Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Who's goes there?

  1. #1
    Join Date
    Feb 2008
    Beans
    45
    Distro
    Ubuntu 8.04 Hardy Heron

    Thumbs up Who's goes there?

    I've been wondering this for awhile now.

    Is there any method wherein it possible to not only scan a remote target for open ports, but also determine what hosts are utilizing those specific port numbers? Maybe if I am maintaining an open connection to one of these there could there be a way to intercept the packets traveling through in order to determine the hostnames of machines connected to the same port as mine?

    Ex. Say I have an open connection to 21 on a certain server, could I possibly monitor existing and further attempted connections?

    I'm not sure of the legalities of this, but I'm pretty sure it's okay since I'm just watching and not attempting to gain access where it shouldn't be gained. I also don't know whether this thread belongs in this part of the forum, but it's the closest I could find. If I'm wrong in this, please let me know and I'll discontinue the thread immediately

  2. #2
    Join Date
    Nov 2007
    Location
    London, England
    Beans
    5,442
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: Who's goes there?

    Quote Originally Posted by Fate Reconciled View Post
    I've been wondering this for awhile now.

    Is there any method wherein it possible to not only scan a remote target for open ports, but also determine what hosts are utilizing those specific port numbers? Maybe if I am maintaining an open connection to one of these there could there be a way to intercept the packets traveling through in order to determine the hostnames of machines connected to the same port as mine?

    Ex. Say I have an open connection to 21 on a certain server, could I possibly monitor existing and further attempted connections?

    I'm not sure of the legalities of this, but I'm pretty sure it's okay since I'm just watching and not attempting to gain access where it shouldn't be gained. I also don't know whether this thread belongs in this part of the forum, but it's the closest I could find. If I'm wrong in this, please let me know and I'll discontinue the thread immediately
    Only by intercepting the packets in the network or by gaining access to ask the server what connections it has open.

  3. #3
    Join Date
    Apr 2008
    Beans
    5

    Re: Who's goes there?

    I'm not sure of the legalities of this, but I'm pretty sure it's okay since I'm just watching and not attempting to gain access where it shouldn't be gained... You will need access and yes it's illegal to do a MITM/ "man in the middle attack".

  4. #4
    Join Date
    Nov 2005
    Location
    Nashville, TN
    Beans
    436
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Who's goes there?

    If you can bring up a shell on the target box then it's only a matter of time before it's rooted and then you can monitor all connections coming into it. Can you see the connecitons by just connecting to a port? No. The legalities will depend on your location.
    -Chayak

  5. #5
    Join Date
    Nov 2006
    Location
    40.31996,-80.607213
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Who's goes there?

    Quote Originally Posted by Chayak View Post
    If you can bring up a shell on the target box then it's only a matter of time before it's rooted and then you can monitor all connections coming into it. Can you see the connecitons by just connecting to a port? No. The legalities will depend on your location.
    You speak as if you could root the box yourself, if you had access to a shell. I think it would be more difficult than you think, unless that shell said root@host:~# from rebooting into recovery mode.

    Dr Small
    "Security lies within the user of who runs the system. Think smart, live safe." - Dr Small
    Linux User #441960 | Wiki: DrSmall

  6. #6
    Join Date
    Nov 2005
    Location
    Nashville, TN
    Beans
    436
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Who's goes there?

    Quote Originally Posted by Dr Small View Post
    You speak as if you could root the box yourself, if you had access to a shell. I think it would be more difficult than you think, unless that shell said root@host:~# from rebooting into recovery mode.

    Dr Small
    Easy... no Possible... Absolutely
    As an example
    http://rootthisbox.org/
    It's done a lot with just shell access it just takes time.
    -Chayak

  7. #7
    Join Date
    Nov 2006
    Location
    40.31996,-80.607213
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Who's goes there?

    I have played RootThisBox challenges before. The object is not to literally, "Root the box", but to follow the tips and hints to exploit code for a certain program, and gain authorization to another user.

    RootThisBox are missions, basically. Not real life rooting the box. Ask Tronyx. Me and him both were playing the missions on one box before.

    Dr Small
    "Security lies within the user of who runs the system. Think smart, live safe." - Dr Small
    Linux User #441960 | Wiki: DrSmall

  8. #8
    Join Date
    Nov 2005
    Location
    Nashville, TN
    Beans
    436
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Who's goes there?

    Your taking it too literately. I used it as an example, a simple example, but an example. It's possible to exploit a machine over the network without shell access and with shell access it's simply easier. I'm not going to go into how I know such and such and work in whatever because I don't care to share that information and no one has any real way of knowing fact from fiction unless they know who's posting. I could go on with paragraphs about debugging, buffer overflows using perl scripts and sequential characters to find at what point the buffer overflows, heap exploits, and fuzzing software and the kernel to find stuff. Then again I could just have cut and pasted it from some site. In the end people will believe what they want to believe.
    Last edited by Chayak; April 25th, 2008 at 09:44 PM.
    -Chayak

  9. #9
    Join Date
    Jan 2007
    Location
    Plano, TX
    Beans
    67
    Distro
    Kubuntu

    Re: Who's goes there?

    if you have a shell at the target, you could try a series of tools, like netstat, ifconfig, etc, to find out who/what else is connected.

    You would still be limited by your access permissions.

    Nevertheless, the legality of these actions will depend on what has been agreed between you (or the company you theoretically represent) and the owners/operators of the target box. YMMV widely, since some people out there are very paranoid.
    Hoc volo, sic jubeo, sit pro rationa volontas.

  10. #10
    Join Date
    Oct 2005
    Beans
    521

    Re: Who's goes there?

    I was wondering , you guys seem to be in the know. Should i be worried if i got 3 ssh attempts on my linux box and all were blocked by firewall -- firestarter gui -- ? thanks in advance

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •