Breaking into Computer Networks from the Internet 0

Short table content of Breaking into Computer Networks from the Internet.pdf:

• Chapter 0: What is this document about anyway?
• Chapter 1: Setting the stage [Permanent connection (leased line, cable, fiber) ~ Dial-up ~ Mobile (GSM) dial-up ~ How to ~ Using the 'net ~ Other techniques]
• Chapter 2: Mapping your target [Websites, MX records DNS! ~ RIPE, ARIN, APNIC and friends ~ Routed or not? ~ Traceroute & world domination ~ Reverse DNS entries ~ Summary]
• Chapter 3: Alive & kicking [Unrouted nets, NAT ~Ping - ICMP ~ Ping -TCP (no service, wrappers, filters) ~ Method1 (against stateful inspection FWs) ~ Method2 (against stateless Firewalls) ~ Summary ~ Before we go on]
• Chapter 4 : Loading the weapons [General scanners vs. custom tools ~ The hacker's view on it (quick kill example) ~ Hacker's view (no kill at all)]
• Chapter 5: Fire! [Telnet (23 TCP) ~HTTP (80 TCP) ~ HTTPS (SSL2) (443 TCP) ~ HTTPS (SSL3) (443 TCP) ~ HTTP + Basic authentication ~ Data mining ~ Web based authentication ~ Tricks ~ ELZA & Brutus ~ IDS & webservers ~ Pudding ~ Now what? ~ What to execute? ~ SMTP (25 TCP) ~ FTP (21 TCP + reverse) ~ DNS (53 TCP,UDP) ~ Finger (79 TCP) ~ NTP (123 UDP) ~ RPC & portmapper (111 TCP + other UDP) ~ TFTP (69 UDP) ~ SSH (22 TCP) ~ POP3 (110 TCP) ~ SNMP (161 UDP) ~ Proxies (80,1080,3128,8080 TCP) ~ X11 (6000 TCP) ~ R-services (rshell, rlogin) (513,514 TCP) ~ NetBIOS/SMB (139 TCP)]
• Chapter 6 : Now what? [Windows ~ Only port 139 open - administrator rights ~ Port 21 open ~ Port 80 open and can execute ~ Port 80 and port 139 open ~ What to execute? ~ Unix ~ What to execute? ~ Things that do not fit in anywhere - misc ~ Network level attack - Source port 20,53 ~ HTTP-redirects ~ Other Topics ~ Trojans (added 2001/09)]

A few prerequisites for reading “Breaking into Computer Networks from the Internet”. Unless you want to feel a bit left in the cold you should have knowledge of the following:

1. Unix (the basics, scripting, AWK, PERL, etc.)
2. TCP/IP (routing, addressing, subnetting etc.)
3. The Internet (the services available on the ‘net-e.g. DNS, FTP, HTTP, SSH, telnet etc.)
4. Experience in IT security (packetfiltering, firewalling, proxies etc.)

This document is written for the in-between group of people. Toolmakers will frown upon this document and yet it may provide you with some useful insight (even if it better the tools you manufacture). It attempts to provide a methodology for hacking. It attempt to answers to “how to” question, not the “why” or the “who”. It completely sidesteps the moral issue of hacking; it also does not address the issue of hackers/crackers/black hats/gray hats/white hats. It assumes that you have been in this industry long enough to be beyond the point of worrying about it. It does not try to make any excuses for hacking – it does not try to pretend that hacking is a interesting past-time. The document is written for the serious cyber criminal. All of this sounds a bit hectic and harsh. The fact of the matter is that sysadmins, security consultants, and IT managers will find this document just as interesting as cyber criminals will. Looking at your network and IT infrastructure from a different viewpoint could give you a lot of insight into REAL security issues (this point has been made over and over and over and I really don’t to spend my time explaining it again [full disclosure blah blah whadda whadda wat wat]).

This ebook is available FREE at Packet Storm Security website, we merely collect the information, we are neither affiliated with the author(s), the website and any brand nor responsible for its content and change of content. 
Very interesting hacking ebook download for free: Breaking into Computer Networks from the Internet.pdf (1.2 MB, 82 pages of pdf file.)