Hacking For Beginners – Manthan Desai

2010

There are two very popular methods for acquiring and distributing Linux: FTP and CD-ROM. Most of the major Linuxdistributions (Red Hat, Debian, Slackware, Caldera) are available for free download from several popular sites. Thoughtime consuming, it does not cost anything beyond connection charges.

Linux is one of the more stable operating systems available today. This is due in large part to the fact that Linux waswritten by programmers who were writing for other programmers and not for the corporate system. There are currentlytwo mature program packaging standards in the Linux world - SuSE and Mandrake. Debian and Red Hat each have theirown packaging systems; both will check dependencies, both can upgrade an entire running system without a reboot. Thismakes it easy to upgrade parts or all of a system, as well as add new software, or remove unwanted software.

Scanning Networks



Once the IP address of a target system is known, an attacker can begin the process of port scanning, looking forholes in the system through which the attacker can gain access.A typical system has 2^16 -1 port numbers and one TCP port and one UDP port for eachEach one of these ports are a potential way into the system.The most popular Scanning tool for Linux is Nmap.

Scanning helps one to know what services are running on a machine. This will show the open ports on which services arelistening for connections. Once the targets are identified, an intruder is able to scan for listening ports.

Port scanning is the process of connecting to TCP and UDP ports on the system to determine what services arerunning or in a listening state. Identifying listening ports is essential to determine the type of operating system andapplication in use on the system.

Types of port scanning:

1. TCP connect scan: This type of scan connects to the target port and completes a full three-way handshake (SYN,SYN/ACK and ACK).2. TCP SYN scan: This is also called half-open scanning because it does not complete the three-way handshake,rather a SYN packet is sent and receiving a SYN/ACK packet it is determined that the target machines port isin a listening state and if an RST/ACK packet is received , it indicates that the port is not listening.3. TCP FIN scan: This technique packet to the target port and based on RFC 793 the target system shouldsend back an RST for all closed ports.4. TCP Xmas Tree scan: This technique sends a FIN, URG and PUSH packet to the target port and based on RFC 793the target system should send back an RST for all closed ports.5. TCP Null scan: This technique turns off all flags and based on RFC 793, the target system should send back an RSTfor all closed ports.6. TCP ACK scan: This technique is used to map out firewall rule sets. It can help determine if the firewall is a simplepacket filter allowing only established connections or a stateful firewall performing advance packet filtering.7. TCP Windows scan: This type of scan can detect both filtered and non-filtered ports on some systems due toanomaly in the way TCP windows size is reported.8. TCP RPC scan: This technique is specific to UNIX systems and is used to detect and identify Remote Procedure Call(RPC) ports and their associated program and version number.9. UDP scan: This technique sends a UDP packet to the target port. If the target ports responds with an "ICMP portunreachable" message, the port is closed, if not then the port is open. This is a slow process since UDP is aconnectionless protocol; the accuracy of this technique is dependent on many factors related to utilization ofnetwork and system resources.

www.hackingtech.co.tv

Page 86