1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Need help hacking for school project

Discussion in 'Ethical hacking' started by silent_rifle, Mar 21, 2008.

  1. silent_rifle

    silent_rifle New Member

    Joined:
    Mar 21, 2008
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    I am given a scenario of how a intruder exposed the open ports and entered the computer, but i am just a bit lost on how he did that, in the description, we are told he is using Nmap. I am not to familiar with Nmap, so wondering if anyone could help. As well how could i defend agaist this next time.

    This is the Sceneario

    "Professional penetration tests follow a set methodology, which is developed be*fore the actual operation commences. Most of these methodologies break down into a technique/tool pairing. Dave’s personal methodology was an amalgam of those from previous employers and techniques picked up from trial-and-error practices attempted at client locations. For the most part, his tools were constructed from scratch using open-source tools such as libpcap, libnet, libdnet, and libnids. Some of the tools he used were just not worth building on his own, namely traceroute, nmap, and the standard exploits.

    Since Jerald was neither a paying customer nor an experienced administrator, Dave decided to scrap his network topology discovery process and skip right to the host application discovery phase. This basically involved scanning a host to find what TCP and UDP services are bound to sockets and accepting connec*tions, and determining the version of each operating application. Additionally, it is important to determine the operating system, the kernel version number, and the processor architecture of the target system. Most of this can be done through the nmap tool."
     
  2. syrushcw

    syrushcw New Member

    Joined:
    Apr 3, 2008
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    0
    nmap is a port scanner, it supports many diffrent ways of scanning the most popular way is the syn-scan which is pretty much a three way hand shake with out the third. So saying you are syn scanning a server with nmap u will go to the server on port 80 saying knock knock then you see if someone answers and you run away, sort of like ding dong ditch. Most firewalls detect these since they are the most popular attack. But like I said there are other scans Nmap does.
     
  3. SpOonWiZaRd

    SpOonWiZaRd Know what you can do.

    Joined:
    May 30, 2007
    Messages:
    747
    Likes Received:
    8
    Trophy Points:
    0
    Occupation:
    Network Engineer/Programmer
    Location:
    South Africa
    To defend those kind of attacks you can use Honeybot or a similar tool that notifies you when a intruder scans the ports of your computers and from what IP he did that. A port scan will alert me immediately so that I can keep an eye out for active connections using netstat or mmc.
     

Share This Page