IP ADDRESS


 Your IP (InternetProtocol) address is your unique ID on the internet. It's synonymous with your home address. Anyone in the worldcan contact your computer through its IP address, and send a retrieve information withit.I'm sure at one time or another you've heard that hackers can hack your computer via your IP address. This is one of the reasons proxies and anonymityservices exist, to protect people from learning your IP address.
So how are hackers using just an address to get into your computer and make your life hell?
Open ports. Your computer runs serviceslike media sharing on what are calledports. A portis just an opening that a service uses as a communications endpoint. There are 65,535 total allocated ports inTCP/UDP. To exploit a service on a port, a hacker wouldbanner grabfor. the software and version. After they learn that information, they would search sites likePacket Stormfor known exploits to run against the service.
Today'sNull Byteis going to demonstratea simple "port scan" on local computer using Nmap, and teach how ahacker would exploit these services, as well as how to guard ourselves against it. This willbe done under Linux, but Nmap is available for all platforms. If you can't figure out how toinstall it in Windows with the GUI installer (yeah, right), follow along usingCygwin.
Step:-1 Download & Install Nmap
Bold words are commands that must be entered in a terminal emulator.First, we must download Nmap, which is going to be our tool that we use for port scanning and information gathering.
http://nmap.org/­dist/­nmap-5.51.tar.bz2

Step:-2 Scan for a Target
Let's scan a local computer. I'm going touse a website as an example, rather thana local computer. This is because my firewall is absolutely crazy, and filters outscans. Don't scan a remote computer with the intentions of doing bad deeds. This is for educational purposes onlyOut of the returned list of targets, pick one that you would like to scan for services. Let's do a full scan of all the TCP/UDP ports.

Step:-3 Scan Your Individual Target

 As you can see, this target has MANY open ports. SSH piques my interest, so let's move on to banner grabbing to learn the software version or our choice of service.
Step:-4 Banner Grabbing
For this, you can use the regular ol'telnetclient. Telnet comes with Windows and most Linux distros.

 From this, I would learn which softwareversion the service is running,then see if I can find a way to exploit it.
Tags:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Featured post

How to password cracking ?

 Password Cracking BAKDOOR is method to loging computer without using password. Step:-1- My computer Step:-2- C  Drive Step:-3-...

Bottom Ad [Post Page]

Created By technicalknowledge