That makes very little sense. I'm guessing you want to identify what kind of FTP server the remote host is running. If this is the case, there is an optional banner advertising the FTP when you establish the session.

See more information here.

Wow, I think you're the first person we've had here from Iran. Glad to see the government there lets you guys see 'dangerous' web sites run by infidels .

Luckily with FTP, the data is being transmitted in plain text, so capturing the packets should be easy. I think it may be a language thing, but I am not entirely sure what you are asking for help with.

thanks

o my god !!! we (iranian) are nobody in Undergroun Hackers World ?
thanks for answer i Report my Brute Forcer in next time

well I think nmap is your answer. it detects type of service.
if you wana programming you should do what nmap did (finger printing)

thanks but ..

thanks . but i want my programm Do Detection . well this programming is very very hard and it Must long Time Programmed . i haven't this Time . Thank You . I Think for a Short Way !

yea, It's time consuming to do it,
well may be you'd better just run nmap (shell nmap ....) and just look at the results.
you must only do a string processing then.

regards

It's rather funny, not one person knows what the others are talking about and the whole topic is dev/null material. =)

Perhaps it is destined for dev/null, but I have seen less useful content not moved there.

I see two ways to look at this post, and both may be questions proposed.

Yes. A brute force of Internet IP addresses is possible, and there are programs to help you with this, which are fast and allow you to specify what information you want to gather about remote services. (No. I won't write what they are..)

IP Addresses (ignoring lost addresses and reserved, and multicast and unused addresses)
220*2^24=3690987520 ip addresses to check for services. (This not accurate, but close enough for government work.) It would take some time though-- even with parrallelization on a single machine and across multiple computers.

Depends. If you can find a service that accepts a username and allows multiple password tries with that username, you may be able to gain a little bit of speed gain for each try.

If you are using a brute force attack, consider the number of password required as you add length to the password size.

Assuming simple ASCII character set, and limiting the number of character to printable characters in the lower 128 chars (not "extended" ASCII) we have:
A-Z,a-z,0-9,~!@#$%^&*()_+`-={}:"<>?[];',./\| as characters.
26*2 letters + 10 digits + 32 symbols = 94 characters.
Number of permutations (not combinations since order does matter) would be P(94,1) for 1 character passwords or 94 passwords.


Using my buddy "bc":
Consider this: You decide to try testing longer passwords. A 16 character password with 94 characters in the set would include a total of 9602076631136562232830922752000 different passwords per user. Of course, on average, you might find it half way through a search, and then after adding ordered weighting to letters, then numbers, and including symbolic checks later could allow for hits even sooner, but the point is...
9602076631136562232830922752000 is a large number of passwords to test if you are brute forcing!
But it does not end there...
9602076631136562232830922752000 assumes that the password is *exactly* 16 characters long. This does not include passwords that are 1, 2, 3, 4... ... 15 characters in length. I *think* we can perform a mathematical showrtcut here, and just increase the charset size by one to find the summation of all permutations for all passwords of length from zero to 16:

11546801012126245723024527360000 ! (<- exclamation not factorial) Wow!
Ignoring advantages in intelligent selection of passwords, you can half this number for an average search for finding passwords,
5773400506063122861512263680000
Let's assume that you can check one password every millisecond (much faster than what you would get in reality over the Internet when you think about it) and also assume you have 1000 computers working in parallel with 1000 processes each:
5773400506063122861512263680000/(1000 * 1000 * 1000)
5773400506063122861512.2636800000 seconds)
Assuming 365.2425 days per year (accounting for leap years)
365.2425*24*60*60 = 31556952 seconds per year (on average)
5773400506063122861512.2636800000 seconds / (365.2425*24*60*60 = 31556952) seconds per year (on average) =

about 182951778931727 years.

My math is rusty in probability. Feel free to tell me I suck for any mistakes. :-)

Hehe, oh come on CotMan, you are Actuary material all the way. ;)

LosT

Hah! I should buy some beans so I can go count them. :-)

Drive Thru: "Welcome to Taco Hell. May I take your order?"
Cot: "Yeah.... there are these flattened pieces of dough which are often cooked briefly on both sides, sometimes made with flour or corn [long detail description of bean burrito.] I'll take one of those."
Driv Thru: "Zzzzzzzz. Huh? Ok. One bean and cheese burrito. Anthing else?"
Cot: "Yes. How many beans in that? I really must know...."

I was under the impression that Taco Bell did not have real beans or for that matter anything identifiable as edible. Seriously I would not eat at Sub Way either my friend is a manager there and they only order tier 3 meat the lowest grade legally allowed.

Yeah...I don't know about Taco Bell. How great can the quality be if half a pound of meat is 99 cents?

Since 50% is corporate profit, that means it costs them 49 cents for the parts and labor. Imagine the worker gets 10 cents for assembling one at $6/hr and taking only one minute. Then the employee benefits and employer costs are 5 cents. Rent on the building and other expenses are probably 10 cents, thus the actual value of the entire product is 24 cents.

I think they more than make up for it on their $1.49 sodas.

Somehow.. I REALLY do not think he is joking...