Fairly simple to find out what they have running. This was a complete "three-way handshake" port scan. For anyone that has a *NIX distribution, you can include in the installation a copy of NMap. NMap can run a much stealthier port scan to see what services are running without the far end logs noticing it. With the scan below, these "hits" will most definitely show up in their logs. This type of port scan used to be semi-illegal, but a recent court case decision made it completely legal to do(it had to do with a company "thinking" that they were gettting ready to be targeted for a DoS attack - Usually these types of scans are done to check vulnerabilities). All of the watchtower.* top level domains(org, com, and net) are virtually mapped to this same server in Virginia with Verio.
* + 130.94.149.224 watchtower.net
|___ 21 File Transfer Protocol [Control]
|___ 22 SSH Remote Login Protocol
|___ SSH-1.99-OpenSSH_3.4p1.
|___ 23 Telnet
|___ ..%
|___ 25 Simple Mail Transfer Sendmail 8.11.6/8.11.6
|___ 79 Finger
|___ must provide username...
|___ 80 World Wide Web HTTP
|___ HTTP/1.1 200 OK..Date: Tue, 17 Dec 2002 21:35:05 GMT..Server: Apache/1.3.27 OpenSSL/0.9.6g (Unix) PHP/4.1.2..Last-Modified: Thu
|___ 106 3COM-TSMUX
|___ 200 watchtower.net poppassd 1.0.4 starting, enter username..
|___ 110 Post Office Protocol - Version 3
|___ +OK Qpopper (version 4.0.3) at watchtower.net starting. ..
|___ 119 Network News Transfer Protocol
|___ Error: (2) Could not open config file /etc/vnews.conf.
|___ 143 Internet Message Access Protocol
|___ * OK [CAPABILITY IMAP4REV1 X-NETSCAPE LOGIN-REFERRALS STARTTLS AUTH=LOGIN] watchtower.net IMAP4rev1 2001.315 [i] at Tue, 17 Dec
|___ 443 https MCom
|___ 465 ssmtp
|___ 513 remote login a la telnet;
|___ 514 cmd
|___ 995 SSL based POP3
|___ 2401 cvspserver
|___ 5050 multimedia conference control tool
|___ 5150 Ascend Tunnel Management Protocol
|___ ACE (Version 1.1.6) ready...
|___ 5190 America-Online
|___ 8080 Standard HTTP Proxy