Hackers, Swordfish I don't get it!!

okay, I know you need a password/user name in order to get into computers.. But how to do you get to that point where you need to enter them? Like, do you just telnet (or use some Unix command) to get onto the computers server or........?

And what's so good about open ports..? Do you just port scan an IP addy and connect to those ports thru telnet or something and get access to the computer? Or... Do you port scan an ip address.. find the open ports, find the program that opens those ports.. And then find a vulerablity in that program.. and... AHH! I don't get it!

What I have going on right now is 2 computers.. My Main Computer (with a firewall etc) and my "Test Computer" that has No firewall, nothing. So, I got my Ip address from my computer beside me, my TC (Test computer), and I port scanned it with my MC ( Main computer ). I have a few ports open right now.. but then what do I do? Should I go into Telnet and try to connect to those ports?

:( I just don't get it at all.. If anyone could help this newbie out, I'd be very greatful :)

P.s, I'm using Windows Xp on both comps. Thanks!

Seems like you answered all your questions within your post. You definetly have the right idea. I am not going to address your question because you basically answered it. I will tell you how to prevent what you are talking about. You basically want to have as few ports open as possible, and to achieve this you have to figure out what app is opening the port then decide if you need that application running or not. If not, you kill the app, which closes the port. You also want to get a firewall just to be sure that what is getting through is only what you want to get through. For the apps opening ports that you need to have running, you want to go to the their website and be sure there are no patches or updates. netstat -a displays all connections and listening ports in XP. Just be safe.

edit
forgot to post a link: http://www.antionline.com/showthread...ghlight=telnet
this should help you with some questions about telnet. Also, if it is your computer and there are ports open that you don't know how to connect to, that is not a good sign. I think that link provides a pretty good overview of what to do with a lot of ports. But you got it when you said this:

Quote:

---

Or... Do you port scan an ip address.. find the open ports, find the program that opens those ports.. And then find a vulerablity in that program.. and... AHH! I don't get it!

---

You basically would just search for a vulnerablility and either write or find code that exploits it. And if this is possible on your computer, then you need to either switch software if there are no patches or upgrades, or patch it if there are.

So.. What your saying is all I have to do is open telnet.. Type in the ip address, type in the open port number.. and then I'll have access to the computer? or.. :-/

Thanks for the quick reply h3r3tic :-)

Apollovega, in most scenerios, no. You cant just telnet to any port, the telnet port itself is 23. If you telnet to a box it will most likely ask you for a password and maybe a username unless theres really nothing to telnet to.

Edit: Forgot to say, you can telnet to some protocols such as the HTTP protocol (port 80), or any other services you might want to access on any other port.

Port 25 is an important port to telnet to in some cases. It runs sendmail. You can find any number of tutorials on sendmail out there. It is kind of a fun service to play with as a newbie...


edit: since you had Swordfish in the subject, don't believe anything you saw in that movie. It was the most unrealistic thing I ever watched. Funny movie though.

yea, I finally connected to port 25.. Cept the second I typed even one letter it said connection lost.. Dunno why thou..



Edit: Yea I thought it was pretty corny as well.. I was just trying to think of all the movies with Hacking involved :-)

Try this
telnet 64.253.207.29 25
helo localhost
then follow the stuff in that link I posted. It should deny you to send an email. The only one that has worked for me is the one from my isp which I use for email. Just fool around with it. Telnet to all the open ports and see what happens, you learn by experience.

edit
oops, im an idiot, I had this telnet 64.253.207.29 localhost
it was a really bad typo, I changed it so now it's
telnet 64.253.207.29 25
That should work for you.

You ever watch "Sneakers"???

It's not purely hacking, but it's a hacker classic.

Sneaker?? Now thats one I haven't heard of! I guess I have something to put on my x-mas list :P hehe... Has anyone seen a movie called "Master Minds" Its got some hacking in it... its mostly GUI hacks... And the movie is heavily action oriented, and it's main character is some 17 year old boy who is a James Bond wanna be, but he can hack... All in all, its a pretty decent movie... Worth a rental anyway :D

Ahhhh.. Swordfish. Good Soundtrack, bad movie. No one can break through 128 bit encryption while getting their dick sucked in under 60 seconds. (I dont know of any guys who can even think while getting thier dick sucked) ;)