Home
Research
Publications
Hobbies
Links
 
 

HACKING MADE EASY

 

"Networking" is another revolution next to the invention of computers. Imagine the whole world connected, each and every person in the world can communicate with his or her peers in few cliks. By communication i don't just mean mere talking, but they can share any media content, can exchange project updates, work on a problem in real time, kids frm differnt parts of the globe can play a game over net, a customer can order the things with the accuracy and ease etc. Few years ago these things might have been dreams or fantasies for an ordinary person like me. But now the science has taken us to this realm and we are still heading further ahead. I wonder where this would take us to? But as happens, good things come with bad things. Computer networks are not very secure. There always have been some security issues, like stealing someone's identity, credit card infomations, getting the secrets of a person and blackmailing him/her, erasing the entire data from a computer etc. So now we come to the definition of hacking. In simple words "Hacking is a mean to steal precious information about a person or instituition and sometimes use these informations against them ('harmful ?' as it may sound, could be just for fun purposes)".
It's not that people don't take enough precautions, but the thing is you fix one problem, other problems would be created. This is never gonna end because hackers are as smart as the people who try to fix the problems or may be smarter. Since the invention of microcomputers the hacking has gone to heights. I don't consider hacking to be bad, as it finds out the flaws in a system. It's always the creative ideas from hackers which motivates the companies to come out with better products and at the same time it helps the mass to go to another level of knowledge.
 
Having said about what hacking is, let's see what a simple computer network looks like :

Above fig. gives a simple schematic of a computer network. All the computers on network are indetified by a unique set of four number seperated by dots calles the IP address of the computer. So if you connect ur computer to the internet the internet service provider ( ISP ) assings your computer a unique IP address. This IP address is similar to the name of a person. Suppose you want to send a mail to a person but you don't want the name of the person, how would u do that ? You have to know the name and address of the person to communicate. In the same way if one computer wants to communicate with another it has to be given the IP address of the other computer. I think that I am making myself clear although i am not good at explaing things. lol.

Anyways, so the question arises "How to know a computer's IP address ? " Well.. that depends on what operating system you are using. Since i assume that all of you will be windows machines so i won't go into the details of a linux system and i would restrain myself in the domain of windows commands only.

Command to know your computer's IP address
 
If you are using win95/98/me/2000/XP ( i don't know if they came up with any other version except win 3.x) then go to command prompt and type winipcfg . You will see a window showing the IP address of the machine. Below is a picture of the actual window when u type in the command.

 

See the second line where it shows the IP address of my computer. Let's not bother about the fields in the display for time being. I will discuss about them later.

What if someone knows the IP address of my machine

If someone knows the IP address of your computer, then he can find out your location and may be he is smart can get into your system. Ah... I forgot to tell you one more thing. This IP addresses are of two types, 1. Dynamic IP address 2. Static IP address. As the names suggest, A dynamic IP address always changes when you diconnect and connect to the network but the static IP address remains the same. As all of you are using dial up to connect your machines to the internet, your IP address is gonna be dynamic. You can check it by connecting your computer to the internet few times. You will see that the IP addresses that are assigned to your computer change.

How to find the location of a computer by knowing it's IP address

Again go to the command prompt and type in tracert xxx.xxx.xxx.xxx. Where xxx.xxx.xxx.xxx is the ip of the computer you want the location of. Let me give a shot of the actual output.
 
 
Do you see how it goes from my location and traces down the location of the computer 203.199.93.39. As you might suspect this particular computer is in India because it's on the backbone of vsnl.net.in. Infact it is true !! this is nothing but our good old timesofindia.com server. Now, tracert can be used not only with ip address but also with the domain name of a website ( infact all the domain names can be converted into IP addresses...you guys are smart so i don't need to go into details). So why not try using the command like this :

c:\>tracert www.timesofindia.com

You will see a similar output. You can learn more about the command options by typing tracert /?.
 
So now we know how to get a computer's IP address and how trace an IP. Let's learn about another important command called ping.

Pinging a machine on network

pinging is a word given to 'hand-shaking with another computer on network'. When you ping a computer using its IP address or domain name, and if it is alive, it reponds with a pong. This is another very powerful tool to find the status of a computer on network. The command for this is called ping and you can execute it from the command prompt. Before i tell you more about what it does, let's look at the actual output of the command when we ping the timesofindia.com server:
 
 
Let's see what important things you can extract about a computer using ping. If you look at the output, then you will see the first few lines saying "reply from 203.199.93.39". If the computer your are pinging is alive and listens to request then it send replies. That's what you see in the first few line of the output. The bottom lines show the overall statistics of the request made. Now the response time depends on how far the computer is from you. Farther is the computer, larger will be the response time. Isn't it cool ? You might think this thing to be trivial, but let me tell you; this is not trivial at all. I mean, you get to know the distance of the computer from you !! wow. Ofcourse you have to be a little smart to figure that out. Ping has other powerful applications that i will talk about later so let's not forget this little friend of us. You can learn all the command options by typing ping on the command prompt. So far so good, let's now know how a computer exactly communicates with another one on the network.

How a computer communicates with another computer on network

The following schematic gives an idea of communication of two computers.

 

Before we talk about how they communicate, let's us make an anlogy with the human communication. Suppose you want to talk to someone, what step would u take first ? Well if you know the person then you will go and ask if he is interested in talking to you. If he is interested then he will listen to you. Similarly when a computer wants to communicate with another computer, the other computer has to listen to him and respond in a proper manner. If the person you are going to talk is deaf then he won't listen and respond. In the same way if the other computer doesn't listen then it won't respond to you. Now this listening and responding process is being handled by something called server. A server is a program which when intalled; opens an entry port on your computer which listens to all the incoming requests ( just like your ears ), and if it understands the requests it responds to that in a proper manner. Let's look at another figure that explains what exactly happens when a client tries to communicate with a server.

Let's look at the things one by one : Computer A which is the client ( a software which communicates with the server ) sends a signal to the 'port' B of ther server. Now if the server is running properly it responds in a proper way and if it is designed to log the ip of the client it logs the ip of the client in it's log file. All the servers for security reasons log the ip of the incoming requests, so that if anything goes wrong you can see the ip address of the client machine.

I have been using this word 'port' so many times without giving you an idea of what this is. The ports i have been talking about so far are virtual. Ofcourse there are physical ports on the machine , e.g. serial port, parallel port, usb port etc. So the server or the client; they don't listen to eath other on a physical port but insteat a virtual port. These ports are desingnated by some number, hence sometimes they are referred to as port numbers, eg., 2345, 3423 etc.
 
Still unclear...ah..i think that i am not doing a good job. Well let's take a real life example. Suppose you are using yahoo messenger. Now when you log into your yim account then the yahoo messenger opens an available port on your machine and listens to all the incoming request at that port. Hmm still not clear...okay then why don't we see what ports are opened on your machine when you make any connection. To see all the connections that a machine has made, we will use netstat command. First connect your machine to some server eg. visit a website, log into any messenger program, public chat etc. Now go to the command prompt and type netstat. You will see a list of current connections. The output will look like this ;

As you see in the output, the first column shows the protocol used for the connection TCP/UDP, second column is the name of your machine:port, third column is the foreign address your machine is connected to and fourth is the current status of the connection. You can easily tell from the output that i have logged into my YIM account as well as i have opened google.com in my internet explorer (since the foreign machine's port is 80, which is a default port for http connections ). So simple it is. I am not gonna talk about different protocols here, may be in future i will add few lines about it. If you really want a good picture of what a protocol is and how to program using different protocols then you may find some networking book very useful. Netstat has many command options that you can check for yourself esp. check the options -a, -n.
 
Well..now you know how to find all the active communications. So can you say when your machine is abused ? Ofcourse you can. You look at all the active communications and see if they are the only ones you expect. If you find that there is some port open on your machine which you don't know about then you might suspect that your machine is compromised. wow ! how easy !! hmmm not really easy though because you don't know what ports are the default ports for windows. So you need to know about the default ports used by windows as well as the ports used by viruses...huh.

 

NEXT

That's it for today, i will keep adding to it.
Hacking