Hack 1
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Hack 1 as PDF for free.
More details
- Words: 2,889
- Pages: 10
dial up hacking by humayun khan dial up hacking starts with a range on numbers to use with a wardialer. for phones numbers you might look into getting some cd-roms of local phone books. this can be a very time consuming process because you would want to dial all numbers within your area code and maybe some different exchanges. like if your area code was 555 and the exchange was 333 then you would dial all numbers within the 555-333-xxxx range to look for interesting things. you want the numbers that are connected to a modem that have carriers. toneloc is good for this. toneloc can create a found.log file that captures all of the found carriers during a scan. at the conclusion of the scan, the log is reviewed and the phone numbers are individually dialed with a computer. the user then attempts to identify the systems, and, depending on the goals of the wardial, attempts system access. many wardialing tools, depending on the modem used by the host, can also detect fax machines, private branch exchange (pbx) access points, and human voice. for more info on wardialing and where you can get them go here. port scanning: by dobromir montauk . portscanning is the act of probing a computer on a network for open ports. a useful tool for network administrators, portscanning can also search a computer for its vulnerabilities. often it is compared to 'casing' a building for burglary, which is why it is considered intrusive by many computer users. ports are used in network communications to help sort traffic coming and going from one computer to another. computers communicate over a network like ships carrying goods. the ships need to know what city they're going to, and once they get to that city, they also need to know what dock to go to. similarly, computers sending data need to know what computer to send the data to, as well as what port on that computer the data should be metaphorically 'unloaded' on. different programs can open ports, allowing them access to data coming into their ports. certain programs open ports only for sending data, some only for getting data, but most programs that communicate with the internet open ports for both directions. programs such as aol instant messenger, morpheus, other file-sharing programs, and web servers all permanently open ports for communication. this is necessary so other computers can connect and send messages, or share files. naturally, there exist ways of scanning a computer for open ports. this can allow the scanner to detect which programs are running on a particular computer (they will not be able to detect all programs, but they may be able to detect some or even most of them). since many programs that sit on open ports can be hacked, and thus give an intruder access to the entire computer, this information is very important to hackers or crackers. portscanning is almost always the first tool in every intruder's arsenal. thus, system administrators and computer users often find portscanning very intrusive. they don't know why they're being scanned, and so they usually expect the worst. they often get angry and defensive if the same computer repeatedly scans them. for more in depth details and different types of scans check this out . netstat: netstat was developed with open, co-operative computing in mind, but with the rise of security awareness more systems administrators are choosing to turn services like netstat off by commenting out the line in/etc/services or equivalent. the netstat service can tell what computers are on the network. it also lists services that are running on the computers allowing a cracker to explore and attempt to take over those services by researching old techniques.
________________________________________________________________
netstat made easy by ankit fadia [email protected] ________________________________________________________________ a lot of times, i hear people asking questions like, how to find out the ip of a friend? or how to find out your own ip? how do i know, which ports are open on my system? how do i make sure whether my system is infected with a trojan or not? well, for all above questions (and more) there is one simple answer: the netstat command. microsoft has this weird tendency of hiding or making sure that such �useful� utilities are not easily accessible to the users. however, they fail to understand that putting a utility in the windows directory and not listing it anywhere does not make it hidden. the �netstat� command is accessible through the command line prompt. simply launch msdos and: c:\cd windows c:\windows> note: normally, well, almost always, dos opens by default in the windows directory, however, for those of you whose default dos directory is not windows, the above would prove helpful. anyway, before we move on, we need to understand what exactly the netstat command is used for. this command is by default used to get information on the open connections on your system (ports, protocols being used etc), incoming and outgoing data and also the ports of remote systems to which we are connected. �netstat� gets all this networking information by reading the kernel routing tables in the memory. according to the rfc on internet tool catalog, �netstat� is defined as: �netstat is a program that accesses network related data structures within the kernel, then provides an ascii format at the terminal. netstat can provide reports on the routing table, tcp connections, tcp and udp "listens", and protocol memory management.� anyway, now that we know what netstat is all about, we are in a position to start using it. once, you have launched msdos, you can read the msdos help on netstat by giving the following command:
c:\windows>netstat /? displays protocol statistics and current tcp/ip network connections. netstat [-a] [-e] [-n] [-s] [-p proto] [-r] [interval] -a displays all connections and listening ports. (server-side connections are normally not shown). -e the -s
displays ethernet statistics.
this may be combined with
option.
-n
displays addresses and port numbers in numerical form.
-p proto shows connections for the protocol specified by proto; proto may be tcp or udp. if used with the-soption to display per-protocol statistics, proto may be tcp, udp, or ip. -r
displays the contents of the routing table.
-s displays per-protocol statistics. shown for tcp, udp and ip; the
by default, statistics are
-p
option may be used to specify a subset of the default. interval redisplays selected statistics, pausing interval seconds between each display. press ctrl+c to stop redisplaying statistics. if omitted, netstat will print the current configuration information once.
however, like always, the help provided by msdos, can be used only as a reference, it is not at all sufficient for a complete newbie. so, let us try out each command and see the result and also understand what exactly happens when we execute it and what all the results displayed mean. firstly, we will start with the netstat command with the �a argument. now, the ��a� option is used to display all open connections on the local machine. it also returns the remote system to which we are connected to, the port numbers of the remote system we are connected to (and the local machine) and also the type and state of connection we have with the remote system. for example, c:\windows>netstat -a
active connections proto
local address
foreign address
tcp
ankit:1031
dwarf.box.sk:ftp
tcp
ankit:1036
dwarf.box.sk:ftp-data
tcp
ankit:1043
banners.egroups.com:80
tcp
ankit:1045
mail2.mtnl.net.in:pop3
tcp
ankit:1052
zztop.boxnetwork.net:80
tcp
ankit:1053
mail2.mtnl.net.in:pop3
udp
ankit:1025
*:*
udp
ankit:nbdatagram
*:*
state established time_wait fin_wait_2 time_wait established time_wait
now, let us take a single line from the above output and see what it stands for: proto tcp
local address
foreign address
ankit:1031
dwarf.box.sk:ftp
state established
now, the above can be arranged as below: protocol: tcp (this can be transmission control protocol or tcp, user datagram protocol or udp or sometimes even, ip or internet protocol.) local system name: ankit (this is the name of the local system that you set during the windows setup.) local port opened and being used by this connection: 1031 remote system: dwarf.box.sk (this is the non-numerical form of the system to which we are connected.) remote port: ftp (this is the port number of the remote system dwarf.box.sk to which we are connected.) state of connection: established �netstat� with the ��a� argument is normally used, to get a list of open ports on your own system i.e. on the local system. this can be particularly useful to check and see whether your system has a trojan installed or not. yes, most good
antiviral software are able to detect the presence of trojans, but, we are hackers, and need to software to tell us, whether we are infected or not. besides, it is more fun to do something manually than to simply click on the �scan� button and let some software do it.
the following is a list of trojans and the port numbers which they use, if you netstat yourself and find any of the following open, then you can be pretty sure, that you are infected. port 12345(tcp) port 31337(udp)
netbus back orifice
for complete list, refer to the tutorial on trojans at: hackingtruths.box.sk/manuals.htm *********************** hacking truth: some of you might me wondering, as to what the high port numbers after the local machine�s name stand for? eg. ankit:1052 port numbers upto 1024 normally have a specific kind of service running on it. infact there is a complete rfc on assigned port numbers- rfc 1700. however, port numbers over 1024 are used by your system to connect to remote computers. for example, say your browser wants to establish a connection with http://www.hotmail.com/, then what it will do is, it will take up a random port number above 1024, open it and use it to communicate with the hotmail server. *********************** ok, now let us move on further, to a variant of the above command, the netstat �n the the the the
netstat �n command is basically the numerical form of the netstat �a command. main and probably the only difference between the two is that the former shows addresses of the local and remote systems in numerical form (hence �n) while latter shows the addresses in non-numerical form.
let us see an example to understand better: c:\>netstat -n active connections
proto
local address
foreign address
state
tcp
203.xx.251.161:1031
194.1.129.227:21
established
tcp
203.xx.251.161:1043
207.138.41.181:80
fin_wait_2
tcp
203.xx.251.161:1053
203.94.243.71:110
time_wait
tcp
203.xx.251.161:1058
194.1.129.227:20
time_wait
tcp
203.xx.251.161:1069
203.94.243.71:110
time_wait
tcp
203.xx.251.161:1071
194.98.93.244:80
established
tcp
203.xx.251.161:1078
203.94.243.71:110
time_wait
although this too gives us similar results, but there are some differences, mainly-: instead of the name of the local machine, the actual ip address of the local machine is shown. i am not sure, about this, but after testing repeatedly, netstat �n seems to not return information on non-tcp connections. so, it does not seem to consider udp. if you read the alt.2600 newsgroup regularly or any other newsgroup for that, they you would probably have seems atleast 2-3 daily posting whose body read: how do i find out my own ip? well, this option of netstat is most commonly used to do just that, find out your own ip. also, some people somehow seem to feel more comfortable with numbers, than with understandable hostnames. this form of netstat does make life easier for us, as the port numbers are displayed, which makes relating to everything easier. getting the ip of a person is all, that one needs to be able to damage his system. so, basically hiding your ip from hackers and getting the ip of the victim is some of the most important things that people are concerned with. using ip hiding facilities has become increasingly popular. however, are these so called ip hiding totally anonymous services or software truly and perfectly anonymous? there is only one answer: they are nowhere near totally anonymous. consider the following example, to understand how lame some of such utilities are. i seek you or icq is one of the most popular chatting software around. with it not only comes easy pastime, but also security concerns. icq has an inbuilt ip address hider, which when enabled is supposedly able to hide your ip from the users you are chatting with. however, like most ip hiding software, this too is nowhere near good. you can find out the ip address of any icq user, even if ip hiding has been enabled, by following the below process. 1.) launch msdos and type netstat �n to get a list of already open ports and the ip�s of the machines with which a connection has been established. note down
this list somewhere. 2.)
now, launch icq and send a message to the victim.
3.) while you are still chatting, go back to dos and again give the netstat �n command. you will find that a new ip signifying a new connection. this would be the ip address of the victim. get it? till now, both with the �-a� returned or displayed on the that connections of tcp, udp only those connections which argument.
and �-n� argument, we saw that the connections screen, were not of a particular protocol. this means or even ip were shown. however, say you want to see belong to udp, then you make use of the �-p�
the general format of the netstat command with the �-p� argument is as followed: netstat �p xxx where xxx can be either udp or tcp. the usage of this argument will become clearer with the following example, which demonstrates how to view only tcp connections. c:\>netstat -p tcp active connections proto
local address
foreign address
state
tcp
ankit:1031
dwarf.box.sk:ftp
established
tcp
ankit:1043
banners.egroups.com:80
fin_wait_2
tcp
ankit:1069
mail2.mtnl.net.in:pop3
time_wait
tcp
ankit:1078
mail2.mtnl.net.in:pop3
time_wait
tcp
ankit:1080
mail2.mtnl.net.in:pop3
time_wait
tcp
ankit:1081
www.burstnet.com:80
tcp
ankit:1083
zztop.boxnetwork.net:80
fin_wait_2 time_wait
this is basically nothing but a variation of the �-a� and �-n� commands. anyway, so let us move on to the arguments associated with �netstat�. now, we come to the �-e� option of �netstat�. let us set what dos returns, when this command is given:
c:\>netstat -e interface statistics received
sent
135121
123418
bytes unicast packets
419
non-unicast packets
476
40
discards
40 0
0
errors
0
unknown protocols
0
0
well, sometimes the number of data packets sent and received is not shown properly by some faulty or un-compatible modems. during, such cases, this command comes handy. the output returned by it, is quite obvious. also, it can be used to check for faulty downloads, or errors, which might have occurred during the tcp/ip, transfer process. with this we come to the last argument associated with netstat, the �-r� argument. this is not commonly used, and is a bit difficult to understand. i will simply give you an example of it in this manual. a proper and detailed description would be provided in another manual. hacking using routing tables is considered to be very elite and not many people are comfortable using it. however, like all things associated with computers, it is not as difficult as it is projected to be.
c:\windows>netstat -r route table active routes: network address interface metric
netmask
0.0.0.0
0.0.0.0
gateway address
203.94.251.161
203.94.251.161
1 127.0.0.0 127.0.0.1 1 203.94.251.0 203.94.251.161 203.94.251.161
255.0.0.0
127.0.0.1 255.255.255.0
203.94.251.161
1 255.255.255.255
127.0.0.1
127.0.0.1
1
203.94.251.255 203.94.251.161 224.0.0.0 203.94.251.161 255.255.255.255 203.94.251.161
255.255.255.255
224.0.0.0 &sitepics/hackingpicsnbsp; 203.94.251.161 255.255.255.255
203.94.251.161
netmask
gateway address 0.0.0.0
1
127.0.0.0 127.0.0.1
203.94.251.161
255.0.0.0 1
203.94.251.0 203.94.251.161
1
203.94.251.161 127.0.0.1 203.94.251.255 203.94.251.161
1
1
network address interface metric 0.0.0.0 203.94.251.161
203.94.251.161
1
255.255.255.0 255.255.255.255 1
203.94.251.161 127.0.0.1
255.255.255.255
1
224.0.0.0 203.94.251.161 255.255.255.255 203.94.251.161
127.0.0.1
203.94.251.161
224.0.0.0 203.94.251.161 1
1
255.255.255.255
203.94.251.161
active connections proto
local address
foreign address
state
tcp
ankit:1031
dwarf.box.sk:ftp
established
tcp
ankit:1043
banners.egroups.com:80
tcp
ankit:1081
www.burstnet.com:80
tcp
ankit:1093
zztop.boxnetwork.net:80
time_wait
tcp
ankit:1094
zztop.boxnetwork.net:80
time_wait
tcp
ankit:1095
mail2.mtnl.net.in:pop3
tcp
ankit:1096
zztop.boxnetwork.net:80
fin_wait_2 fin_wait_2
time_wait time_wait
tcp
ankit:1097
zztop.boxnetwork.net:80
tcp
ankit:1098
colo88.acedsl.com:80
tcp
ankit:1099
mail2.mtnl.net.in:pop3
time_wait established time_wait
well, i hope you liked this manual. even if not, then you better do. ; ) bye. humayun khan [email protected] (i answer all my mails, however, not promptly.) telnet: for dial-up hacking check out telenet by l.o.d. the telnet protocol has been implemented on a variety of systems. each is different, so specific commands depend on your version. however, all versions function similarly, so there are a few general guidelines to follow. the one common element across the disparate environments of the internet is the tcp/ip software protocol suite, the basis of communications. telnet, the terminal-handler portion of the tcp/ip protocol suite, is the cornerstone of this striking communications technology. telnet handles the remote login to another internet host, so it is useful to know something about the way it works. telnet operates in a client/server environment in which one host (the computer you are using, running client (user) telnet) negotiates opening a session on another computer (the remote host, running server telnet). during the behind-the-scenes negotiation process, the two computers agree on the parameters governing the session. one of the first things they settle is the terminal type to be used -- in general, a line-by-line network virtual terminal, for simplicity's sake. virtual terminal, in this context, refers to a set of terminal characteristics and sequences that both sides of a network connection agree to use to transmit data from terminals across the network, regardless of the terminal used.
________________________________________________________________
netstat made easy by ankit fadia [email protected] ________________________________________________________________ a lot of times, i hear people asking questions like, how to find out the ip of a friend? or how to find out your own ip? how do i know, which ports are open on my system? how do i make sure whether my system is infected with a trojan or not? well, for all above questions (and more) there is one simple answer: the netstat command. microsoft has this weird tendency of hiding or making sure that such �useful� utilities are not easily accessible to the users. however, they fail to understand that putting a utility in the windows directory and not listing it anywhere does not make it hidden. the �netstat� command is accessible through the command line prompt. simply launch msdos and: c:\cd windows c:\windows> note: normally, well, almost always, dos opens by default in the windows directory, however, for those of you whose default dos directory is not windows, the above would prove helpful. anyway, before we move on, we need to understand what exactly the netstat command is used for. this command is by default used to get information on the open connections on your system (ports, protocols being used etc), incoming and outgoing data and also the ports of remote systems to which we are connected. �netstat� gets all this networking information by reading the kernel routing tables in the memory. according to the rfc on internet tool catalog, �netstat� is defined as: �netstat is a program that accesses network related data structures within the kernel, then provides an ascii format at the terminal. netstat can provide reports on the routing table, tcp connections, tcp and udp "listens", and protocol memory management.� anyway, now that we know what netstat is all about, we are in a position to start using it. once, you have launched msdos, you can read the msdos help on netstat by giving the following command:
c:\windows>netstat /? displays protocol statistics and current tcp/ip network connections. netstat [-a] [-e] [-n] [-s] [-p proto] [-r] [interval] -a displays all connections and listening ports. (server-side connections are normally not shown). -e the -s
displays ethernet statistics.
this may be combined with
option.
-n
displays addresses and port numbers in numerical form.
-p proto shows connections for the protocol specified by proto; proto may be tcp or udp. if used with the-soption to display per-protocol statistics, proto may be tcp, udp, or ip. -r
displays the contents of the routing table.
-s displays per-protocol statistics. shown for tcp, udp and ip; the
by default, statistics are
-p
option may be used to specify a subset of the default. interval redisplays selected statistics, pausing interval seconds between each display. press ctrl+c to stop redisplaying statistics. if omitted, netstat will print the current configuration information once.
however, like always, the help provided by msdos, can be used only as a reference, it is not at all sufficient for a complete newbie. so, let us try out each command and see the result and also understand what exactly happens when we execute it and what all the results displayed mean. firstly, we will start with the netstat command with the �a argument. now, the ��a� option is used to display all open connections on the local machine. it also returns the remote system to which we are connected to, the port numbers of the remote system we are connected to (and the local machine) and also the type and state of connection we have with the remote system. for example, c:\windows>netstat -a
active connections proto
local address
foreign address
tcp
ankit:1031
dwarf.box.sk:ftp
tcp
ankit:1036
dwarf.box.sk:ftp-data
tcp
ankit:1043
banners.egroups.com:80
tcp
ankit:1045
mail2.mtnl.net.in:pop3
tcp
ankit:1052
zztop.boxnetwork.net:80
tcp
ankit:1053
mail2.mtnl.net.in:pop3
udp
ankit:1025
*:*
udp
ankit:nbdatagram
*:*
state established time_wait fin_wait_2 time_wait established time_wait
now, let us take a single line from the above output and see what it stands for: proto tcp
local address
foreign address
ankit:1031
dwarf.box.sk:ftp
state established
now, the above can be arranged as below: protocol: tcp (this can be transmission control protocol or tcp, user datagram protocol or udp or sometimes even, ip or internet protocol.) local system name: ankit (this is the name of the local system that you set during the windows setup.) local port opened and being used by this connection: 1031 remote system: dwarf.box.sk (this is the non-numerical form of the system to which we are connected.) remote port: ftp (this is the port number of the remote system dwarf.box.sk to which we are connected.) state of connection: established �netstat� with the ��a� argument is normally used, to get a list of open ports on your own system i.e. on the local system. this can be particularly useful to check and see whether your system has a trojan installed or not. yes, most good
antiviral software are able to detect the presence of trojans, but, we are hackers, and need to software to tell us, whether we are infected or not. besides, it is more fun to do something manually than to simply click on the �scan� button and let some software do it.
the following is a list of trojans and the port numbers which they use, if you netstat yourself and find any of the following open, then you can be pretty sure, that you are infected. port 12345(tcp) port 31337(udp)
netbus back orifice
for complete list, refer to the tutorial on trojans at: hackingtruths.box.sk/manuals.htm *********************** hacking truth: some of you might me wondering, as to what the high port numbers after the local machine�s name stand for? eg. ankit:1052 port numbers upto 1024 normally have a specific kind of service running on it. infact there is a complete rfc on assigned port numbers- rfc 1700. however, port numbers over 1024 are used by your system to connect to remote computers. for example, say your browser wants to establish a connection with http://www.hotmail.com/, then what it will do is, it will take up a random port number above 1024, open it and use it to communicate with the hotmail server. *********************** ok, now let us move on further, to a variant of the above command, the netstat �n the the the the
netstat �n command is basically the numerical form of the netstat �a command. main and probably the only difference between the two is that the former shows addresses of the local and remote systems in numerical form (hence �n) while latter shows the addresses in non-numerical form.
let us see an example to understand better: c:\>netstat -n active connections
proto
local address
foreign address
state
tcp
203.xx.251.161:1031
194.1.129.227:21
established
tcp
203.xx.251.161:1043
207.138.41.181:80
fin_wait_2
tcp
203.xx.251.161:1053
203.94.243.71:110
time_wait
tcp
203.xx.251.161:1058
194.1.129.227:20
time_wait
tcp
203.xx.251.161:1069
203.94.243.71:110
time_wait
tcp
203.xx.251.161:1071
194.98.93.244:80
established
tcp
203.xx.251.161:1078
203.94.243.71:110
time_wait
although this too gives us similar results, but there are some differences, mainly-: instead of the name of the local machine, the actual ip address of the local machine is shown. i am not sure, about this, but after testing repeatedly, netstat �n seems to not return information on non-tcp connections. so, it does not seem to consider udp. if you read the alt.2600 newsgroup regularly or any other newsgroup for that, they you would probably have seems atleast 2-3 daily posting whose body read: how do i find out my own ip? well, this option of netstat is most commonly used to do just that, find out your own ip. also, some people somehow seem to feel more comfortable with numbers, than with understandable hostnames. this form of netstat does make life easier for us, as the port numbers are displayed, which makes relating to everything easier. getting the ip of a person is all, that one needs to be able to damage his system. so, basically hiding your ip from hackers and getting the ip of the victim is some of the most important things that people are concerned with. using ip hiding facilities has become increasingly popular. however, are these so called ip hiding totally anonymous services or software truly and perfectly anonymous? there is only one answer: they are nowhere near totally anonymous. consider the following example, to understand how lame some of such utilities are. i seek you or icq is one of the most popular chatting software around. with it not only comes easy pastime, but also security concerns. icq has an inbuilt ip address hider, which when enabled is supposedly able to hide your ip from the users you are chatting with. however, like most ip hiding software, this too is nowhere near good. you can find out the ip address of any icq user, even if ip hiding has been enabled, by following the below process. 1.) launch msdos and type netstat �n to get a list of already open ports and the ip�s of the machines with which a connection has been established. note down
this list somewhere. 2.)
now, launch icq and send a message to the victim.
3.) while you are still chatting, go back to dos and again give the netstat �n command. you will find that a new ip signifying a new connection. this would be the ip address of the victim. get it? till now, both with the �-a� returned or displayed on the that connections of tcp, udp only those connections which argument.
and �-n� argument, we saw that the connections screen, were not of a particular protocol. this means or even ip were shown. however, say you want to see belong to udp, then you make use of the �-p�
the general format of the netstat command with the �-p� argument is as followed: netstat �p xxx where xxx can be either udp or tcp. the usage of this argument will become clearer with the following example, which demonstrates how to view only tcp connections. c:\>netstat -p tcp active connections proto
local address
foreign address
state
tcp
ankit:1031
dwarf.box.sk:ftp
established
tcp
ankit:1043
banners.egroups.com:80
fin_wait_2
tcp
ankit:1069
mail2.mtnl.net.in:pop3
time_wait
tcp
ankit:1078
mail2.mtnl.net.in:pop3
time_wait
tcp
ankit:1080
mail2.mtnl.net.in:pop3
time_wait
tcp
ankit:1081
www.burstnet.com:80
tcp
ankit:1083
zztop.boxnetwork.net:80
fin_wait_2 time_wait
this is basically nothing but a variation of the �-a� and �-n� commands. anyway, so let us move on to the arguments associated with �netstat�. now, we come to the �-e� option of �netstat�. let us set what dos returns, when this command is given:
c:\>netstat -e interface statistics received
sent
135121
123418
bytes unicast packets
419
non-unicast packets
476
40
discards
40 0
0
errors
0
unknown protocols
0
0
well, sometimes the number of data packets sent and received is not shown properly by some faulty or un-compatible modems. during, such cases, this command comes handy. the output returned by it, is quite obvious. also, it can be used to check for faulty downloads, or errors, which might have occurred during the tcp/ip, transfer process. with this we come to the last argument associated with netstat, the �-r� argument. this is not commonly used, and is a bit difficult to understand. i will simply give you an example of it in this manual. a proper and detailed description would be provided in another manual. hacking using routing tables is considered to be very elite and not many people are comfortable using it. however, like all things associated with computers, it is not as difficult as it is projected to be.
c:\windows>netstat -r route table active routes: network address interface metric
netmask
0.0.0.0
0.0.0.0
gateway address
203.94.251.161
203.94.251.161
1 127.0.0.0 127.0.0.1 1 203.94.251.0 203.94.251.161 203.94.251.161
255.0.0.0
127.0.0.1 255.255.255.0
203.94.251.161
1 255.255.255.255
127.0.0.1
127.0.0.1
1
203.94.251.255 203.94.251.161 224.0.0.0 203.94.251.161 255.255.255.255 203.94.251.161
255.255.255.255
224.0.0.0 &sitepics/hackingpicsnbsp; 203.94.251.161 255.255.255.255
203.94.251.161
netmask
gateway address 0.0.0.0
1
127.0.0.0 127.0.0.1
203.94.251.161
255.0.0.0 1
203.94.251.0 203.94.251.161
1
203.94.251.161 127.0.0.1 203.94.251.255 203.94.251.161
1
1
network address interface metric 0.0.0.0 203.94.251.161
203.94.251.161
1
255.255.255.0 255.255.255.255 1
203.94.251.161 127.0.0.1
255.255.255.255
1
224.0.0.0 203.94.251.161 255.255.255.255 203.94.251.161
127.0.0.1
203.94.251.161
224.0.0.0 203.94.251.161 1
1
255.255.255.255
203.94.251.161
active connections proto
local address
foreign address
state
tcp
ankit:1031
dwarf.box.sk:ftp
established
tcp
ankit:1043
banners.egroups.com:80
tcp
ankit:1081
www.burstnet.com:80
tcp
ankit:1093
zztop.boxnetwork.net:80
time_wait
tcp
ankit:1094
zztop.boxnetwork.net:80
time_wait
tcp
ankit:1095
mail2.mtnl.net.in:pop3
tcp
ankit:1096
zztop.boxnetwork.net:80
fin_wait_2 fin_wait_2
time_wait time_wait
tcp
ankit:1097
zztop.boxnetwork.net:80
tcp
ankit:1098
colo88.acedsl.com:80
tcp
ankit:1099
mail2.mtnl.net.in:pop3
time_wait established time_wait
well, i hope you liked this manual. even if not, then you better do. ; ) bye. humayun khan [email protected] (i answer all my mails, however, not promptly.) telnet: for dial-up hacking check out telenet by l.o.d. the telnet protocol has been implemented on a variety of systems. each is different, so specific commands depend on your version. however, all versions function similarly, so there are a few general guidelines to follow. the one common element across the disparate environments of the internet is the tcp/ip software protocol suite, the basis of communications. telnet, the terminal-handler portion of the tcp/ip protocol suite, is the cornerstone of this striking communications technology. telnet handles the remote login to another internet host, so it is useful to know something about the way it works. telnet operates in a client/server environment in which one host (the computer you are using, running client (user) telnet) negotiates opening a session on another computer (the remote host, running server telnet). during the behind-the-scenes negotiation process, the two computers agree on the parameters governing the session. one of the first things they settle is the terminal type to be used -- in general, a line-by-line network virtual terminal, for simplicity's sake. virtual terminal, in this context, refers to a set of terminal characteristics and sequences that both sides of a network connection agree to use to transmit data from terminals across the network, regardless of the terminal used.
