Anyway, let me assume that you have got hold of a good ‘impossible to detect’ Port Scanner, now scan the target system for all open ports and record the open lists:
Note: In this manual, I have taken up my ISP as an example target system. It would be foo-barred throughout as xxx.bol.net.in
In my case, I found that the following ports were open:
Port Number Service
21 FTP
23 Telnet
25 SMTP
53 DNS
79 Finger
80 HTTP
110 POP
111 Not Useful
389 Not Useful
512 rlogin
Note: Only a few Port Scanners give you both the open Ports and the services running on them. Most Port Scanners only return the list of Open Ports. This is fine too; as once you get the list of open ports then you can find out the corresponding services running on them, referring to the RFC 1700. It contains the complete list of Port Numbers and the corresponding popularly running services.
Now port scanning takes advantage the 3-stage TCP handshake to determine what ports are open on the
Remote computer. To learn more about the TCP\IP protocol read the networking manuals that I distribute on
My mailing list.
Tools like SATAN and lots of them more allow you to find out the list of open ports, the daemon or the service running at each open port and also the service's vulnerability at the click of a button. You can't call yourself a hacker if you need some Software, which first of all is not written by you to do something as lame as a port scan. Well yes I do agree that looking for open ports manually on a server would take a long time. But what I am suggesting is that you use a Port Scanning tool, which just gives you a list of open ports without the list of services and the vulnerabilities. I assure you, if you try and explore an open port of a remote server manually, you will be able to learn more about the remote system and also it will give you a taste of what hacking actually is. If you use a port scanner, which gives you all details at the click of a button to impress your friends, let me assure you none of them will be impressed, as I am sure anyone can use SATAN and other such scanners.
Another thing you need to be careful about before port scanning your ISP is that most port scanners are very easily detected and can easily be traced and you have no excuse if you are caught doing a port scan on a host., it a sure sign of Hacker Activity. There are many stealth scanners like Nmap, which claim to be untraceable. But the truth is that they are very much traceable and they are quite inaccurate as they send only a single packet to check if a port is open or not. And if the host is running the right kind of Sniffer software maybe Etherpeek then the Port scan can be easily detected and the IP of the user logged. Anyway some ISP's are really afraid of Hacking activities and even at the slightest hint of some suspicious hacking activity something like Port scanning, they can disable your account. So just be careful.
************
Evil Hacking Trick: Well try to keep an eye on TCP port 12345, and UDP port 31337 these are the default
ports for the popular trojans NetBus and BO, respectively
*************
Jai Shree Raam
Note: In this manual, I have taken up my ISP as an example target system. It would be foo-barred throughout as xxx.bol.net.in
In my case, I found that the following ports were open:
Port Number Service
21 FTP
23 Telnet
25 SMTP
53 DNS
79 Finger
80 HTTP
110 POP
111 Not Useful
389 Not Useful
512 rlogin
Note: Only a few Port Scanners give you both the open Ports and the services running on them. Most Port Scanners only return the list of Open Ports. This is fine too; as once you get the list of open ports then you can find out the corresponding services running on them, referring to the RFC 1700. It contains the complete list of Port Numbers and the corresponding popularly running services.
Now port scanning takes advantage the 3-stage TCP handshake to determine what ports are open on the
Remote computer. To learn more about the TCP\IP protocol read the networking manuals that I distribute on
My mailing list.
Tools like SATAN and lots of them more allow you to find out the list of open ports, the daemon or the service running at each open port and also the service's vulnerability at the click of a button. You can't call yourself a hacker if you need some Software, which first of all is not written by you to do something as lame as a port scan. Well yes I do agree that looking for open ports manually on a server would take a long time. But what I am suggesting is that you use a Port Scanning tool, which just gives you a list of open ports without the list of services and the vulnerabilities. I assure you, if you try and explore an open port of a remote server manually, you will be able to learn more about the remote system and also it will give you a taste of what hacking actually is. If you use a port scanner, which gives you all details at the click of a button to impress your friends, let me assure you none of them will be impressed, as I am sure anyone can use SATAN and other such scanners.
Another thing you need to be careful about before port scanning your ISP is that most port scanners are very easily detected and can easily be traced and you have no excuse if you are caught doing a port scan on a host., it a sure sign of Hacker Activity. There are many stealth scanners like Nmap, which claim to be untraceable. But the truth is that they are very much traceable and they are quite inaccurate as they send only a single packet to check if a port is open or not. And if the host is running the right kind of Sniffer software maybe Etherpeek then the Port scan can be easily detected and the IP of the user logged. Anyway some ISP's are really afraid of Hacking activities and even at the slightest hint of some suspicious hacking activity something like Port scanning, they can disable your account. So just be careful.
************
Evil Hacking Trick: Well try to keep an eye on TCP port 12345, and UDP port 31337 these are the default
ports for the popular trojans NetBus and BO, respectively
*************
Jai Shree Raam
No comments:
Post a Comment