OH yea, I want to know while I stand on 1 foot. LOL Hey, at least I didn't ask how to hack Hotmail.

Before Negative hits me with the obligatory AO flame, let me explain.

I'm no newbie. I've been building, configuring and programming puters since the '70s. Security is a new game for me. That's all.

And, although the topic was a joke, there is a certain amount of validity to it.

I've been read, read, reading here and some other sites (been a member here for several months) to learn as much as I can but clear info isn't easy to come by.

There is a lot of talk about how insecure Windows is but not a lot of detail as to exactly why. Hogfly had a nice thread challanging people to spell out why Windows sucks but it didn't get the replys I hoped for.

Anyway, I'm not a script kiddie looking for it handed to me on a platter. Just trying to find out what you guys recommend for reading.

More specific. I have a puter on a separate dial-up account. Knowing the IP, this is the box I use to learn. I started out with the simple things like trojans and virii. I could send them to the box and see how a trojan can bypass the virus proggy, etc. (Hey, we all have to start somewhere.)

Then I learned about the NetBEUI exploit and how to prevent others from utilizing this weakness.

Now, I have a fresh, default install of Win98SE. NetBEUI and file sharing are disabled. A scan shows ports 1, 11, 15, 79, 111, 119, 139, 143, 540 and 1524 open.

I have gone to http://advice.networkice.com/Advice/Exploits/Ports/default.htm and read about the ports and what they mean. I would guess that port 139 is the port I should try first. I have tried to Telnet to it and a few other things with no luck connecting.

Like I said, I'm just looking for a little guidance. Any help is appreciated.

BTW, Negative. My comment about you was not meant as a slap. I find your posts both amusing and informative. I especially like your "click here because I'm to lazy to do a search" links. :)

I hope someday, I can repay the site by contributing to it's knowledge.

Thanks again,
KapperDog

I KNOW you're going to get flamed for that one...since you've been building shit since the 70's I would think you would know how to ask questions of this sort...let me explain to you how you should ask and you won't get flamed nearly as much, just get made fun of a bit. :dunce:

When you ask a question, be VERY specific. For example, you might find out about a certain vunerability, but you're not quite sure how to exploit it. So, you might try to find out more about the vunerability, and see if that helps. Then you might try asking suggestions on exploiting the vunerability....

I KNOW you're going to get flamed for that one...

Damn, you must be psychic. But then again...not.
since you've been building shit since the 70's I would think you would know how to ask questions of this sort
U guys build shit in the US of A? And there are like companies making money out of it? What an idea! I guess I'll have to start a shitbuilding factory here in Belgium, too. My compatriots won't know what (s)hits them!
...let me explain to you how you should ask and you won't get flamed nearly as much, just get made fun of a bit.
I guess this is where your extremely technical guideliness come in...not.
When you ask a question, be VERY specific.
That's it? I guess I was right about the ...not-part. I must be psychic. But then again...Hey, I am!

That's all for todays obligatory AO flame.

As for the OP's questions, which I find extremely clear (interpunction!) and well-formulated.

Then I learned about the NetBEUI exploit and how to prevent others from utilizing this weakness.
Just to keep up, I guess this is what you mean:
If your only aim is to surf and to mail, you bind your dial-up to the TCP/IP-protocol only. If you need File and Printer sharing and stuff, you do not bind your TCP/IP to it; instead, you bind your dial-up to TCP/IP, AND you bind your dial-up to NetBEUI. Then, NetBEUI is binded to File and Printer sharing.
Something like that?

Now, I have a fresh, default install of Win98SE. NetBEUI and file sharing are disabled. A scan shows ports 1, 11, 15, 79, 111, 119, 139, 143, 540 and 1524 open.
Yes...
FYI: port 79 is used by trojans CDK and Firehotcker and port 119 by Happy99. As far as I know (and I don't know shit, cfr. NoNeckJoe - I'm sure he'll be glad to explain that one more time), the other ports aren't trojan ports.

I would guess that port 139 is the port I should try first.Good guess, I guess (?). Never heard of telnetting to NetBios, though - correct me if I'm wrong, flame me if you wish to. The easiest solution is to get something like IP-Tools (http://www.ks-soft.net/ip-tools.eng/index.htm), scan a whole range of ports (pretty childish, and illegal, I know), pick out the open systems, and there you go (telnet, NetBios,...). It's like checking all doors in your street, and only enter the open ones. Of course, you can make things more complicated and try to force the closed ones.

I hope someday, I can repay the site by contributing to it's knowledge.
You already did as far as I'm concerned, by stating the benefit of interpunction.

!!! Soon, in every family in the US of A !!!
!!! I N T E R P U N C T I O N !!!
!!! Brought to you by Negative and Kapperdog!!!

OK, I guess this is where it stands. I'm still a ****ing idiot and script kiddie but, I can spell and I display proper puncuation in my posts. LMAO. Not bad for my first post, I guess.

It's hard to be specific when you really don't know what questions to ask.

I got a little carried away in my post and started to rant.

What I'm really looking for is some suggestions as to where a person with a willingness and ability to learn can go to learn more about security. Maybe you could recommend some of your favorite sites.

I enjoy the personality of AntiOnline and I hope to find more time to spend here. However, there are only so many hours in a day and I have duties at sites elsewhere.

Anyway, for those who are as of yet, unclear.

1. Where would you suggest general security topic reading?

2. Where would you suggest reading specific to exploiting any of the open ports I listed in my post above (1, 11, 15, 79, 111, 119, 139, 143, 540, 1524)?

Thanks again,
KapperDog

Negative,

I respect and appreciate your reply but you said, Never heard of telnetting to NetBios, though - correct me if I'm wrong,

I knew I read it somewhere and I just read it again.

Out of Band (OOB) data attacks: Windows machines that allow access to port 139 may be vulnerable to this type of attack. Essentially, a hacker connects to port 139, usually with telnet, and then sends a specific amount of data to the port. The result is that Windows NT machines will crash and indicates a problem in TCPIP.SYS. Windows 95 machines may or may not crash. In both cases, a simple reboot is usually enough to fix the problem. Microsoft's DNS problem may also be at risk to these types of attacks (on port 53). Read Nt Security's OOB Attacks page for information on this attack and possible fixes and/or workarounds for this vulnerability.

This paragraph leads me to believe that you can Telnet to port 139. Am I misunderstanding something?

When trying to connect with Telnet, what TermType should I use?

Thanks,
KapperDog

The OOB 'nuke' attack is largely fixed now, so it's unlikely to work. I would suggest you check out The Happy Hacker Guides to (Mostly) Harmless Hacking (http://www.happyhacker.org/gtmhh/gtmhh2.shtml). They're fairly informative for beginning techies. In particular, regarding making manual connections to open shares, check out:

http://www.happyhacker.org/gtmhh/crackw95.shtml

Hope it helps.

Thanks, Terr.

In case anyone is interested, I also found a nice guide here (http://home.cyberarmy.com/tcu/dv.html) called Digital Voodoo.

Kapper, if you are still interested in learning about this stuff....meet me in the chat room tonight. irc.antionline.com #antionline.......U want to hack port 139? piece of cake.

Kapper or any newbies for that matter, don't let the flaming get you out of hacking. Everything about hacking is great.

A good place to find up-to-date vulnerabilities is http://www.securityfocus.com

hogfly,

I didn't make it to IRC untill about midnight EST. Sorry I missed you. I'll definitely take a raincheck if that's OK with you.

Thanks for the offer.

cF,

Thanks for the warning but my sense of humor make me flameproof. :D

Thanks again, hogfly.

KapperDog

Hey hogfly,
I would be interested in hacking port 139, so could you please tell me when you could help me thanks. Also KapperDog one suggestion I have is learn how to make Trojans and Worms, a good refernce is http://www.tlsecurity.net/main.htm, it has a lot of source code and tips. Good luck:) .

U want to hack port 139? piece of cake.


Haha, Hog - You've just gained overnight stardom with the l33t k1dd13's. Soon you will have a following of hax0r groupies.

Ooooops. No kiddies wanted. go avay!!!! port 139 very hard.

//have fun!

kapper()
{
goto www.hackingexposed.com;
}

dontBlameUs()
{
please use the material at your own risk;

}

A good website for hacking windows is www.hackersclub.com

Yeah, it used to be one of my favorites too. I espacially liked all the ways to gain admin rights on windows boxes. km did a fine job with the site, but I think it needs more frequent updates.

Grtz,

Sorry, but I must blast you with my standard "How?" answer:


VERY CAREFULLY.

Maybe it will help you, but probably not. Oh well, I just had to put that in there somewhere.

kapperd0g --> at least your english is g00d

I dont even need to read the posts here and I know just by the topic.......I hate when people ask stupid questions like this one

I feel obligated to suggest, Limp, that you should read more than just the topic :p You might be surprised...

i heard of an tool that was programmed by ms only for the port 139 that allows u to connect. it connects to the file vnbt386 in windows/system, this file must be a server. dudes i cannot say where u can find this tool, im still searchin..... never tried to write a client ? Hey Programmers!