Hacking: A 101 Hacking Guide (Tech Geek Book 3) by Alex Benjamin

Author:Alex Benjamin [Benjamin, Alex]
Language: eng
Format: epub
Published: 2015-06-20T07:00:00+00:00

Chapter 6: Accessing Ports

Ports allow multiple services (remember the term daemon?) to share a single physical connection for communication. The best example would be allowing access to the internet. Ports are associated with IP addresses and have a port number to identify them.

Let’s look at an example of how these ports work by looking at email. An email server that is sending and receiving email needs two services: one for sending and receiving messages from other servers, and one for allows users to retrieve their own personal email from the server. The first service is called SMTP, which stands for Simple Mail Transfer Protocol. It usually uses Port 25 to watch for requests to either send mail or receive mail. The second service is usually either the Post Office Protocol (POP) or Internet Message Access Protocol (IMAP). Whatever software you use for sending and receiving email uses one of these services to retrieve your email from the server. The POP service commonly uses Port 110.

The only way to attack a service, such as POP, is through the port they are using. You can think of it as a piping system, where the port acts as a valve. If the port is not being used, it is closed and nothing can get through; if the port is open, then it may be vulnerable to attack. If you aren’t using a port, it should be closed.

We are going to talk about how hackers use ports to gain access to your system, but first let’s go over some acronyms and definitions.

DNS: Domain Name Server, translates names into IP addresses

FTP: File Transfer Protocol, used to transfer files from one host to another

HTTP: HyperText Transfer Protocol

HTTPS: HTTP over SSL (see definition below)

POP3: Post Office Protocol version 3, used to retrieve email from a mail server

RPC: Remote Procedure Call, allows a program on one computer to run a program on the server

SSH: Secure Shell, used to login to another computer over the network, move files between computers, and execute commands remotely

SSL: Secure Sockets Layer, uses two keys to encrypt data shared via the internet

SMTP: Simple Mail Transfer Protocol, used to send email messages from one server to another, or from a mail client to a mail server

TCP: Transmission Control Protocol, allows two hosts to make a connection and exchange data

UDP: User Datagram Protocol, primarily used for broadcasting messages over a network

Ports that are commonly hacked include…

TCP port 21 - FTP

TCP port 22–SSH

TCP port 23 - telnet

TCP port 25 - SMTP

TCP and UDP port 53 - DNS

TCP port 443 - HTTP and HTTPS

TCP port 110 - POP3

TCP and UDP port 135 - Windows RPC

TCP and UDP ports 137–139 - Windows NetBIOS over TCP/IP

TCP port 1433 and UDP port 1434–Microsoft SQL Server

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.