Call and Response (Solution)

by Asheesh Laroia, Glenn Willen, and Charles Steinhardt

You are given only an IP address.

You attempt to surf to it in a web browser, but you get a connection refused message.

So you scan it with a port scanning tool like nmap. This is what you get back:

Starting Nmap 6.00 ( http://nmap.org ) at 2012-11-17 20:54 EST
Nmap scan report for 67-207-144-83.static.cloud-ips.com (67.207.144.83)
Host is up (0.043s latency).
Not shown: 990 closed ports
PORT     STATE    SERVICE
9/tcp    open     discard
119/tcp  open     nntp
179/tcp  filtered bgp
212/tcp  open     anet
417/tcp  open     onmux
524/tcp  open     ncp
544/tcp  open     kshell
631/tcp  open     ipp
1000/tcp open     cadlock
2022/tcp open     down

(The puzzle currently says to ignore the filtered ports. That's an artifact of where it's hosted, and eventually I'll work on moving it to somewhere at MIT.)

So pretend the output was:

Starting Nmap 6.00 ( http://nmap.org ) at 2012-11-17 20:54 EST
Nmap scan report for 67-207-144-83.static.cloud-ips.com (67.207.144.83)
Host is up (0.043s latency).
Not shown: 990 closed ports
PORT     STATE    SERVICE
9/tcp    open     discard
119/tcp  open     nntp
212/tcp  open     anet
417/tcp  open     onmux
524/tcp  open     ncp
544/tcp  open     kshell
631/tcp  open     ipp
1000/tcp open     cadlock
2022/tcp open     down

You notice this is basically a weird collection of ports. The use of discard and gopher are two particularly historic protocols, and yet ipp is a fairly modern one. Most people haven't heard of onmux and anet and ncp.

So you investigate.

When you connect to the IPP port, you get back this string:

2012-11-17T20:57:17.590073

which is the current time in Eastern Standard Time. That's not what the Internet Printing Protocol is supposed to give.

The service on the ipp port is not IPP at all, but instead the daytime service.

As you explore each port, you find this is the mapping of ports to actual services:

port   name        actual service
(9,    'discard',  Smtp),
(119,  'nntp',     QOTD),
(212,  'anet',     Discard),
(417,  'onmux',    Ident),
(524,  'ncp',      Echo),
(544,  'kshell',   Http),
(631,  'ipp',      Daytime),
(1000, 'cadlock2', Gopher),
(2022, 'down',     Chargen)

You notice that the words in the actual service column share exactly one letter with the words in the name column. You notice it spells out STANCHION which is a word, so you call it in. It is the answer.