SYSTEM INTRUSION IN 15 SECONDS


System intrusion in 15 seconds, that’s right it can be done. Ifyou possess certain security flaws your system can be broken into in less that 15 seconds.To begin this chapter I’d like you to do the following. Connect to the Internet using your dial up account if you are on dial up. If you are on dedicated service like High Speed connections (ie,Cable and DSL) then just proceed with the steps below.Hacker

1. Start Run

2. Type winipcfg

3. Hit Enter

This should bring up a window that looks like the following Untitledtre

What you should see is a IP address some what like this (20.03.111.974)

If you use Dial Up Internet Access then you will find your IPaddress under PPP adapter. If you have dedicated access you will find your IP address under another adapter name like (PCIBusmaster, SMC Adapter, etc.) You can see a list by clicking on the down arrow.

Untitledf

Once you have the IP address Note it down .

Again go to run and execute command cmd

ddd

Type the following at the Dos Prompt

Nbtstat –A IP address

For example: nbtstat –A 207.175.1.1

This will give you a read out that looks like this

NetBIOS Remote Machine Name Table

____________________________________

Name Type Status

——————————————-

J-1 <00> UNIQUE Registered

WORK <00> GROUP Registered

J-1 <03> UNIQUE Registered

J-1 <20> UNIQUE Registered

WORK <1E> GROUP Registered

WORK <1D> UNIQUE Registered

__MSBROWSE__.<01>GROUP Registered

(Again info has been omitted due to privacy reasons)

The numbers in the <> are hex code values. What we are

interested in is the “Hex Code” number of <20>. If you do not

see a hex code of <20> in the list that’s a good thing. If you do

have a hex code <20> then you may have cause for concern.

Now you’re probably confused about this so I’ll explain.

A hex code of <20> means you have file and printer sharing

turned on. This is how a “hacker” would check to see if you

have “file and printer sharing” turned on. If he/she becomes

aware of the fact that you do have “file and printer sharing”

turned on then they would proceed to attempt to gain access to

your system.

(Note: To exit out of the DOS prompt Window, Type Exit

and hit Enter)

10

I’ll show you now how that information can be used to gain

access to your system.

A potential hacker would do a scan on a range of IP address for

systems with “File and Printer Sharing” turned on. Once they

have encountered a system with sharing turned on the next step

would be to find out what is being shared.

This is how:

Net view \\<insert ip_address here>

Our potential hacker would then get a response that looks

something like this.

Shared resources at \\ip_address

Sharename Type Comment

MY DOCUMENTS Disk

TEMP Disk

The command was completed successfully.

This shows the hacker that his potential victim has their My

Documents Folder shared and their Temp directory shared. For

the hacker to then get access to those folders his next command

will be.

Net use x: \\<insert IP address here>\temp

If all goes well for the hacker, he/she will then get a response of

(The command was completed successfully.)

At this point the hacker now has access to the TEMP directory of

his victim.

Q. The approximate time it takes for the average hacker to do

this attack?

R. 15 seconds or less.

Not a lot of time to gain access to your machine is it? How many

of you had “File and Printer Sharing” turned on?

Ladies and Gentlemen: This is called a Netbios attack. If you are

running a home network then the chances are you have file and

printer sharing turned on. This may not be the case for all of you

but I’m sure there is quite a number of you who probably do. If

you are sharing resources please password protect the

directories.

Any shared directory you have on your system within your

network will have a hand holding the folder. Which looks like

this.

You can check to find which folders are shared through Windows

Explorer.

Click On Start

Scroll Up to Programs

At this point you will see a listing of all the different programs on

your system

Find Windows Explorer and look for any folders that look like the

above picture.

Once you have found those folders password protect them. Don’t

worry I’ll show you how to accomplish this in Chapter 8 in a

visual step by step instruction format.

12

Netbios is one of the older forms of system attacks that occur. It

is usually overlooked because most systems are protected

against it. Recently there has been an increase of Netbios

Attacks.

Further on in this manual we shall cover some prevention

methods. For now I wish only to show you the potential security

flaws.

Recommended for you
Powered by

What's Your Reaction?

Angry Angry
0
Angry
Cute Cute
0
Cute
Geek Geek
0
Geek
LOL LOL
0
LOL
Love Love
0
Love
Omg Omg
0
Omg
Sad Sad
0
Sad
Scary Scary
0
Scary
Wtf Wtf
0
Wtf

SYSTEM INTRUSION IN 15 SECONDS

reset password

Back to
log in
Loading...