Hello! I don´t want to break into other computers, but I´m curious:
I have 2 computers connected as a lan in my house, so I did some port scans and found some open ports. What would be the next step to use these open ports?
Thanks,
Masterplan
What to do with open ports?
-
masterplan
- Newbie
- Posts: 5
- Joined: 06 May 2005, 16:00
- 18
- Location: Austria
-
bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
Well, a open port don´t mean automatically that the system is vulnerable, if you were an attacker you would have to gather more information:
- what OS is running on the target system? (done with fingerprinting tools)
- which service is behind the open port/opened it? (I will add a port-list to the dl-section soon)
- is the service vulnerable? (check sites like packetstormsecurity for example)
And even if you found an vulnerable service behind that opened port + the exploit, it would depend on the exploit what you can do next, it starts from simply crashing the system and ends at spawning a shell which enables you to take-over the whole system.
- what OS is running on the target system? (done with fingerprinting tools)
- which service is behind the open port/opened it? (I will add a port-list to the dl-section soon)
- is the service vulnerable? (check sites like packetstormsecurity for example)
And even if you found an vulnerable service behind that opened port + the exploit, it would depend on the exploit what you can do next, it starts from simply crashing the system and ends at spawning a shell which enables you to take-over the whole system.
Also, if you want to close ports on your own system, a firewall can take care of that...
A few suggested:
Kerio Personal Firewall
Macafee
Firewalls can close ports or stop malicious traffic, but there's always a chance it could interfere with items you're running on that port.
In this case, I would focus more on the antivirus protection.
again, I would suggest Macafree, XoftSpy, and Spybot Search and Destroy.
There is a thread on this here:
http://suck-o.com/modules.php?name=Foru ... wtopic&t=3
Hope that helps, if you have anymore questions feel free to ask.
P.s. On a side note, I would like to one day set up a computer to test the effectiveness of the many different firewalls, until then..I can only talk about how I plan to do it 
A few suggested:
Kerio Personal Firewall
Macafee
Firewalls can close ports or stop malicious traffic, but there's always a chance it could interfere with items you're running on that port.
In this case, I would focus more on the antivirus protection.
again, I would suggest Macafree, XoftSpy, and Spybot Search and Destroy.
There is a thread on this here:
http://suck-o.com/modules.php?name=Foru ... wtopic&t=3
Hope that helps, if you have anymore questions feel free to ask.
P.s. On a side note, I would like to one day set up a computer to test the effectiveness of the many different firewalls, until then..I can only talk about how I plan to do it
-
masterplan
- Newbie
- Posts: 5
- Joined: 06 May 2005, 16:00
- 18
- Location: Austria
-
bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
Well, which ports you can close/services you can end depends on which services you need. You can´t close them all without losing the ability to connect to a network like the internet.
But port 1900 can be closed (if you don´t have some online-fridge or stuff like that
), you just have to disable the SSDP-service in start>run>msconfig, it´ll close port 5000 too. You can do the same with the NTP-service (port123) which compares your system-time with the internet-time.
Port 1024/1025 are unevitable for internet connectivity as far I know...
Ahm,it´s all in context to XP, if you´re using another OS post...
But port 1900 can be closed (if you don´t have some online-fridge or stuff like that
), you just have to disable the SSDP-service in start>run>msconfig, it´ll close port 5000 too. You can do the same with the NTP-service (port123) which compares your system-time with the internet-time.Port 1024/1025 are unevitable for internet connectivity as far I know...
Ahm,it´s all in context to XP, if you´re using another OS post...
-
capt_nemo777
- forum buddy
- Posts: 23
- Joined: 03 Jul 2005, 16:00
- 18
- Contact:
-
bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
Nope, you need to use the suitable compiler for the language in which the exploit is written, look here:is the edit section in the dos prompt capable of compiling such exploits in order to use them?..
http://www.bloodshed.net/compilers/index.html
Help pls!
ive always been curious as to hacking and cracking but no nothing about it and so i would like to take it a whole new level, i would like to no how to get a password for an msn account for example is there any way i could do this simply and easily or is it more complicated. it'd be great if sum1 could help me out, cheers
soul
soul
-
bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
Pretty off-topic, please start a new thread next time, Soul...
I´ll not give you a step-by-step guide how to hack accounts, but here´s something to google: brute forcing, faked login screens, social engineering...
Hacking is about learning, so I have to tell you it´ll be not easy at all if you don´t have some background knowledge yet. But if you´re willing to learn (and not just acting so because you want to look into your ex-gf´s emails or buddy-list... ) then it can be real fun too.
If you´re really interested it´s inevitable that you know at least one programming language, Java is real good for example (well,ask a c++ coder and he´ll tell you c++ is the best, it´s just because I code in Java..hehe). But HTML is a good start too, it´s real easy to learn and you have fun because you see how your skills improve real fast.
You have to know some basics about protocols too imo.
But hey, hacking is a wide field, and it depends on your interests in the first place.
I´ll not give you a step-by-step guide how to hack accounts, but here´s something to google: brute forcing, faked login screens, social engineering...
Hacking is about learning, so I have to tell you it´ll be not easy at all if you don´t have some background knowledge yet. But if you´re willing to learn (and not just acting so because you want to look into your ex-gf´s emails or buddy-list...
) then it can be real fun too. If you´re really interested it´s inevitable that you know at least one programming language, Java is real good for example (well,ask a c++ coder and he´ll tell you c++ is the best, it´s just because I code in Java..hehe). But HTML is a good start too, it´s real easy to learn and you have fun because you see how your skills improve real fast.
You have to know some basics about protocols too imo.
But hey, hacking is a wide field, and it depends on your interests in the first place.