July 27th, 2003 05:54 AM
Using open ports?
hi! I use windows 98 and latest antivirus+ zonealarm, and i m sure there is no trojan or backdoor in my system. But when i inquired a hacker, he said still if someone wants to breakin my system, he could easily do so using some open ports. All i want to know whether he is right if yes than HOW one could breakin my system using open ports?
Note;- In my last post some idiots took my last posts as an attempt to gain hacking knowledge now mind it , its a security issue not the hacking issue.
July 27th, 2003 06:15 AM
Giving you the benefit of the doubt, yes it is possible to connect to your computer even if you have no trojan
Servers send information. Clients retrieve. Simple.
Windows comes with a built in program to connect to other computers called telnet.
To start Windows telnet Start menu> Run> type Telnet. Click connect> remote system
Ports are doors into computers. Hosts are computer names
(ip number or a name that is translated into the ip automatically)
Different programs open different ports, but they always open the same ports so other computers know which port to connect to. You can get a port list listing all the different ports, but a basic one is:
11 :- Sends info on the computer
21 :- FTP (File transfer program)
23 :- Telnet (Login to the computers command line)
25 :- Smtp (Sends mail)
80 :- Http (Web pages)
There are thousands of different programs using different ports. You can get programs called portscanners which check a computer for all ports up to a certain number, looking for ways in. You can portscan a computer looking for ways-in.
Anyway, back to telnet.
as the host and port as 80 the click connect.
If nothing happens, you're in. Wow. You are connected to Yahoo's server.
You can now type http commands (you are connected to an http server, so it supports http commands). Ie. on an ftp server you can type open and it will do something. On an http server it will just wonder what the hell you are on about.
Type get / http/1.0 then press enter twice to get the file on the server at / (try /index.html) etc.)
Hope this helps.
If you want more, just search on google: hacking using open ports.
It is impossible to make anything foolproof because fools are so ingenious. - Murphy
July 27th, 2003 06:26 AM
Using a personal firewall like zonealarm is a good start. This will block traffic from the external network(ie internet) based on a set of rules. These determine what traffic is allowed in and out to your PC. By default Zonealarm should block alot of commonly misued ports from the internet. Now, the traffic you DO allow through could be used to gain access, and here you may want to research the products you are going to use for vulnerabilities and decide whether this service is worth the security risk to you. Diffrent services provide different levels of risk, but I little digging will find you alot. Try bugtraq to search products for well known vulnerabilites, there are other lists which can be found from google.
\"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier
July 27th, 2003 07:19 AM
In your case someone isn't going to hack your computer using open ports because you are running Windows 98. However that statement isn't completely true to start with. Hacking (cracking) is done by using the various services running on your system, those services open up various ports. Windows 98 is not a Multi-User OS, so it won't be "hacked" on it's own. I suppose if you have file sharing enabled, and completely open, someone could browse your files and possibly do more depending on the rights you have set. If you were running say an ftp server (daemon) someone could find an exploit for that server and gain complete access, but they'll still only have access to the directories you've given that user access to, not the full system. Windows 98 doen't support those services by default, they would all be installed third-party software. People often use the analogy of a mailing address for your IP address. It's a wonderful analogy, but think of it more as an apartment building than a house. The ports on your computer are like the individual apartments. For simplicities sake we'll use the loopback to demonstrate. 127.0.0.1 is the address of your loopback, however 127.0.0.1:23 (or any other notation of writing IP / Port) is where your telnet service resides (if you have one). Of course port numbers are not static. You could run any service on any port, just most services have standard associated port numbers.
The biggest thing for keeping yourself safe (on top of your firewall/av) is to make sure that if you do run any third-party daemons, they are up-to-date. Like Maestr0 said, keep an eye on the vulnerabilities available for any daemons you have, and be sure to keep yourself patched.
IT Blog: .:Computer Defense:.
(Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".
July 29th, 2003 05:51 AM
I've doubts that Telnet can be used on win98 O.S? I tried to cennect it for test but it was failed given messege Unable to cennect to remote computer. What was it for?
July 29th, 2003 06:11 AM
Well you can telnet with win98. I have done it many times. sometimes the attempts to connect dont go through though and you need to try multiple times. Or that port may not be open or blocked.
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m.\"\\0\"x$w),$_=`echo \"16do$w 2+4Oi0$d*-^1[d2%
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die\"$0 [-d] k n\\n\")&~1)/2)
July 29th, 2003 01:22 PM
Just a quick tip:
if u don't use any server on your comp. u could make rules to forbid any Connection start sent to your PC (TCP connection start are SYN/ACK signalling type).
Doing so will banned any open port threat.
Be aware this is not compliant with P2P, make an exception rule if necessary...
[shadow] SHARING KNOWLEDGE[/shadow]