Pinging is normally the first step involved in hacking the target all Great whiteHat Haker Do that First Step.

 

Ping uses ICMP (Internet Control Messaging Protocol) to determine whether you the target host is reachable or not. Ping sends out ICMP Echo packets very quick step by step to the target host well , if the target host is alive it would respond back immerdately with ICMP Echo reply packets.

 

Well done Now all the versions of Windows also contain the ping tool. To ping a remote host follow the procedure below.

Click Start and then click Run good.

 

Now type "ping" <ip address or hostname>

 

(For example: ping google.com)

 

That means that the attacker strict logged on using “provider.com” you got it well great. Unfortunately, there are several IP addresses that cannot be converted into domain names sometimes well then.

 

Something new For more parameter that could be used with the ping command, go to Below Step well done :-

 

DOS prompt and type ping /?.

 

Good Luck !!!

 

Ping Sweep

 

If you are really undetermined about your target and just want a live system well good then, ping sweep is the solution for you its really awessom tool. Ping sweep also uses ICMP to scan for live systems in the specified range of IP addresses define great.

Though Ping sweep is similar to ping well but here reduces with the time involved in pinging a range of IP addresses Just Below.

 

Nmap (http://www.insecure.org) also contains an option to perform ping sweeps good for your health.

 

Tracert: 

 

Tracert command or tool is another interesting tool available to find more interesting information about a remote host quick. Tracert also uses ICMP. Tracert helps you to find out some information for purely well defined about the systems involved in sending data packets from source to destination as targeted. To perform a tracert follow the procedure below good.

 

Tracer connects automatically to the computer whose IP has been entered and reveals all stations starting from your Internet connection well structure. Both the IP address as well as the domain name (if available) is displayed very fast.

If PING cannot reveal a name then, Traceroute will possibly deliver the name of the last or second last station to the attacker

and which may enable conclusions concerning the name of the provider used by the attacker quick defined and the region from which the attacks are coming well done Great.

 

Now Go to cmd prompt and type tracert <destination address enter>  (For example: tracert google.com).

But there are some tools available like Visual Traceroute just download which help you even to find the geographical location of the routers involved well structure wise define its really good tools for Ethical Hacker or Investigator.

 

http://www.visualware.com/visualroute

 

Port Scanning

 

After well you have determined that your target system is alive the next important step would be to perform a port scan on the target system for whitehat geniune attack.

 

There are a wide range of port scanners available for free well. But many of them uses outdated techniques for port scanning which could be easily recognized by the network administrator ok if sometimes old technique use. Personally I whould like to use Nmap tool (http://www.insecure.org) which has a wide range of options such wonderful tool. You can download the NmapWin

and its source code from Below Just download :

 

http://www.sourceforge.net/projects/nmapwin.

 

 

 

Port scanning Nmap is capable of identifying the Operating system being used well you know ,Like Version numbers of various services running, firewalls being used and a lot more in port see Below.

 

Common ports:

Below is a list of some common ports and the respective services

running on the ports.

20 FTP data (File Transfer Protocol)

21 FTP (File Transfer Protocol)

22 SSH

23 Telnet

25 SMTP (Simple Mail Transfer Protocol)

53 DNS (Domain Name Service)

68 DHCP (Dynamic host Configuration Protocol)

79 Finger

80 HTTP

110 POP3 (Post Office Protocol, version 3)

137 NetBIOS-ns

138 NetBIOS-dgm

139 NetBIOS

143 IMAP (Internet Message Access Protocol)

161 SNMP (Simple Network Management Protocol)

194 IRC (Internet Relay Chat)

220 IMAP3 (Internet Message Access Protocol 3)

389 LDAP

443 SSL (Secure Socket Layer)

445 SMB (NetBIOS over TCP)

 

Besides the above ports they are even some ports known as Trojan ports used by Trojans attacker well use that allow remote access to that system for Big attack remotly access system.

 

Vulnerability Scanning:

 

Vulnerability Scanning Every operating system or the services will have some vulnerabilities due to the programming errors on web or network. These vulnerabilities are crucial for a successful hacking attack. Bugtraq isan excellent well mailing list discussing the vulnerabilities (loophole) in the various system well loop. The exploit code writers write exploit codes to exploit these vulnerabilities existing in a system to be secure network or system to secure it.

 

 

 

Tools Descriptions:

 

1. Nmap

 

I think everyone has heard of this one if you are in Hacking Field reseach well, recently evolved into the 4.x series you know.

Nmap (Network Mapper tool) is a free open source utility for network exploration or security auditing tool. It was designed to rapidly scan large networks well, although it works fine against single hosts really awessom. Nmap uses raw IP packets quick

in novel ways direct to determine what hosts are available on the network, what services (application name and version) those hosts are offering well, what operating systems (and OS versions) they are running, what type of packet filters/firewalls.

 

Nmap runs on most types of computers and both console and graphical versions are available on internet. Nmap is free and open source tool. Can be used by beginners (-sT) or by pros alike (packet_trace) well. A very versatile tool quick, once you fully understand the results easy to use and well tast perform tool.

 

Well done Get Nmap Here

 

http://www.insecure.org/nmap/download.html

 

2. Nessus Remote Security Scanner

 

Recently went closed source well great people undestand, but is still essentially free. Works with a client-server framework huh. Nessus is the worlds most popular vulnerability scanner used in over 70,000 organizations world-wide well doen. Many of the worlds best largest organizations are realizing significant cost savings by using Nessus tool is to audit business-critical enterprise devices and applications quick tast perfomed well good Luck.

 

Well doen Get Nessus Here

 

http://www.nessus.org/download/

 

3. John the Ripper

 

 

John the Ripper is a fast password cracker tools best tool, currently available for many flavors of Unix DOS, Win32, BeOS, and OpenVMS really quite good tool for Hacking. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most probably found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches well defined.

 

Well done Get JTR Here

 

http://www.openwall.com/john/

 

4. Nikto

 

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items

well, including over 3000 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over all time 230 servers well. Quick Scan items and plugins are frequently updated and can be automatically updated if desired Good luck.

Nikto is a good CGI scanner, there are some other tools that go well with Nikto Focus on google hacking.

 

Well done Get Nikto Here

 

http://www.cirt.net/code/nikto.shtml

 

5. p0f

 

P0f v2 is a versatile passive OS fingerprinting tool for know something regarding helpful. P0f can identify the operating

 

system on below define :

 

- machines that connect to your box well "connect" (SYN mode),
- machines you connect to (SYN+ACK mode connect),
- machine you cannot connect to (RST+ mode connect),
- machines whose communications you can observe well done.

 

  Basically it can fingerprint anything well, just by listening, it doesn’t make ANY active connections to the target machine.

 

Well done Get p0f Here

 

http://lcamtuf.coredump.cx/p0f/p0f.shtml

 

6. Wireshark Tools

 

Wireshark is a GTK+-based network protocol analyzer you know about that its really awessom tool, or sniffer, that lets you capture Easily and interactively browse the contents of network frames set. The goal of the project is to create a commercial quality analyzer well form for Unix and to give Wireshark features that are missing from closed-source sniffers actual pure packets.

Works great on both Linux and Windows (with a GUI) its crazzy tool, easy to use and can reconstruct TCP/IP Streams !!!

 

Well done Get Wireshark Here

 

http://www.wireshark.org/

 

7. Eraser

 

Eraser tool is an advanced security tool (for Windows stricly), which allows you to completely remove sensitive data from your hard drive by overwriting it now several times with carefully selected patterns as you want. Works with Windows 95, 98, ME, NT, 2000, XP and DOS well done. Eraser is Free software and its source code is released under GNU General Public License for you great.

 

its excellent tool for keeping your data really safe, if you’ve deleted it well make sure its really gone or not, you don’t want it hanging around to bite you in the ass huh well now use it Enjoy.

 

Well done Get Eraser Here

 

http://www.heidi.ie/eraser/download.php

 

8. PuTTY

 

PUTTY is a free implementation of Telnet and SSH for Win32 i think you know about that and Unix platforms, along with an xterm terminal emulator well. it must have for any h4. quick or wanting to telnet or SSH from Windows without having to use the crappy default MS command well defined line clients good.

 

Well done Get PUTTY Here

 

http://www.chiark.greenend.org.uk/~sgtatham/putty/

 

9. LCP

 

Well Great Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003.

accounts information import really cool, Passwords recovery, Brute-force session distribution, Hashes computing very easily.

A good free alternative well to L0phtcrack. LCP was briefly good mentioned in our well read Rainbow Tables and RainbowCrack
article.

 

Well done Get LCP Here

 

http://www.lcpsoft.com/english/download.htm

 

10. Cain and Abel

 

My all time personally favourite for password cracking of any kind its just awessom tool. Cain & Abel is a password recovery

tool for Microsoft Operating Systems you know. It really allows easy recovery of various kind of passwords by sniffing the network traffic,cracking encrypted passwords using Dictionary well, Brute-Force and Cryptanalysis attacks, recording VoIP conversations quick, decoding scrambled passwords easily, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.

 

Well done Get Cain and Abel Here

 

http://www.oxid.it/cain.html

 

11. Kismet

 

Kismet tool is an 802.11 layer 2 wireless network detector well, sniffer way, and intrusion detection system good. Kismet will work with any wireless card which supports raw monitoring rfmon mode, and can sniff 802.11b, 802.11a, and 802.11g traffic well done.

A good wireless tool as long as your card supports rfmon its really look cool.

 

Well Done Get Kismet Here

 

http://www.kismetwireless.net/download.html