Controla tu fututo
  my proyect secret Y.A.D.I.R.A.
 

C:WINDOWS>tracert 152.163.199.42

Tracing route to dns-01.aol.com [152.163.199.42]

over a maximum of 30 hops:

1 * * * Request timed out.

2 150 ms 144 ms 138 ms 204.134.78.201

3 375 ms 299 ms 196 ms glory-cyberport.nm.westnet.net [204.134.78.33]

4 271 ms * 201 ms enss365.nm.org [129.121.1.3]

5 229 ms 216 ms 213 ms h4-0.cnss116.Albuquerque.t3.ans.net [192.103.74.45]

6 223 ms 236 ms 229 ms f2.t112-0.Albuquerque.t3.ans.net [140.222.112.221]

7 248 ms 269 ms 257 ms h14.t64-0.Houston.t3.ans.net [140.223.65.9]

8 178 ms 212 ms 196 ms h14.t80-1.St-Louis.t3.ans.net [140.223.65.14]

9 316 ms * 298 ms h12.t60-0.Reston.t3.ans.net [140.223.61.9]

10 315 ms 333 ms 331 ms 207.25.134.189

11 * * * Request timed out.

12 * * * Request timed out.

13 207.25.134.189 reports: Destination net unreachable.

What the heck is all this stuff? The number to the left is the number of computers the route has been traced

through. The "150 ms" stuff is how long, in thousandths of a second, it takes to send a message to and from

that computer. Since a message can take a different length of time every time you send it, tracert times the

trip three t imes. The "*" means the trip was taking too long so tracert said "forget it." After the timing info

comes the name of the computer the message reached, first in a form that is easy for a human to remember,

then in a form -- numbers -- that a computer prefers.

"Destination net unreachable" probably means tracert hit a firewall.

Let's try the second AOL domain server.

C:WINDOWS>tracert 152.163.199.56

Tracing route to dns-02.aol.com [152.163.199.56]

over a maximum of 30 hops:

1 * * * Request timed out.

2 142 ms 140 ms 137 ms 204.134.78.201

3 246 ms 194 ms 241 ms glory-cyberport.nm.westnet.net [204.134.78.33]

4 154 ms 185 ms 247 ms enss365.nm.org [129.121.1.3]

5 475 ms 278 ms 325 ms h4-0.cnss116.Albuquerque.t3.ans.net [192.103.74.

45]

6 181 ms 187 ms 290 ms f2.t112-0.Albuquerque.t3.ans.net [140.222.112.22

1]

7 162 ms 217 ms 199 ms h14.t64-0.Houston.t3.ans.net [140.223.65.9]

8 210 ms 212 ms 248 ms h14.t80-1.St-Louis.t3.ans.net [140.223.65.14]

9 207 ms * 208 ms h12.t60-0.Reston.t3.ans.net [140.223.61.9]

10 338 ms 518 ms 381 ms 207.25.134.189

11 * * * Request timed out.

12 * * * Request timed out.

13 207.25.134.189 reports: Destination net unreachable.

Note that both tracerts ended at the same computer named h12.t60-0.Reston.t3.ans.net. Since AOL is

headquartered in Reston, Virginia, it's a good bet this is a computer that directly feeds stuff into AOL. But

we notice that h12.t60-0.Reston.t3.ans.net , h14.t80-1.St-Louis.t3.ans.net, h14.t64-0.Houston.t3.ans.net and

Albuquerque.t3.ans.net all have numerical names beginning with 140, and names that end with "ans.net." So

it's a good guess that they all belong to the same company. Also, that "t3" in each name suggests these

computers are routers on a T3 communications backbone for the Internet.

Next let's check out that final AOL domain server:

C:WINDOWS>tracert 198.83.210.28

Tracing route to dns-aol.ans.net [198.83.210.28]

over a maximum of 30 hops:

1 * * * Request timed out.

2 138 ms 145 ms 135 ms 204.134.78.201

3 212 ms 191 ms 181 ms glory-cyberport.nm.westnet.net [204.134.78.33]

4 166 ms 228 ms 189 ms enss365.nm.org [129.121.1.3]

5 148 ms 138 ms 177 ms h4-0.cnss116.Albuquerque.t3.ans.net [192.103.74.

45]

6 284 ms 296 ms 178 ms f2.t112-0.Albuquerque.t3.ans.net [140.222.112.22

1]

7 298 ms 279 ms 277 ms h14.t64-0.Houston.t3.ans.net [140.223.65.9]

8 238 ms 234 ms 263 ms h14.t104-0.Atlanta.t3.ans.net [140.223.65.18]

9 301 ms 257 ms 250 ms dns-aol.ans.net [198.83.210.28]

Trace complete.

Hey, we finally got all the way through to something we can be pretty certain is an AOL box, and it looks

like it's outside the firewall! But look at how the tracert took a different path this time, going through Atlanta

instead of St. Louis and Reston. But we are still looking at ans.net addresses with T3s, so this last

nameserver is using the same network as the others.

Now what can we do next to get luser@aol.com really wondering if you could actually break into his

account? We're going to do some port surfing on this last AOL domain name server! But to do this we need

to change our telnet settings a bit.

Click on Terminal, then Preferences. In the preferences box you need to check "Local echo." You must do

this, or else you won't be able to see everything that you get while port surfing. For some reason, some of

the messages a remote computer sends to you won't show up on your Win 95 telnet screen unless you

choose the local echo option. However, be warned, in some situations everything you type in will be

doubled. For example, if you type in "hello" the telnet screen may show you "heh lelllo o. This doesn't mean

you mistyped, it just means your typing is getting echoed back at various intervals.

Now click on Connect, then Remote System. Then enter the name of that last AOL domain server, dnsaol.

ans.net. Below it, for Port choose Daytime. It will send back to you the day of the week, date and time of

day in its time zone.

Aha! We now know that dns-aol.ans.net is exposed to the world, with at least one open port, heh, heh. It is

definitely a prospect for further port surfing. And now your friend is wondering, how did you get something

out of that computer?

[vt100] InterNIC > whois ans.net

Connecting to the rs Database . . . . . .

Connected to the rs Database

ANS CO+RE Systems, Inc. (ANS-DOM)

100 Clearbrook Road

Elmsford, NY 10523

Domain Name: ANS.NET

Administrative Contact:

Hershman, Ittai (IH4) ittai@ANS.NET

(914) 789-5337

Technical Contact:

ANS Network Operations Center (ANS-NOC) noc@ans.net

1-800-456-6300

Zone Contact:

ANS Hostmaster (AH-ORG) hostmaster@ANS.NET

(800)456-6300 fax: (914)789-5310

Record last updated on 03-Jan-97.

Record created on 27-Sep-90.

Domain servers in listed order:

NS.ANS.NET 192.103.63.100

NIS.ANS.NET 147.225.1.2

ftp://ftp.coast.net

http://hertz.njit.edu/%7ebxg3442/temp.html

http://www.alpworld.com/infinity/void-neo.html

http://www.danworld.com/nettools.html

http://www.eskimo.com/~nwps/index.html

http://www.geocities.com/siliconvalley/park/2613/links.html

http://www.ilf.net/Toast/

http://www.islandnet.com/~cliffmcc

http://www.simtel.net/simtel.net

http://www.supernet.net/cwsapps/cwsa.html

http://www.trytel.com/hack/

http://www.tucows.com

http://www2.southwind.net/%7emiker/hack.html

... and this is what I get

250 The following SMTP commands are recognized:

250

250 HELO hostname startup and give your hostname

250 MAIL FROM:<sender address> start transaction from sender

250 RCPT TO:<recipient address> name recipient for message

250 VRFY <address> verify deliverability of address

250 EXPN <address> expand mailing list address

250 DATA start text of mail message

250 RSET reset state, drop transaction

250 NOOP do nothing

250 DEBUG [level] set debugging level,default 1

250 HELP produce this help message

250 QUIT close SMTP connection

Let’s next do the obvious. The header says this post was composed on the host 203.15.166.46. So we telnet

to its nntp server (port 119):

telnet 203.15.166.46 119

We get back:

Trying 203.15.166.46 ...

telnet: connect: Connection refused

find  / -perm +4000 2>/dev/null

 
  Hoy habia 1 visitantes (9 clics a subpáginas) ¡Aqui en esta página!  
 
=> ¿Desea una página web gratis? Pues, haz clic aquí! <=