December 10th, 2001, 05:27 PM
I've been reading and learning from this forum but i got stuck in my learning proces. While I try to secure my computer I try to find out it's vulnarebilities by trying to get into the system of a friend of mine (he know's) So I got his IP found an open port (139, NetBios and 8053). Now I telnet to these ports and get a connection. Are there certain commands which these ports are accepting? I tried some general commands like help, "help;" login, "exit;" but nothing happens. So...what now?
GOD invented evolution \'cause he couldn\'t do it all by himself.
December 10th, 2001, 07:01 PM
find an old pc (eg: 386 or486,32Mb RAM, 512Mb [min] hard disk), buy two nic's and build yourself a *nix firewall.
install personal firewall software (I don't use them so can't recommend anything).
The *nix firewall is the best long term option but it's the trickiest to get right (but you learn tons in the process!). You can get going fairly painlessly with most modern *nix distro's.
The personal firewall is a lot easier and will protect you straight away (if your using micro$oft).
If your on a dial-up connection then your not open to much abuse (dynamic IP's and intermittent connections make you a much harder target), if your on a static IP (cable, adsl etc) then you should take precautions.
there are also some nice routers / cable-modems that have good internal firewalls built in.
December 10th, 2001, 09:39 PM
i don't know the commands for port 139, i've tried using it but i always get booted within 2-3 seconds. the higher port, is your friend running a chat program or something along those lines? because otherwise there aren't many services that use ports that high up. i think the restricted ports stop at 1024 and everything above that are programs like ICQ, etc...
December 11th, 2001, 06:29 PM
This is quoted from the happy hackers guide to mostly harmless hacking:
"All that is needed is the IP address of the remote machine.
Now open up a DOS window, and at the command prompt, type:
c:\>nbtstat -A [ip_addr]
If the remote machine is connected to the Internet and the ports
used for sharing are not blocked, you should see something like:
NetBIOS Remote Machine Name Table
Name Type Status
NAME <00> UNIQUE Registered
DOMAIN <00> GROUP Registered
NAME <03> UNIQUE Registered
USERNAME <03> UNIQUE Registered
MAC Address = 00-00-00-00-00-00
This machine name table shows the machine and domain names,
a logged-on username, and the address of the Ethernet adapter
(the information has been obfuscated for instructional purposes).
**Note: This machine, if unpatched and not protected with a
firewall or packet-filter router, may be vulnerable to a range
of denial of service attacks, which seem to be fairly popular,
largely because they require no skill or knowledge to perpetrate.
The key piece of information that you are looking for is in the
Type column. A machine that has sharing enabled will have a hex
code of "<20>".
**Note: With the right tools, it is fairly simple for a sysadmin
to write a batch file that combs a subnet or her entire network,
looking for client machines with sharing enabled. This batch file
can then be run at specific times...every day at 2:00 am, only on
Friday evenings or weekends, etc.
If you find a machine with sharing enabled, the next thing to
do is type the following command:
c:\>net view \\[ip_addr]
Now, your response may be varied. You may find that there are
no shares on the list, or that there are several shares available.
Choose which share you would like to connect to, and type the
c:\>net use g: \\[ip_addr]\[share_name]
You will likely get a response that the command was completed
successfully. If that is the case, type:
or which ever device name you decided to use. You can now view
what exists on that share using the dir commands, etc.
Now, you may be presented with a password prompt when you issue the
above command. If that is the case, typical "hacker" (I shudder
at that term) methods may be used. "
I hope that this helps.
Wine maketh merry: but money answereth all things.