What to do with open ports?

For beginners, flames not allowed...(just by the staff :P)
Post Reply
User avatar
masterplan
Newbie
Newbie
Posts: 5
Joined: 06 May 2005, 16:00
16
Location: Austria

What to do with open ports?

Post by masterplan »

Hello! I don´t want to break into other computers, but I´m curious:
I have 2 computers connected as a lan in my house, so I did some port scans and found some open ports. What would be the next step to use these open ports?
Thanks,
Masterplan

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11610
Joined: 06 Apr 2005, 16:00
16
Location: The zone.
Contact:

Post by bad_brain »

Well, a open port don´t mean automatically that the system is vulnerable, if you were an attacker you would have to gather more information:
- what OS is running on the target system? (done with fingerprinting tools)
- which service is behind the open port/opened it? (I will add a port-list to the dl-section soon)
- is the service vulnerable? (check sites like packetstormsecurity for example)

And even if you found an vulnerable service behind that opened port + the exploit, it would depend on the exploit what you can do next, it starts from simply crashing the system and ends at spawning a shell which enables you to take-over the whole system.
:wink:

Necrix
The Hacker Wolf
The Hacker Wolf
Posts: 746
Joined: 09 Apr 2005, 16:00
16
Location: United States
Contact:

Post by Necrix »

Also, if you want to close ports on your own system, a firewall can take care of that...

A few suggested:
Kerio Personal Firewall
Macafee

Firewalls can close ports or stop malicious traffic, but there's always a chance it could interfere with items you're running on that port.
In this case, I would focus more on the antivirus protection.
again, I would suggest Macafree, XoftSpy, and Spybot Search and Destroy.

There is a thread on this here:
http://suck-o.com/modules.php?name=Foru ... wtopic&t=3

Hope that helps, if you have anymore questions feel free to ask.

P.s. On a side note, I would like to one day set up a computer to test the effectiveness of the many different firewalls, until then..I can only talk about how I plan to do it ;) :P
Image
Anime-Planet.com - anime | manga | reviews

User avatar
masterplan
Newbie
Newbie
Posts: 5
Joined: 06 May 2005, 16:00
16
Location: Austria

Post by masterplan »

Thanks! I want to know too: Can I close ports onbly with a firewall? I have read about the port 445 on your news and changed the registry, it worked! So can I close the other ports too: 1900, 1025, 1024?
Thanks,
Masterplan

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11610
Joined: 06 Apr 2005, 16:00
16
Location: The zone.
Contact:

Post by bad_brain »

Well, which ports you can close/services you can end depends on which services you need. You can´t close them all without losing the ability to connect to a network like the internet.
But port 1900 can be closed (if you don´t have some online-fridge or stuff like that :lol: ), you just have to disable the SSDP-service in start>run>msconfig, it´ll close port 5000 too. You can do the same with the NTP-service (port123) which compares your system-time with the internet-time.
Port 1024/1025 are unevitable for internet connectivity as far I know... :wink:

Ahm,it´s all in context to XP, if you´re using another OS post...

User avatar
capt_nemo777
forum buddy
forum buddy
Posts: 23
Joined: 03 Jul 2005, 16:00
16
Contact:

Post by capt_nemo777 »

is the edit section in the dos prompt capable of compiling such exploits in order to use them?..

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11610
Joined: 06 Apr 2005, 16:00
16
Location: The zone.
Contact:

Post by bad_brain »

is the edit section in the dos prompt capable of compiling such exploits in order to use them?..
Nope, you need to use the suitable compiler for the language in which the exploit is written, look here:

http://www.bloodshed.net/compilers/index.html
:wink:

User avatar
Soul
Newbie
Newbie
Posts: 1
Joined: 04 Jul 2005, 16:00
16

Help pls!

Post by Soul »

ive always been curious as to hacking and cracking but no nothing about it and so i would like to take it a whole new level, i would like to no how to get a password for an msn account for example is there any way i could do this simply and easily or is it more complicated. it'd be great if sum1 could help me out, cheers
soul

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11610
Joined: 06 Apr 2005, 16:00
16
Location: The zone.
Contact:

Post by bad_brain »

Pretty off-topic, please start a new thread next time, Soul... :wink:

I´ll not give you a step-by-step guide how to hack accounts, but here´s something to google: brute forcing, faked login screens, social engineering...

Hacking is about learning, so I have to tell you it´ll be not easy at all if you don´t have some background knowledge yet. But if you´re willing to learn (and not just acting so because you want to look into your ex-gf´s emails or buddy-list... :wink: ) then it can be real fun too.
If you´re really interested it´s inevitable that you know at least one programming language, Java is real good for example (well,ask a c++ coder and he´ll tell you c++ is the best, it´s just because I code in Java..hehe). But HTML is a good start too, it´s real easy to learn and you have fun because you see how your skills improve real fast.
You have to know some basics about protocols too imo.
But hey, hacking is a wide field, and it depends on your interests in the first place.
:wink:

Post Reply