IP Address Explaination : Ip Tracing , Scanning ports , And concept

This one is special article written for all of you to understand and use the IP . ( Internet Portal address
Before you can change your IP you need some information. This information includes your IP range, subnet mask, default gateway, dhcp server, and dns servers.

1. Getting your IP range – Getting information about your IP range is not difficult, I recommend using Neo Trace on your own IP. But for my test just look at your IP address, say it’s 24.193.110.13 you can definitely use the IP’s found between 24.193.110.1 < [new IP] < 24.193.110.255, don't use x.x.x.1 or x.x.x.255. To find your IP simply open a dos/command prompt window and type ipconfig at the prompt, look for "IP Address. . . . . . . . . . . . : x.x.x.x". 2. Subnet Mask, Default Gateway, DHCP Server - These are very easy to find, just open a dos/command prompt window and type 'ipconfig /all' without the ' '. You should see something like this: Windows IP Configuration: Host Name . . . . . . . . . . . . . . : My Computer Name Here Primary Dns Suffix . . . . . . . . . : Node Type . . . . . . . . . . . . . . .: Unknown IP Routing Enabled. . . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . . . . . . .: xxxx.xx.x Description . . . . . . . . . . . . . . . . . . . . : NETGEAR FA310TX Fast Ethernet Adapter (NGRPCI) Physical Address. . . . . . . . . . . . . . . . . : XX-XX-XX-XX-XX-XX Dhcp Enabled. . . . . . . . . . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . . . . . . : Yes IP Address. . . . . . . . . . . . . . . . . . . . . : 24.xxx.xxx.xx Subnet Mask . . . . . . . . . . . . . . . . . . . .: 255.255.240.0 Default Gateway . . . . . . . . . . . . . . . . . : 24.xxx.xxx.x DHCP Server . . . . . . . . . . . . . . . . . . . .: 24.xx.xxx.xx DNS Servers . . . . . . . . . . . . . . . . . . . . : 24.xx.xxx.xxx 24.xx.xxx.xx 24.xx.xxx.xxx Lease Obtained. . . . . . . . . . . . . . . . . . .:Monday, January 20, 2003 4:44:08 PM Lease Expires . . . . . . . . . . . . . . . . . . . .:Tuesday, January 21, 2003 3:43:16 AM This is all the information you will need for now, I suggest you either keep your dos/command prompt window open or copy & paste the information somewhere, to copy right click the window and select text and click once. III. Changing your IP Address To change your IP address first pick any IP you like out of your IP range and remember it or write it down. It is usualy a good idea to make sure the IP is dead (except for what we are going to do later on) so just ping it via "ping x.x.x.x" and if it times out then you can use it. Now go to My Computer, then Control Panel. In Control Panel select Network Connections and pick your active connection, probably Local Area Connection or your ISP name. Open that connection by double clicking on the icon in Network Connections, then select Properties under the General Tab. In the new window that pops up select Internet Protocol (TCP/IP) and click properties, it's under the general tab. In this new window select the General tab and choose "Use the following IP address" and for the IP address enter the IP you would like to use (the one you picked from your subnet earlier) and for the Subnet Mask enter the subnet mask you got when your ran ipconfig /all, same goes for the Default Gateway. Now select "Use the following DNS server addresses" and enter the information you got earlier. Now just click OK. Test that it worked, try to refresh a website and if it works you know everything is okay and you are connected. To make sure the change worked type ipconfig again and the IP address should have changed to your new one. IV. DDoS & DoS Protection If your firewall shows that you are being DDoSed, this is usually when you are constantly getting attempted UDP connections several times a second from either the same IP address or multiple IP addresses (DDoS), you can protect your self by changing your IP address via the method I described above. V. Web servers & Other Services If you know someone on your IP range is running a web server and he or she has pissed you off or you just like messing around you can "steal" their IP address so any DNS going to that IP will show your site instead because you would be running a web server yourself. To "steal" an IP is to basically use the changing IP address method above and picking an IP that someone that is running a web server has in use. Often you will be able to keep that IP at least for some time, other times you wont be able to use it so just keep trying until it works. You your self will need to have a web server on the same port with your message. You can do this with other services too. You can also DoS or DDoS the IP address you are trying to steal to kick him off the net, but I don't recommend as its pretty illegal, an your ISP will get pissed 😉

Intrusion Attack Through Port Scanning

Port scanning determines which ports are listening to the active connections on the subjected host. These ports represent potential communication channels. With the help of port scanning we get close to the network communication scenario. We get to know more about victim’s network which is useful for further attacks. Internet does not exclusively rely on TCP port 80, used by hypertext transfer protocol (HTTP). Any surfer surfing any website can gain the same level of proficiency as your average casual surfer. Port scanning can be efficiently done to reveal the secret’s about the host.

Automated port scanners are necessary to perform such scanning, which are available in the market for very small cost.

Port scanning is done so as to gather information passively about the victim. This help’s intruder to eavesdrop into Victim’s Network.

Such scanning also helps in gathering information so as to form a network map. Network map are useful to get to know the victim network architecture or hierarchy.

There are thousands of ports available for communication on a network some well known are FTP, HTTP, SMTP etc., Which ports remains open or close depends on the network’s requirement. Like any web server will always have an FTP port open.

Every port has its unique number which is targeted after the successful port scanning. Various bugs, backdoors are installed on these ports and tested whether the system is vulnerable.

And this is how a successful attack through port scanning is done.

Hope you have enjoyed this informative article about port scanning. We are covering requirements of a good port scanner in next post.

To know more about port scanning comment here or mail us at amol@hackersenigma.com

Host Scanning Methods of Ethical Hackers

Introduction
After mapping the network topology successfully, next thing to do for ethical hacker is to detect the possible points from which attack can be deployed on host. For this purpose host scanning is done through various methods discussed below.

Social engineering
It is one of the largest threat to any company’s security as this flaw can not be protected by the sue of software. Company’s personal information which is generally secured is given out by some person working inside it. Information like username and password of employee, can give primary access to the attacker, to organizational network. which can be later escalated through advanced techniques.

Enumeration
Hosts themselves are mapped again, which can be helpful for identifying information about the systems and services involved in it. Enumeration is done in details with OS and services running on Host’s OS.

Identification of Host and Operating Systems: Queso, nmap and ISS, Internet Scanner are some of the tools which are widely used to scan the OS and host details. These software provide all contains identification features, checking for variances in the vendor IP stacks.

Port Scanning
Port scanning is done after successful mapping and enumeration of the host. Various tools are employed for examining  TCP and UDP services running on probed systems.
E.g.:   fping, hping, tcpprobe, WS PingPro Pack. 

Such methods give all the technical information necessary for further attack to be carried out. Such techniques are used by hackers as well as ethical hackers to perform and analyze the attack.

There are certain types of replies that network gives from which the further network hierarchy can be tracked , analyzed and break in is performed. E.g. ICMP, TCP, SYN/ACK & RST/ACK replies. Such replies give attacker the confirmation of successful host scanning and enumeration.

Port Scanners Selection Factors

We have covered brief introduction about port scanning and its techniques in our previous topic. Here we are, with requirements of a good port scanner.

Dynamic delay time calculations: Delay time is necessary for some scanners to send the data chunks.  So you need to check whether it is working properly or not with ping, which gives replies to every execution. But that is some time cumbersome, so you can use connect ( ) to a closed port on target. Which can gives you an initial delay time you’re your scanner. Simple, isn’t it!!!
 
Parallel Port Scanning: Scanners generally scans orts linearly and one by one till total ports are reached, but this old technique only works better with TCP on a faster network. So you need to test whether your port scanner has parallel port scanning or not because we have to scan over larger area or wide area network.

Port Scanners
Port Scanners

Flexible Port Specification: Can you believe we need to scan all 65535 ports. It will be slow and tiresome process. Also, the scanners which only allow you to scan ports 1 – N often fall short of an intruder’s need. Test whether your scanner has ranges option available which can allow you to scan the ports in better manner.

Flexible target specification: On a larger network you may surely want to scan more than one or two hosts.  So you should have flexible target specification available on your port scanner.

Retransmission: Sending chunks and collecting for response is a way old technique for scanners. But this can lead to false positives or negatives in the case where packets are dropped. So, check whether your scanner have automated retransmission available.

So these are some of the primary facts of considerations. Some secondary consideration includes Down Host Detection, Own IP detector, and IP scanner etc.