end of the month.

Re:Convergence

[emj]

They have succeded in that, but their machine is completly useless as an Internet Browser (mail, web, other). This is because of the resolution on a TV it's way to low.

I know what I'm talking about, I've seen it in action and I've used a Amiga+TV to browse with when my monitor broke. I soon grew made and jumped of a cliff... :-) It's impossible to use..

/emj

Re:Convergence

[kriston]

Not really, it's very sharp and clear. The fonts are easy to read. If you still can't see, you can hit a button on the controller to bring up a two-mode magnifying glass.

Kris

Kriston J. Rehberg
http://kriston.net/

Boot Linux?

[GhettoFantastic]

If Dreamcast lets the disc boot an OS, would it be possible to hack the interface and burn a CD to boot Linux?

Sega's distributed super computer

[QuantumG]

Yes, that's it.. Sega has installed a backdoor on every dreamcast and is convincing users to connect up to the internet often. That way Sega gets a distributed super computer that you, the user, are paying for. With this super computer they will take over the world.

Undocumented Products

Had a good laugh - hack game consoles - furbies, and worried about remote flash, to invented a perverse cd format, and convincing manuf. to break their drivers, and shipping firmware to stop absolute reads/writes. Without the right tools... I reckon when you buy a product - you have the right to know everything about it, and make it work any way you see fit. I dont even mind 'undocumented', but i think its real shitty when 'regression occurs', and you knowingly mass produce products with deliberate restrictions. An 'upgrade' ,later model, whatever should enhance. Like certain video cards, I will now be researching my prospective CD burner . Hey - I can see a niche business - aftermarket bios chips - but i'll be dammed - what next - feral furbies. May the IT pioneers continue blowing the whistle.

Re:GD-ROMs are easy to copy...

OK, get a drive that better tracking/accuracy, and just maybe a new compression format. You are still left with binary pits. A DVD burner should be better and more mechanically accurate ... All it requires is the right drive and software, to make a dead binary copy. Until now, I assumed the drive makers would supply this basic want, though i now see I am mistaken. The same technique used on floppys, can be applied to CD's - at the cost of reliability. So to one of those Asian factories laying off 1000's of staff because their product was not a mega hit - I say - here is an opportunity on a plate - first one wins

Re:Port 80 redirects

It seems common for all the "free" ISPs here in the UK to redirect port 80 through their proxy caches. It can be a real PIA when they are heavily loaded.

But his point is valid...

Call it whatever you want (DHCP or dynamic IP assignment - whatever), his point is well taken. The dial-up user gets a different IP every time therefore the log entry in that webserver's log is meaningless. Jeez!

Re:Port 80 redirects

[parkrrrr]

Okay, this is way OT, but it might be useful to those who are sick of being redirected to a cache server against their will, particularly since Slashdot doesn't always seem to respond nicely to such things. Just download and install Internet Junkbuster and add the following two lines to the config file:

add-header Cache-Control: max-age=0
add-header Pragma: no-cache

You'll still be redirected through the cache server; there's nothing you can do about that. But the cache server will never try to fill your requests, so you'll always get fresh data. Our ISP tried a cache server too; as far as I know they're still using it, but we finally got our range of IPs excluded. While they were still caching us, though, this approach worked.

remove the modem

[gsfprez]

and then no one can hack your Dreamcast.

Besides, where else will you plug in the hardware hack to allow you to play Jap games on the US system (and vise versa)

Re:A new name, a new light?

[ranelen]

Actually I have seen the term, SoftModem being used by modem manufacterers. *I guess they don't like windows either* ;)

Re:using the dreamcast as a pc/hacking toy

[Levendis47]

The way the GD-ROM discs work is like this:

There's a boot sector on the disc that boots either the bare-bones boost strap OS that Sega developed and then runs your application ontop of that. The data sector contains the compiled application and all data for the game.

OR

The boot sector contains the CUSTOM Windows CE for Dreamcast which loads, boots, inits the system and then launches the game application.

The WinCE method is nice because it offers developers the ability to develop games in DirectX 6.0 for CE and crosscompile them for the DC. The real hacking problem is getting a GD-ROM burner.

Anyone feel like ponying up the $20k for a developers license so we can start hacking the system and serial port?

Re:AOL on Dreamcast

[pen]

Actually, it's AOL 2.5 and up.

---

Emulators . . . hmmm

[Tanman]

Assuming someone is able to break into the system through telnet and gain access to the hard-coded files, how much more work would it take to make a dreamcast emulator? After all, with the new nvidia chip coming out, a PC could very possibly handle dreamcast games . . . Just a thought.

Re:Emulators . . . hmmm

[TheKodiak]

Not anytime soon - by using a proprietary (GD-ROM) disk format, Sega has created a chicken/egg problem - nobody's CD-ROM drives read the disks, so who's going to write the software - but who's going to build hardware to read the disks, when there's no software?

Re:Emulators . . . hmmm

[linuxonceleron]

Is it really a separate disc, or a CD-ROM with less error correction(similar to a vcd/audio cd)? From what I read, it IS just a regular yamaha cd-rom in them. Also, would it be possible to run say an mp3 player written for the sh4 off a cd-r, Imagine 649mb of mp3s and a little player app and the DC could be the home mp3 player we all want, plus it's closer to the stereo than a pc. You probably would need to chip it(is it possible) to get it to read cdr tho.

Re:Emulators . . . hmmm

[}{avoc]

Well.. i didn't follow/understand all of that... but i noticed the suggestion of an MP3 Player for the dreamcast... great idea.. but it's already been done.. well.. kinda... check out http://www.mp3psx.com - the mp3 player for playstation. -}{avoc

ah, we now have the answer

the reason these ports are open, is because he didn't port scan his dreamcast.

he states he got his IP from a web page.
I'll bet anything that he is behind some kind of NAT/MASQ that will not let that web page see where he is coming from.

I have used NATs and MASQs before, and this is EXACTLY what happens. (I even ran one on my ISP before, and all users going to any web site, told the web site they were from my NAT.)

You will need to use some other method to get your ip address.

I suggest following others instructions, and dialing into your own unix box.

-CR0

Re:IE

[pen]

Yes... their IRC client only allows you to join one channel at a time (AOL? heh) and the DC doesn't come with a keyboard by default. I remember doing something like this when my mom took my keyboard away and I used charmap to type. :)

---

(Re:Moron) Silly Rabbit

[Ex+Machina]

Ping flooding is not a "nuke" tiem dos attack. It simply saturates the connection of the box. Any OS getting enough packets from a ping flood to saturate their link will suffer lag and possibly be unreachable.
xm@GeekMafia.dynip.com [http://GeekMafia.dynip.com/]

Port 80 redirects

[belphegore]

What ISP are you dialing up through that you saw port 80 open? I've noticed that disturbingly Netcom/Mindspring has started diverting all traffic aimed at port 80 through a proxy server of theirs. I suppose nominally this is to improve caching and make my web browsing faster or something, but you can bet they're tracking everywhere I browse.
A side effect of this is that nmap will *always* show an open port 80, because when nmap sends packets aimed at port 80, they wind up going to Netcom's proxy server and not the intended host. Also means that if nmap is doing its fingerprint testing against that port 80, it will get the fingerprint of the proxy, not of the actual host.
If the machine you're portscanning from is going through a Netcom dialup, you're probably just seeing the port 80 on their proxy, and not on the dreamcast. The fact that 12345 and 12346 are also both showing up is also indicative that a router somewhere between your scanner and the dreamcast is doing some filtering/proxying/monitoring. Unless it's just coincidence, I can't imagine why Sega would open those ports.

Re:Port 80 redirects

[Black+Rose]

That only happens on the San Jose, CA Netcom PoP.

Much to chagrin of both MindSpring/Netcom and the users dialing into that PoP, the company that runs it (not mspg/netcom, they lease the number) is experimenting with a cache server, rather like AOHell.

So yes, it might have happened there, but it certainly doesn't apply to the South Carolina pop I dial into. =)

passwd

[cyphunk]

Is there a cracker our there for port 23 which can interact with the Telnet protocol to try to brute force the password/username combo?

if so... let's start cracking :)

Re:If its got a protocol stack well then...

[Dhark+Fibre]

Dreamcast USA version has a 56k modem inside and supposedly you will be able to purchase a 10 mbs ethernet card later before X-mas to play with all you friends ( it'd be neat if you could play Q2 at a LAN party with it ). To accomplish this it has to have an IP protocol stack. The parameters and source code for the current stack are actually free ( or sorta free ) if you download the Development Suite for WinCE from Microsoft's web site. Hey at least its cheaper to develop for the dreamcast than any Sony playstation machine.

Re:"Filtered" in nmap

[Maquis.]

We block port 80, and make users use our proxy server running on 3128.

How about trying a sniffer next..

[inburito]

..when connecting that thing to the net? Maybe it contacts some wierd addresses too. And then the men in black suits monitoring these broadcasts can telnet back to your console and check if you have any pirated software etc.. or maybe download the history file(or cache index) from your web browser.. or maybe take over your irc sessions.. or maybe i'm just a little too paranoid. - Juha

Slashdot. News for nerds. Hoaxes that don't matter

[Money__]

"Slashdot. News for nerds. Hoaxes that don't matter." This is the second time this week that everyone's gotten all worked up about a hack that was just to good to be true (myself included) . We can all do better. I don't want "Hoaxes that don't matter" to be the motto.

Calculator web servers and more

[Drakino]

I had a complete BBS on my HP48. You could login via IR or a modem via the serial port, and read mail and such. I was even working on a DOORS interface for it to work with my 2 player battleship game I made.

-----

OS is only on the disc.

[mrbiggs]

Very interesting. I do have (and use) the WinCe SDK, reading through the CE Builder SDK info the DreamCast is referenced a few times. The hardware OS is boot from GDRom only, all directX D3D, internet, etc.. is all disc specific. While possible it could be a back door, from a developer viewpoint its probably unlikly to be anything interesting.. as well as vendor and developer specific.

Re:Dreamcast and mp3?

[m3000]

Do you mean if you burned them on a CD? I think so, since you can play regular CD's on it.

Cable modem / ADSL

[HyperX]

Hmm Sega was talking months ago about the possibilty of hooking your dreamcast up to a Cable modem or ADSL modem. Mabey thats why it's there.

No No No

Believe it or not there is no backdoor into the Dreamcast. This is just a feature that was not disabled when the development version was revamped for gold.

The future of Pets

[jtgold]

Top 5 reasons to telnet into your Sony AIBO:

5) Play virtual frisbee with your pet: it's just like the real thing but without the exercise!

4) Configure the house training subsystem to avoid oil on the carpet!

3) Fix that problem in the "fetch" routine!

2) You can't teach an old dog new tricks, but you can download rollover-1.1.2.tar.gz!

1) Improve security to keep those pesky mechanical cats away!

Re:A Little more info

[substrate]

Jeos, as others have indicated you may have actually been probing your providers set up. There's not enough information to determine whether that is so or not. In that case be very careful about brute forcing it, if it is actually your provider that you're looking at they may become somewhat miffed.

If you're running a linux box it should be possible to set it up as a mini provider. You'd probably have to set up a DHCP server, PPP and telephony obviously. Your provider would then be taken out of the loop and the IP address of the dreamcast box would be easily detectable. If nmap or whatever still detected open ports you could be pretty sure that it was the real deal.

I think this is pretty interesting, I may run out and buy one just to check.

Is this bad or is it just me?

[mplex]

I mean, it wanted a username/passwd and the os is in rom (I assume). So, if the l/p is the same for all dreamcasts and you can get in and do things, who knows what, to them, then this can't be a good thing. If the passwd gets out, kinda like the cisco problem where there was a second default passwd, then all people using dreamcast can be "hacked". Maybe it's just me, I don't know, but I know I don't like the idea of someone being able to telnet in...

Re:Is this bad or is it just me?

[fReNeTiK]

Sure, but as you said, the OS is on ROM, so after a reboot everything should be back to normal...
Annoying but not fatal.
--

Telnetting into a game

[jfunk]

I can see where telnet would be useful for a game.

Debugging.

A programmer could telnet into the machine and look at or change variables, do step execution, etc.

Anyone who has done any embedded development can see the logic in this. Game consoles are, in fact, embedded applications. I used to work with ZWorld controllers that allowed me to monitor the execution of the software through the serial port. It was a godsend. IIRC, Sony's AIBO was debugged by telnetting into it.

Re:Telnetting into a game

[osmanb]

Very true. My previous employment was doing embedded development on Fibre Channel RAID arrays. We also had serial access to do debugging. Without it, you're just staring at a big box with a bunch of blinking lights.

Just scanned a Dreamcast

[sTp81]

I checked the http server log for my site (dricasworld.com - complete coverage of the Dreamcast's online capabilities) and got a hostname of a Dreamcast user. Scanned it for open ports and none of those mentioned in the article were open. The guy either blundered and scanned the wrong IP or is full of it.

Re:Just scanned a Dreamcast

[jcroft]

But, the person you scanned could very well have been running another game CD that does not use the same OS as the original poster...

Jeff

Re:Just scanned a Dreamcast

[sTp81]

The only game that has a browser built-in right now is Sonic Adventure. The HTTP_USER_AGENT for the Dreamcast is "Mozilla/3.0 (compatible; Planetweb/1.123 JS SSL US Gold; Dreamcast US)", while for Sonic it is "Mozilla/3.0 (SonicKey)". The hostname I scanned was using the Planetweb browser and not the Sonic browser. The fact is that the guy who emailed /. didn't get accurate results. As much as everyone would like to believe it, those ports aren't open.

Re:Just scanned a Dreamcast

[avdp]

Ever heard of DHCP? Pretty much all dial-up ISPs use it. The IP in your log could have been (and probably was) reassigned to another user that does not have dreamcast. Not to mantion, like some other people suggested - a lot of ISP have firewalls that won't accept incomind requests like that.

As several people have pointed out now, your experiment means aboslutely nothing. sorry!!

Re:Just scanned a Dreamcast

[substrate]

Nice respect for peoples privacy there, port mapping a visitor to your web site. I'll make sure to religiously not visit it.

In any case you don't have anywhere near enough information to make a judgement on whether Jeos' 'blundered' or was 'full of it'. If the Dreamcast user on your site was connecting to you through any sort of device that does network address translation (i.e. a firewall or cablemodem sharing device such as a UMAX UGate-Plus) or the provider they were connecting through did any filtering on incoming requests then they would fail. You don't even know if the user got bored, turned off their Dreamcast and turned on their PC.

Cool Idea: Dreamcast MP3 box

[darb]

For $200 using a dreamcast as an MP3 player would be a convient and reletively cheap solution.

As I understand it dreamcast can run other OS's like WinCE off a bootable CD. So it is likely that a linux port to dreamcast hardware could run as well.

So here is the idea include a minimalist linux dist. on a dreamcast boot cdrom along with a collection of MP3s as well as an MP3 decoder (mpg123).

Yet another idea is to use a cd with WinCE, a MP3 decoder and a collection of MP3s. Licensing issues would probably make this illegal.

A third idea (and likely the simplest) would be to port an MP3 decoder (again mpg123) to the built in dreamcast operating system. Then have a burned CD that contained an MP3 collection an MP3 decoder and possible an interface (so you could select songs from your controler)

Not a bad idea, at least one these ideas is possible. I have no doubt that someone will eventually port linux to dreamcast. Using WinCE is likely simple but as I said before including the code on your burned cd is probably illegal. Porting a MP3 decoder directly to the dreamcast operating system is probably the best solution.

Tell me what you think.

Re:GD-ROMs are easy to copy...

these Sega produced machines that you speak of use yahama CDRs with software designed by cequadrat.

Re:Any chance for an RC5 client?

[sweet+reason]

better yet, SEGA@home. a lot of the games involve searching for aliens, after all!

hack it.

view the rom with a hex editing type thing..it shouldnt be that hard to dump the rom since the wince dev. kit is free...dump rom onto floppy..scan for username/passwd, enjoy.

A backdoor for Sega?

[The+Fleck]

Well, I first of all don't think that Sega would be stupid enough to insert such an obvous backdoor, I am sure that they must have had expectations that SOMEONE would evetually check to see what was behind the internet connection of the dreamcast.
On the other hand, if it IS a backdoor, that is some scary stuff, but maybe it is just to get consumer information like which games are most popular, etc? If it is, good move, right?

Re:A backdoor for Sega?

[NapalmCheese]

I just kinda figured that if you could telnet into a dreamcast, then wouldn't it make sense to debug, and monitor performance etc. through telnet? It seems like it would be a really convinient way to debug a faulty machine that some person brings back to the store. You know, you buy a dreamcast, you play with it, it doesn't work the way it should you take it back to the store. Then the tech guy for the dreamcast, telnets to it, and monitors what is happening, where the glitches are and that sort of thing. I figure it is just there for troubleshoot faulty equipment.

Of course, who knows, maybe the dreamcast has a really tiny camera in it, and is sending out an image of te inside of your home every few seconds to some government agency :)

Re:A backdoor for Sega?

[Hershmire]

Great. Now I have to put a blanket on top of my dreamcast.

Re:The real message

[great+om]

can the j-spec and euro dreamcasts play american discs?

Re:cluelessness :P

Hmmm.. once again, slashdaughters get their panties in a wad over a hoax. Who is the bigger idiot? The poor slob answering the phones for little $$, or moron that calls to harrass the phone rep about a feature that doesn't exist?

disc has a lot to do with it probably

[Catatonic+Dismay]

I think a lot of people aren't realizing that the game that's being played could have a lot to do with it. Other comments have said that they've scanned dc's for ports and haven't found anything. If there are in fact ports open at all, it is probably the doing of the game. Besides, what kind operating systems open ports themselves, that's a user space operation .. well not with windows broken mentality anyway.

Re:disc has a lot to do with it probably

[Catatonic+Dismay]

This also reminds that.. to get the password you'r probably have to contact the game maker and not sega.. well sega might have it too. Anyhow this all presumes that the underlying OS has nothing to do with these ports.

Bullshit

Nobody answering the phones at Sega is going to even know what a port is. If you're going to lie, at least do a better job, kid.

�ISP?

[hajmola]

just out of curiousity, has sega limited what ISP dreamcast users are permitted to connect to? is there a default provider?

pity my ignorance...

-raj jr

Re:�ISP?

[jmauro]

Any ISP that accepts PPP connections. So all of them except the big one AOL. Maybe DC, PSX2, and the Dolphin will finally get AOL to offer PPP service.

Re:�ISP?

what does aol run?

Re:�ISP?

[soren.harward]

A messy proprietary protocol -- that's why there's a special "AOL Adapter" device under Windows.

Re:�ISP?

Their "recommended" ISP is AT&T Worldnet.

using the dreamcast as a pc/hacking toy

[DAVEO]

daveo does not often play games, but is still thinking of purchasing a dreamcast. there are just a few questions that would make the decision:

• has anyone been able to verify that the dreamcast does accept telnets, during any specific game, web browser, or otherwise?
• how complicated would it be to write simple programs for the dreamcast? could this be done in c or c++ for a win ce or *bsd api?
• if one were to write a program for the dreamcast, could it be put on any normal cd-rw and used immediately, or would any special modifications be needed.

any additionaly information or answers to these questions would be of great appreciation, thank you

That's a router

[mindstrm]

It looks more like the response to your scans is coming from something other than the dreamcast. Perhaps the ISP is filtering or something.

(Personally, i think it should be put online and everyone should try to hack it. Then, if it *IS* the ISP filtering traffic.. we catch them in the act when they complain)

Re:Slashdot. News for nerds. Hoaxes that don't mat

[Cecil]

It bothers me slightly to see messages like this... While I do sympathize with your feelings, Rob and the other newsdudes are doing the best they can to publish important, meaningful, and kewl news.

I for one would much rather see one or two hoaxes now and then than I would like to see (or rather NOT see) all the cutting-edge stories they refrain from posting because they might be a hoax.

You admit that you got swept away in the excitement yourself, why isn't it okay for (Hemos, in this case) to be swept away too? It certainly wasn't like it was a glaring hoax. My first thought was that it would a totally cool feature!

In any case, I don't think its fair to attack slashdot for posting hoaxes. Like I said, its much better to post questionable material and let the user decide for him or herself whether it is true, than it is to blatantly censor things. In being liberal in their posting, Slashdot is passing the ability to decide to US, rather than deciding what is useful or stupid for us.

Which brings up another thought for me, but I will discuss it in a thread of its own.

umm

[miahrogers]

hey can we put rc5 on a dreamcast? I mean it has a nice fast processor. and it's 128bit so cracking 64bit code should be childs play, right?
char *stupidsig = "this is my dumb sig";

user/password

Hmm. It's running windows.... Try user: admin, no password ;-P

web on tv

[strick]

I have DSL at home and the first person to put a web browser on my TV that has an ethernet port will get my check for up to $500. I really don't care if it is Sega, Nintendo, Sony, or WebTV (they seem likely to be first).

Boy... they weren't helpful...

[ElDaveo]

I called Sega a few muinets ago and asked for the U/P. Once I explained the Telnet thing, the customer service rep became *very* aggrivated, and said that Sega has left a lot of ports open, and the reason "will be announced at a later date". Right.

Re:Boy... they weren't helpful...

Hum... scary.

Re:GD-ROMs are easy to copy...

Can you please tell us where did you get such information? Cause I read from various sources such as cdmediaworld.com that GD-ROM's are definitely not possible to copy using a regular CD-Writers...unless there is something else that we don't know about...is there a link to more information about copying GD-ROM's?

Backdoor and converting the DC to a "PC"

[Tom61]

First of all if the telnet thing is real, its probably an easter egg not back door. I'd try "Joshua" as the username and see if it brings up War-Games. If Sega/the developer of the game wanted info about you it would send proprietary "game statics" through the net to some address. Secondly, people are asking about converting a DC into a "PC", the Saturn could take a normal PC keyboard with an adapter, I would think there would be a simlar thing for the DC. Since the GD-ROM use red laser tech to burn their disc, it should be posible for most CD-R drives to burn a GD, though it may take low-level control of the burning laser.

The Dreamcast can run BSD? Where..MIP

[FallLine]

I'd love to get my Dreamcast running BSD or Linux...and get online with it. Please give me a url, or something. :)

Sick of idiots on slashdot

[AntiBasic]

Did anyone try to access the web server and see what was open (if not exactly what happened)? What about the two "NetBus" ports? Is there a version of NetBus for WinCE (or whatever Dreamcast runs) that I don't know about? If people are concerned about telnet insecurities, wouldn't NetBus be a larger risk? 3) Has anyone attempted to brute-force their way through telnet, or any known exploits for the other protocols to check against a faulty implementation? OMG! I can't believe anyone would say anything that stupid! You obviously don't know your bum from an ostrich.

hrm.

[prodeje]

How are you sure that the user in question didn't log off before you had time to scan them?

...

Re:hrm.

[sTp81]

I pinged the hostname and got a response.

Re:hrm.

[soren.harward]

That still doesn't mean anything. Dynamic IP's get re-assigned, so it could well have been someone else's system you portscanned.

Re:GD-ROMs are easy to copy...

[thing12]

Here you go... most everything you'd want to know about copying a GD-ROM. GD-ROMS are physically no different than a CD-ROM, just the low-level formatting of the disc. So all you should need is the right software.

http://www.johny.sk/cdrinfo/reviews/dreamcast/inde x.html

Dreamcast HACK FAKE!

[Sonikku]

Me and a couple guys on IRC spent a while trying to telnet my DC. the only open port was 113, the ident port. needless to say we could do nothing there. We tried several port scanners and everything we could think of. So sounds like a load of BS.

Re:NetBSD

[NovaX]

NetBSD has far better support for Sparc I'm sure, its by far an older project. FreeBSD has in the last year been working on Sparc/Alpha varients of the OS. This is definately a good thing. It shouldn't be the goal of FreeBSD, NetBSD is far better. But, FreeBSD's goal is for a great server OS, which it is. PowerPC, Sparc, Alpha, and perhaps later IA-64 are all good platforms for servers. FreeBSD supporting this allows it not to be so restricted.

Everyone has missed the big question

[AMSmith42]

Let me get this straight; you have a new Dreamcast AND you were bored? That doesn't make the Dreamcast sound too enticing :)

GD-ROMs are easy to copy...

[vivarium]

The Yamaha 4416S will write "GD-ROMs" no problem... All you need is the software! :-) I know the 4416S, 6416S and above will do it, I'm not sure about the IDE drives though. Non-Yamaha drives will not write GD-ROM. I'm expecting GD-ROM support in software like CDRWIN this fall... Viv.

I seriously dout ...

[LWolenczak]

I seriously dout this thing was scanned over a modem connection, morelikely ethernet, it says scanned in 33 seconds, I have only been able to do that at home, on ethernet, ofcorse, i dont have a dreamcast yet :(

Even if you were right...

And I think you are mistaken as to the ease that GD-ROMs can be burnt. It would be of no use unless it was a bit for bit mirror copy of a working game. Otherwise you'd need a Sega boot CD to get it going.

Re: Telnet heavily used for binary transfer

[emj]

Well all you need is a uudecode, and you'll be able to send it binary data. It won't be the fastest way of transfering files but it's used alot when there are no other way to do it. Eg when you don't really have the access/time to ftp it.

/emj

Stop lying

[Serfer]

Sega would have no comment on it because the OS resides on the disc. So whatever game was running while he scanned would have those ports open. So it's entirely open to the developer as to what is being used.

Re:IE

[m3000]

First off, AOL doesn't work with the DC. I forgot why, but it doesn't. Also, no, it doesn't use IE. It uses Planetweb's browser, more info here.

modem

[armour]

I recall some ad saying the modem was an external one and not included with the machine.

Since the dreamcast runs winCE i wonder if the modem is a winmodem ;)

Re:modem

[kriston]

It's not external, it's modular. There is a tab on the bottom of the DC that lets you remove the 56k modem and replace it with something better. I'm personally excited about a rumored ethernet card so I can use it on the cable modem.

Kris

Kriston J. Rehberg
http://kriston.net/

a little info for someone with no hardware

What type of setup is required to setup ppp with dreamcast to a normal dialup account

AOL on Dreamcast

[Kenshin]

AOL is it's current form doesn't work with the Dreamcast, but they could easily port it over using WinCE. Also, AOL can work over TCP/IP (that's how we used it at work to test websites under it), so it could be enabled to use the Dreamcast's native internet support. You're not required to dial into Sega's net service, you can choose your own ISP.

Don't underestimate AOL, we all hate them, but they're the biggest "ISP". There's already 300,000 Dreamcasts operating in the US and Canada, and that's one large and easy market for them to go after. Pop in the disc, and turn it on. Jacob Rens Daily Videogame News and Info: http://www.the-nextlevel.com

queso results?

Have you tried to run queso against the box?

IE

[Kenshin]

I think the Dreamcast Browser is some form of IE, but I could be wrong.

You can bet anything AOL's gonna start distributing "50 Free Hours!" AOL Dreamcast GD-ROMs in every gaming magazine soon...

Re:IE

[kriston]

The web browser in DC is nothing like Pocket MSIE. It's something called Planetweb, and it's nothing to be excited about. Still, it's better than WebTV. It also has built-in email and IRC, if you can believe that.

My browser disc didn't work so I returned the whole thing for a new one... everything works now except I cancelled the internet registration half-way through and now it thinks I'm registered. I can't figure out how to get back to registration so I guess I'll have to sign up on the PC to get my login information that way and manually enter it. It's not exactly ready for prime-time.

Kris

Kriston J. Rehberg
http://kriston.net/

feelings

[darklink]

for some odd reason i feel funny with any console. i was looking at dream cast just cause i like sega. well as best i can remeber if it is running ce there are a few exploits going on , and i am not to sure of how this works soit might be just a glitch for now maybe it will update its self in the future.say sega put code in where when connected it checks for patchs and what not for new games , inform code to save to a card.i think that would be nice , bt i think there is going to be some exploits on this one very soon. i realy dont want tot think that sega is plaining backdoors, and if i get a dream cast i am going to wait for the linux disc. but i could use a low cost monoter for a home network. its going to get intersting , but your going to have to pry my computer out of my cold dead arms . i have always liked computers more then console gaming platforms. so i might pick one up but i will keep the manila coffin.

bo2k for Dreamcast!!!

I havent seen the dreamcast myself yet but supposedly cant you talk to that fish guy in that game seaman with some sort of microphone? would it be possible to login to a dreamcast system via telnet and somehow tap into that microphone to spy?

"It's Thinking"

[Kenshin]

This open port business could have something to do with Sega's marketing of the machine.

Their ads jokingly say that it knows everything about you, but maybe it's logged into some vast database Sega has assembled with everything about you.

Hmm... trading info back and forth between the machine and the server while you play. Major conspiricy theory stuff here ;-)

- Jacob Rens
Daily Videogame News and Info: http://www.the-nextlevel.com

Any chance for an RC5 client?

[Rinikusu]

A bit off topic, but is there going to be an RC5 client for this sucker?

;)

NetBSD

[NovaX]

I think that was NetBSD, not FreeBSD. Free's the one that goes for servers on x86 (and somewhat on a Alpha/Sparc). NetBSD is the extremely portable BSD varient.

Re:NetBSD

[bifrost]

Actually it was OpenBSD.
http://www.softrare.com/openbsd-sh4/

How it really went...

[cot]

DaveO:Hi, I just nmapped my DC and saw several open ports! I could even telnet into it and get a login prompt! What are you trying to pull?

Sega:Ummm, sorry sir, I don't know about any maps or netting.... The extra ports on your computer are for possible expansion in the future, to allow for new featu-

DaveO:What are you talking about?!? This is an invasion of my and every American's privacy! You people make me sick!

Sega:I'm sorry you feel this way. Honestly, there have been additional connectors on SEGAs console systems for years, allowing for future upgradability, such as more controllers, external storage, etc. I don't really see how this affects your privacy. You could always return the system if you can't live with this.

DaveO:This is ridiculous, I can't believe you thing you are going to get away with this you ^##%@#%$@

-click-


cot.

Re:How it really went...

[Fazed]

LOL

"Filtered" in nmap

[ZeroTolerance]

23 open tcp telnet
80 filtered tcp http
113 open tcp auth
179 open tcp bgp
12345 filtered tcp NetBus
12346 filtered tcp NetBus

The 'filtered' in the above means that those ports are actually intercepted somewhere in between ... this DOESN'T mean that the device is actually listening on those ports ... for ports 12345 and 12346 I can understand this ... most ISP's totally block access to ports 12345, 12346 and 31337 nowadays (oh how difficult it is to change the IP of BO/NetBus .. but it protects your system from the average script kiddie, I guess) .. I don't know why port 80 would be blocked though .. makes no sense to me .. but from the above list, it's absolutely logical that you didn't get a connection with your web-browser
--

The real message

[Nelson]

So you've got a dreamcast and you're already bored with it?

Ports open for system info/upgrading

Perhaps the ports are open for upgrade reasons. Consider the following scenario: Sega realizes there has been a small bug. They decide to release an upgrade for the operating system. They send registered users a letter telling them to go to a web site or whatever. The user goes, and from there, an applet connects to their dreamcast (from the server side), gets the system information from a telnet session by "logging in" and then the dreamcast spits back OS version info, firmware revision, etc, and then the applet uploads the correct operating system revision to the dreamcast. Is this possible?

Re:Ports open for system info/upgrading

why use telnet for that ? the telnetd offers no real advantages to a simple client side non telnet port.

Wow! Dreamcast as an affordable router!

[ethomson]

According to this portscan, the dreamcast supports BGP! For those of you who aren't familar with BGP, it's a policy-based routing protocol used (for instance) at the NAPs.

So does this mean that Sega is going to start selling routing cards for the dreamcast? It's good to see that someone's finally working on an internet device that isn't just a client, but an affordable router! It's high-time I got rid of that crappy Cisco we have over here and replaced it with a fine piece of networking machinery, like a Sega. I'm so happy to see a router that's not just cheap - but you can also play games on!!!

Seriously, though, it does indeed appear that your ISP is doing something silly redirecting ports. This is particularly probably since nobody else can recreate this test. Either that or Sega chose a really bad port number to bind on.

X for Dreamcast ! -sounds crazy, but wonder...

[Thomas+Miconi]

(From the help-me-get-my-feet-back-on-the-ground dept...)


Ok, what do we have here ? We have a machine that allows data input (the CD drive and the telnet port), remote access and data output (outgoing ports).

So far, we do not know how the stuff inside works. For example, we do not have any Dreamcast emulator. But this may happen soon.

IF we manage to understand the inner protocols of the system (after all, it has been done for the playstation, it is probably feasible for a WinCE machine, isn't it ?), then we might produce slightly modified CDs to have the console do rather cool things :

Remote Dreamcast playing on your computer. Setting some mechanism to redirect display directives through the outgoing port, and accept commands from incoming. Ever tried a 20-players Destruction Derby over the internet ?...

This might work the other way round : by telnetting into the console and interfering with its display output, we might modify the look of the games at will - imagine : themes for your Dreamcast !

X servers for Dreamcast. Yeah. Now this may have implications that I cannot even imagine - or it may just be plain bullshit as well. I don't know. I don't even want to know. The very concept in itself (come on, X on a console !) is enough to make me wonder.


Thomas Miconi
Karma Police - enforcing peace of mind by all possible means

I'm willing to help test

[biafra]

If there are any Canadians that wish to test this out I can help. I work for an ISP which has POP's in Calgary, Edmonton, Toronto, Winnipeg, and Vancouver. I can set you up with a test l/p, and we can see what games open what ports.

what was he running?

hmmm, netbus ports were openned? i wonder what he was running, maybe the developer who made whatever he was running, was infected with netbus and when the game activated netbus activated? interesting...

Comment removed

[account_deleted]

Comment removed based on user account deletion

A Little more info

[Jeos]

Ok heres a little more info on the Dreamcast, I was the one who posted.

I was running the web browser CD on the Dreamcast and I was dialed to my ISP, my university. I ran the port scan from my computer. I obtained the IP of the Dreamcast from a website which gives you your IP. It's possible this is wrong, but this is the only way I can think of to get my IP. As far as I know there is no direct way to get the IP, the Dreamcast doesn't tell you your IP.

I would like to try and find a l/p for it, although it'll be kinda hard since I don't even have a username. If anyone knows of a good brute force program for telnet let me know. My email is aminidab@mailcity.com.

Re:A Little more info

If you realy wanted to get more information about this sucker you could do the following: Get your computer connected to the internet. Set your cmoputer up to allow incoming ppp connections (if you dont have an official ip address setup ip masquerading or something). This means your gona need an extra modem if your uising a modem to connect to the internet. dialup to your computer with the dreamcast. SNIFF away... See if anything is ever comming to port 23 and 80 on the dreamcast. If an actual login ever takes place, you might be able to get the password. You might be able to see exactly what dreamcast is doing.

Re:A Little more info

try getting on irc and do a /whois on yourself but perhaps the irc client is on a different CD? i have the feeling the ip that showed up on the website you went to was of the university's transparent proxy or something

cluelessness :P

[whimsy]

i called sega's dreamcast number (1-888-345-SEGA), they asked for my name and phone, and i proceeded to fake it:

rep:can i please have your name and phone number?
aaron:doody doody doo!
r: thanks, how can i help you?
a: well.. i was using my dreamcast, and i tried to telnet into it. it asked me for a username and password.
r: huh?
a: i tried telnetting into my dreamcast from another computer.
r: is telnet ppp?
a: huh?
r: do you know what ppp is?
a: yes. both computers are connected via ppp. the dreamcast is connected over modem and my computer is connected via dsl.
r: uhhhh...
a: anyway, could you give me the username and password?
r: you shouldn't need one.
a: everything works fine - thats not the problem. i just want to see what it does.
r: do you use at & t worldnet?
a: no.
r: well just go to "other" when you reboot, and that will tell you how to sign up. did i answer all your questions today?
a: well, no. that's not the problem, everythign works fine. there's no other number i could call?
r: you mean your isp?
a: no. for dreamcast.
r: that's me!
a: okay. do you know a login and password for the dreamcast?
r: you need a login and password when you start the dreamcast?
a: *chuckle* i think we're misunderstanding each other. i'll start over. my dreamcast is connected via modem, via my isp. my computer is connected via dsl, via another isp.
r: okay...is your isp worldnet?
a: no. i tried scanning for open ports on my dreamcast, i saw telnet was open, and i tried using telnet to access it. i did this from my dsl-connected computer. i got the login and password prompt in the telnet window. the dreamcast works fine, even when i'm using telnet.
r: whoa, man. i dunno.
a: alright..
r: i couldn't give you any dns or anything
a: yeah?
r: that'd be ILLEGAL!
a: *chuckle*
r: alright, sorry i couldn't help. have a good day.
a: you too!

hmm..and i don't even own a dreamcast :P

Re:DNS

Whats this with DNS? He couldnt give him the nameserver cause its illegal??? I didnt understand that part.

I don't know the username ...

... but for "password", try "NSAKEY".

Nope, it's OpenBSD/SH4

[kriston]

The whole thing on OpenBSD on Sega Dreamcast is here:
http://www.softrare.com/openbsd-sh4/

Kris

Kriston J. Rehberg
http://kriston.net/

Re: Telnet heavily used for binary transfer

[MikeFM]

Why bother encoding it like that? You can send binary data across telnet sessions (on most good implementations) anyway. Remember using Kermit and Z-Modem between machines? :)

have it dial to a *NiX box where you have root

[Agent+Drek]

and then you can see what's really going on...

Re:Need GD-ROM specifications please!

The GD-ROM is actually written in two sessions. There is a single density session near the center of the disc that can be read by any CD-ROM drive. The majority of the disc however is a high density session that is on the outer part of the disc. This is achieved by using a proprietary compression format. The high density section is also read from the outer edge of the disc inward, instead of from the inner edge outward. Also, GD-ROMs currently CAN NOT be burned on regular CDR machines. Burning a GDR requires a special Sega produced machine. A standard game disc takes approximately 1.5 hours to burn.

dc + vga monitor

dreamcast with a special 40$ cable will plug into a vga monitor, according to the folks on irc. and i think i read it in some web pages too. perhaps this will help your 'low rez' problem

Java irc clinents?

[Lakitu7]

Is the dreamcast browser able to run any of the countless java irc clients on web pages? Are any of those capable of dcc? If so that could be another loophole to bypas DC's probably lack of dcc support.

Re:clueless jerkey

[Money__]

Nice call. Jerky :) I thought you were going to ask him if he had prince albert in a can . . ar if his refrigerator was running. (hey man...your cats on my fence) . . but seriously . . I think it's kinda funny that the Sega rep doesn't seem to know what Telnet is?!?!

Moron

[RaveX]

As another user has stated, ping flooding is a denial of service attack. As I am now stating, Dreamcast doesn't use an out-of the box, stock release of any OS, meaning that "exploits" aren't known yet. Therefore, if you're going to hack it, you'd better be more than a script kiddie who has no idea what they're doing other than hitting buttons that say "p1ng fl00d" or the like...

Need GD-ROM specifications please!

[FallLine]

Hello, I'm debating with a friend of mine exactly how GD-ROM has accomplished its increased data space over CD-ROM. Does anyone here actually know for a fact what wavelength it uses for example? My friend assumes its blue, but I don't think that's neccessary. As standard CD-ROMs aren't at maximum efficiency, and its not using the minimal red wavelength.