Results 1 to 4 of 4

Thread: So..what now?

  1. #1

    Question So..what now?

    I've been reading and learning from this forum but i got stuck in my learning proces. While I try to secure my computer I try to find out it's vulnarebilities by trying to get into the system of a friend of mine (he know's) So I got his IP found an open port (139, NetBios and 8053). Now I telnet to these ports and get a connection. Are there certain commands which these ports are accepting? I tried some general commands like help, "help;" login, "exit;" but nothing happens. So...what now?
    GOD invented evolution \'cause he couldn\'t do it all by himself.

  2. #2
    Senior Member
    Join Date
    Sep 2001
    Posts
    429

    Cool

    find an old pc (eg: 386 or486,32Mb RAM, 512Mb [min] hard disk), buy two nic's and build yourself a *nix firewall.

    or

    install personal firewall software (I don't use them so can't recommend anything).

    The *nix firewall is the best long term option but it's the trickiest to get right (but you learn tons in the process!). You can get going fairly painlessly with most modern *nix distro's.

    The personal firewall is a lot easier and will protect you straight away (if your using micro$oft).

    And also...

    If your on a dial-up connection then your not open to much abuse (dynamic IP's and intermittent connections make you a much harder target), if your on a static IP (cable, adsl etc) then you should take precautions.

    Lastly..

    there are also some nice routers / cable-modems that have good internal firewalls built in.

    J.

  3. #3
    i don't know the commands for port 139, i've tried using it but i always get booted within 2-3 seconds. the higher port, is your friend running a chat program or something along those lines? because otherwise there aren't many services that use ports that high up. i think the restricted ports stop at 1024 and everything above that are programs like ICQ, etc...

  4. #4
    Senior Member
    Join Date
    Oct 2001
    Posts
    689

    Post

    This is quoted from the happy hackers guide to mostly harmless hacking:


    "All that is needed is the IP address of the remote machine.
    Now open up a DOS window, and at the command prompt, type:

    c:\>nbtstat -A [ip_addr]

    If the remote machine is connected to the Internet and the ports
    used for sharing are not blocked, you should see something like:

    NetBIOS Remote Machine Name Table

    Name Type Status
    ---------------------------------------------
    NAME <00> UNIQUE Registered
    DOMAIN <00> GROUP Registered
    NAME <03> UNIQUE Registered
    USERNAME <03> UNIQUE Registered

    MAC Address = 00-00-00-00-00-00

    This machine name table shows the machine and domain names,
    a logged-on username, and the address of the Ethernet adapter
    (the information has been obfuscated for instructional purposes).

    **Note: This machine, if unpatched and not protected with a
    firewall or packet-filter router, may be vulnerable to a range
    of denial of service attacks, which seem to be fairly popular,
    largely because they require no skill or knowledge to perpetrate.

    The key piece of information that you are looking for is in the
    Type column. A machine that has sharing enabled will have a hex
    code of "<20>".

    **Note: With the right tools, it is fairly simple for a sysadmin
    to write a batch file that combs a subnet or her entire network,
    looking for client machines with sharing enabled. This batch file
    can then be run at specific times...every day at 2:00 am, only on
    Friday evenings or weekends, etc.

    If you find a machine with sharing enabled, the next thing to
    do is type the following command:

    c:\>net view \\[ip_addr]

    Now, your response may be varied. You may find that there are
    no shares on the list, or that there are several shares available.
    Choose which share you would like to connect to, and type the
    command:

    c:\>net use g: \\[ip_addr]\[share_name]

    You will likely get a response that the command was completed
    successfully. If that is the case, type:

    c:\>cd g:

    or which ever device name you decided to use. You can now view
    what exists on that share using the dir commands, etc.

    Now, you may be presented with a password prompt when you issue the
    above command. If that is the case, typical "hacker" (I shudder
    at that term) methods may be used. "

    I hope that this helps.
    Wine maketh merry: but money answereth all things.
    --Ecclesiastes 10:19

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •