| 10 Mar 2008 04:27 am |
blunt sword Guest | The way that pretty much all pc’s are hacked is by gathering info, then finding a security bug. By reading this I hope you’ll learn how much info. can be obtained from your server, and hopefully how to stop it.
I’m repeatedly getting blank e-mails to my Outlook (dont laugh) inbox. I right click, choose properties and look at the messege source. The following interesting information is included :
Received: from AspEmail ([66.200.114.146])
I recognise the numbers as an ip, and Asp as the Windows eqivalent of Php, which normally runs on nt servers.
(Port scanning)
This means using a program that trys to access all ports (think of as doors) to see if servers are running. So i port scan (get one here http://www.hoobie.net/brutus ) and find the following ports are open:
19,21,22,53,80,139
19,21 and 22 are all ftp server. 53 is domain, 80 is http (web server), and 139 is netbios-ssn
Portscanning is easy to detect, and could get you kicked off your isp (unlikely though)
Getting info. on the servers
139 is the most interesting, net bios allows you to use a hard drive and printer remotely. I type “nbtstat -A 66.200.114.146” at the command prompt to find more info on it. By clicking start, find computer then entering the ip I could attempt to access the computer.
Look here for more info on netbios.
Next I open up telnet and connect to the ftp server, and I get the following response:
220 Serv-U FTP-Server v2.5k for WinSock ready...
Serv-U is a Windows ftp server, plus its given away in “WinSock”.
What now?
Now, if you actually wanted to hack the server you would simply do a search on google for exploits for the servers that are running. Now you should see the importance of a firewall, which prevents most hackers from even seeing your computer.
Other information gathering techniques:
Using the dos/ linux commands tracert [ip] and ping [ip]
Or use an online version:
Finding out the server that runs
Unfortunately, most web servers are more than happy to give out detailed ifnoramtion about themselves. By attempting to access a file which you know doesn’t exist on a server, eg. [http://www.groovyweb.uklinux.net/nonexistant] a 404 error will be given, along with the server name and version.
Test-cgi
This is a default script, installed on most servers. By going to www.servername.com/cgi-bin/test-cgi it can be accessed. Eg. http://bcn.boulder.co.us/cgi-bin/test-cgi | |
|
| 10 Mar 2008 04:49 am |
The Magnificent Bastard Rep: 69  Joined: 28 Dec 2006 Posts: 19,626 | very informative and it is information that all peple should be aware of.
ALWAYS use a firewall!!! ---
 
  | |
| 10 Mar 2008 06:08 am |
The Mangekyou Sharingan Rep: 50 Joined: 01 Oct 2007 Posts: 10,520 OFFLINE | Hmmm... Such techniques only can be done without SP... with SP damn you have no access to other computer...
One thing for sure is... hacking is not that easy...
AFAIK... you need more days to find the weakneses on other computer or servers and wolfie firewall cant protect your webserver if the attacker using SQL Injections...
Bjarne said we must not mention hacking or cracking... why you not lock this thread up or erase it...???
 
“Great new ideas usually come from very small teams... don’t give up so easily." — John Kaster — | |
| 10 Mar 2008 06:48 pm |
Taking noobs to school Rep: 44 Joined: 21 Jun 2006 Posts: 16,040 OFFLINE | wow u r a noob ---
 | |
| 10 Mar 2008 08:41 pm |
The Mangekyou Sharingan Rep: 50Joined: 01 Oct 2007 Posts: 10,520 OFFLINE | Am I a noob...??? ---
“Great new ideas usually come from very small teams... don’t give up so easily." — John Kaster — | |
| 11 Mar 2008 06:17 pm |
Taking noobs to school Rep: 44Joined: 21 Jun 2006 Posts: 16,040 OFFLINE | Yes ---
| |
| 12 Mar 2008 04:02 am |
The Mangekyou Sharingan Rep: 50Joined: 01 Oct 2007 Posts: 10,520 OFFLINE | Haha... I cant do that tricks for linux and for windows...??? YES I CAN...!!! ---
“Great new ideas usually come from very small teams... don’t give up so easily." — John Kaster — | |
| 12 Mar 2008 06:18 am |
golden fork Guest | realllllllllly | |
| 12 Mar 2008 06:21 am |
The Mangekyou Sharingan Rep: 50Joined: 01 Oct 2007 Posts: 10,520 OFFLINE | YEESSSSS... ---
“Great new ideas usually come from very small teams... don’t give up so easily." — John Kaster — | |
| 12 Mar 2008 06:22 am |
golden fork Guest | yeh yeh... | |
| 12 Mar 2008 06:23 am |
The Mangekyou Sharingan Rep: 50Joined: 01 Oct 2007 Posts: 10,520 OFFLINE | yeh... yeh... too... simple actually netcat is good tools you know... ---
“Great new ideas usually come from very small teams... don’t give up so easily." — John Kaster — | |
| 12 Mar 2008 06:27 am |
golden fork Guest | when i made this top, i was SURE it was gonna get deleted! this bordelines breaking the rules.. well it’s discussing HACKING! are moderators really doing their job? i wonder! | |
| 12 Mar 2008 06:31 am |
The Mangekyou Sharingan Rep: 50Joined: 01 Oct 2007 Posts: 10,520 OFFLINE | Hmmm... Mentioning hacking in this forum is prohibited but by seeing this I think the mod cant deleted it perhaps bjarne can do that to this topic... ---
“Great new ideas usually come from very small teams... don’t give up so easily." — John Kaster — | |
| 12 Mar 2008 06:35 am |
golden fork Guest | Itachi Uchiha wrote:
Hmmm... Mentioning hacking in this forum is prohibited but by seeing this I think the mod cant deleted it perhaps bjarne can do that to this topic...
yeh .. funny how some people can “bend the rules” to the max! | |
| 12 Mar 2008 06:36 am |
The Mangekyou Sharingan Rep: 50Joined: 01 Oct 2007 Posts: 10,520 OFFLINE | the rules exist for us to break... that simple... ---
“Great new ideas usually come from very small teams... don’t give up so easily." — John Kaster — | |
| 12 Mar 2008 06:45 am |
golden fork Guest | Itachi Uchiha wrote:
the rules exist for us to break... that simple...
Rules Are There T’be Broken Me Ole WazziT ... How Could WE Better Ourselves If WE NEVER BREAK TEH RULES  | |
| 12 Mar 2008 06:48 am |
The Mangekyou Sharingan Rep: 50Joined: 01 Oct 2007 Posts: 10,520 OFFLINE | Good... Good... Me sometimes break the rules in my office... hehehe... hail to break the rules...
“Great new ideas usually come from very small teams... don’t give up so easily." — John Kaster — | |
|
|
Post Reply |
First ]
»
Off-Topic
» PC Security =)