Hacking a Terror Network

Discussion in 'Computer Security' started by Fergal1982, Dec 6, 2005.

  1. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    Just started reading this book by Russ Rogers, and man is some of it worrying.

    Its a book on security, written as fiction-cum-tutorial, about an islamic terrorist planning out an attack using the internet, etc.

    One of the early things it does, is run a port scan of an address, so i grabbed a copy of the program used, picked up my internet address from shields up on www.grc.com, and scanned it. I immediately (within about 30 seconds) had my results, showing this:
    Code:
    21/tcp open  ftp
    23/tcp open  telnet
    80/tcp open  http
    (it also pulled up the MAC address - although it didnt turn it up on another persons address)

    so i firstly telnetted to the address, entered the most obvious username and password. straight in :eek:. made me change the password straight away. i then ftp'ed in, and managed to wander around quite happily through the routers files, even found one call pwd which i assume contained an encrypted form of the password (admittedly not too bad since you had to be in to get to it).

    all very scary!

    will post more on the book once ive finished it

    Fergal
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  2. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    Did the Shields Up sites own port scan show the same open ports?

    Why does your router have these open, are you running a web or FTP server internally?

    If not then they should be closed.

    A decent firewall would stealth all ports whether they were available or not.
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  3. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,624
    117
    224
    I take it this was your router?

    The router should not have these open from the point of view of the 'net. They might be open from your side.

    The shields-up site will tell you if they are open from the 'net side.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  4. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    hmmmm. actually i did a shields up scan a while back, dont recall them being open. still, a little scary. i scanned someone elses system who was completely separate to my system (hes in australia i believe). Found 3 services open on his, http, smtp, and msvr??? nothing i could use to exploit if i so desired (although im sure there are people who could).

    Certainly makes me want to read the rest of the book though.
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.