The Register reports That the Giuliani Security website is pretty ancient.
And on twitter some guy posted an nmap scan of the box.
Right after this went public, they took down the A Record DNS entry …
but people quickly figured out it is still available over the IP address.
to break it down for you:
- a lot of open ports
- running openssh version 4.7 ( lol )
- OS must be 9 to 10 years old at least
- could be a NAT or a single box ( either way it’s funny )
- expired ssl
- Exposed cms login
- using joomla install from 2013
- ssh, pop3 (?), imap, smtp, mysql, ldap ALL open to the public
- looks like a honeypot from 1999 or a metasploitable installation
In case you don’t know Giuliani: It’s the former New York mayor, which Trump hired for his Cyber-Business.
good lord… He will surely hire the best people