Essential Concepts - HOW TO HACK: HACKING SECRETS EXPOSED: A BEGINNER'S GUIDE (2014)

HOW TO HACK: HACKING SECRETS EXPOSED: A BEGINNER'S GUIDE (2014)

Chapter 2. Essential Concepts

Now, let us begin to understand some of the basic concepts that are essential in laying the groundwork for our journey of learning how to hack. Before actually jumping into the hands-on approach, it is highly necessary for one to have a thorough understanding of the basics of computer network and their working model. In this chapter you will find a brief description of various concepts and terminologies related to computer networks, encryption and security.

COMPUTER NETWORK

A computer network is a group of two or more computers linked together so that communication between individual computers is made possible. Some of the common types of computer network include:

Local Area Network (LAN)

This is a type of computer network where interconnected computers are situated very close to each other say for example, inside the same building.

Wide Area Network (WAN)

This is a type of computer network where interconnected computers are separated by a large distance (a few km to few hundreds of km) and are connected using telephone lines or radio waves.

Internet

The Internet is the largest network which interconnects various LANs and WANs. It is a global system of various interconnected computer networks belonging to government or private organizations.

NETWORK HOST

A network host (or simply referred to as a host) can be any computer or network device connected to the computer network. This computer can be a terminal or a web server offering services to its clients.

NETWORK PROTOCOL

A network protocol (or just referred to as protocol) is a set of rules and conventions that are necessary for the communication between two network devices. For example, two computers on a network can communicate only if they agree to follow the protocols.

The following are some of the most widely referred network protocols:

Internet Protocol (IP Address)

An Internet Protocol address (IP address) is a unique number assigned to each computer or device (such as printer) so that each of them can be uniquely identified on the network.

Types of IP Address:

Private IP Address: A private IP address is the one that is assigned to a computer on the Local Area Network (LAN). A typical example of private IP address would be something like:

192.168.0.2

Public IP Address: A public IP address is the one that is assigned to a computer connected to the Internet. An example public IP address would be something like:

59.93.115.125

In most cases a computer gets connected to the ISP network using a private IP. Once a computer is on the ISP network it will be assigned a public IP address using which the communication with the Internet is made possible.

How to Find the IP Address of a Computer?

Finding your public IP is extremely simple. Just type "what is my IP" on Google to see your public IP address displayed in search results.

image

Figure 2. 1

In order to find your private IP, just open the command prompt window (type cmd in the "Run" box) and enter the following command:

ipconfig/all

image

Figure 2. 2

This will display a long list of details about your computer's network devices and their configuration. To see your private IP address, just scroll down to find something as "IPv4 Address" which is nothing but your private IP.

IPv4.jpg

Figure 2. 3

Hyper Text Transfer Protocol (HTTP)

The Hyper Text Transfer Protocol provides a standard for communication between web browsers and the server. It is one of the most widely used protocol on the Internet for requesting documents such as web pages and images.

Example: http://www.example.com

File Transfer Protocol (FTP)

The File Transfer Protocol provides a standard for transferring files between two computers on the network. FTP is most widely used in carrying out upload/download operations between a server and a workstation.

Example:ftp://www.example.com

Simple Main Transfer Protocol (SMTP)

The Simple Mail Transfer Protocol provides a standard for sending e-mails from one server to another. Most e-mail systems that send mail over the Internet use SMTP to exchange messages between the server.

Telnet

Telnet is a network protocol that allows you to connect to remote hosts on the Internet or on a local network. It requires a telnet client software to implement the protocol using which the connection is established with the remote computer.

In most cases telnet requires you to have a username and a password to establish connection with the remote host. Occasionally, some hosts also allow users to make connection as a guest or public.

After the connection is made, one can use text based commands to communicate with the remote host. The syntax for using the telnet command is as follows:

telnet <hostname or IP> port

Example:telnet 127.0.0.1 25

SSH (Secure Shell)

SSH is a protocol similar to telnet which also facilitates connection to remote hosts for communication. However, SSH has an upper hand over telnet in terms of security. Telnet was primarily designed to operate within the local network and hence does not take care of security. On the other hand SSH manages to offer total security while connecting to remote hosts on a remote network or Internet.

Akin to telnet SSH also uses a client software and requires a username and password to establish connection with the remote host.

NETWORK PORT

A computer may be running several services on it like HTTP (web server), SMTP, FTP and so on. Each of these services are uniquely identified by a number called network port (or simply referred to as port). If a computer wants to avail a specific service from another computer, it has to establish a connection to it on the exact port number where the intended service is running.

For example, if a terminal is to request a web document from a remote server using HTTP, it has to first establish a connection with the remote server on port 80 (HTTP service runs on port 80) before placing the request.

In simple words, port numbers can be compared to door numbers where each door grants access to a specific service on a computer. The following table shows a list of popular services and their default port numbers:

Name of Service/Protocol

Port Number

HTTP

80

FTP

21

SMTP

25

TELNET

23

SSH

22

Table 2. 1

NETWORK PACKET

A network packet (data packet, datagram or simply called as packet) is a basic unit of data sent from one host to another over a network. When data (such as a mail, message or a file) has to be transmitted between two hosts, it is fragmented into small structures called packets and are reassembled at the destination to make the original data chunk.

Each packet consists of the fragmented data along with the necessary information that will help it get to its destination such as the sender's IP address, intended receiver's IP address, target port number, the total number of packets the original data chunk has been broken into and thesequence number of the particular packet.

DOMAIN NAME SYSTEM (DNS)

A Domain Name System or Domain Name Service (DNS) is a network protocol whose job is to map domain names such as "gohacking.com" to its corresponding IP address like "104.28.6.51".

Since Internet is the mother of millions of computers each having a unique IP address, it becomes impossible for people to remember the IP address of each and every computer they want to access. So, in order to make this process simpler the concept of domain names was introduced. As a result users can easily access any website just by typing their domain names in the browser's address bas such as "google.com" or "yahoo.com" without having to remember their actual IP addresses.

However, since the network protocol understands only the IP address and not the domain names, it is necessary to translate the domain name back to its corresponding IP address before establishing a connection with the target server. This is where DNS comes in handy.

Your Internet Service Provider has a DNS server which maintains a huge record of existing domain names and their corresponding IP addresses. Each time you type the URL such as "http://www.google.com" on your browser's address bar, your computer will use the DNS server from the ISP and translates the domain name "google.com" to its corresponding IP address to make a connection with the Google's server. All this process will happen in a split second behind the scenes and hence goes unnoticed.

How DNS Works?

Let us understand the working of Domain Name System using the following example:

Whenever you type a URL such as "http://www.gohacking.com" on your browser's address bar, your computer will send a request to the local name server (the ISP DNS server) to resolve the domain name to its corresponding IP address. This request is often referred to as a DNS query.

The local name server will receive the query to find out whether it contains the matching name and IP address in its database. If found, the corresponding IP address (response) is returned. If not, the query is automatically passed on to another DNS server that is in the next higher level of DNS hierarchy. This process continues until the query reaches the DNS server that contains the matching name and IP address. The IP address (response) then flows back the chain in the reverse order to your computer. The following figure 2.4 illustrates the above process.

image

Figure 2. 4

FIREWALL

Firewalls are basically a barrier between your computer (or a network) and the Internet (outside world). A firewall can be simply compared to a security guard who stands at the entrance of your house and filters the visitors coming to your place. He may allow some visitors to enter while deny others whom he suspects of being intruders. Similarly a firewall is a software program or a hardware device that filters the information (packets) coming through the Internet to your personal computer or a computer network.

How Firewall Works?

Firewalls may decide to allow or block network traffic between devices based on the rules that are pre-configured or set by the firewall administrator. Most personal firewalls such as Windows firewall operate on a set of pre-configured rules which are most suitable under normal circumstances, so that the user need not worry much about configuring the firewall. The operation of firewall is illustrated in the below figure 2.5.

image

Figure 2. 5

Personal firewalls are easy to install and use and hence preferred by end-users to secure their personal computers. However, in order to meet customized needs large networks and companies prefer those firewalls that have plenty of options to configure.

For example, a company may set up different firewall rules for FTP servers, telnet servers and web servers. In addition, the company can even control how the employees connect to the Internet by blocking access to certain websites and restricting the transfer of files to other networks. Thus, in addition to security, a firewall can give the company a tremendous control over how people use their network.

Firewalls use one or more of the following methods to control the incoming and outgoing traffic in a network:

1. Packet Filtering: In this method, packets (small chunks of data) are analyzed against a set of filters. Packet filters has a set of rules that come with accept and deny actions which are pre-configured or can be configured manually by the firewall administrator. If the packet manages to make it through these filters then it is allowed to reach the destination; otherwise it is discarded.

2. Stateful Inspection: This is a newer method that doesn't analyze the contents of the packets. Instead, it compares certain key aspects of each packet to a database of trusted source. Both incoming and outgoing packets are compared against this database and if the comparison yields a reasonable match, then the packets are allowed to travel further. Otherwise they are discarded.

Firewall Configuration:

Firewalls can be configured by adding one or more filters based on several conditions as mentioned below:

1. IP addresses: In any case, if an IP address outside the network is said to be unfavourable, then it is possible to set filter to block all the traffic to and from that IP address. For example, if a certain IP address is found to be making too many connections to a server, the administrator may decide to block traffic from this IP using the firewall.

2. Domain names: Since it is difficult to remember the IP addresses, it is an easier and smarter way to configure the firewalls by adding filters based on domain names. By setting up a domain filter, a company may decide to block all access to certain domain names, or may provide access only to a list of selected domain names.

3. Ports/Protocols: If the services running on a given port is intended for the public or network users, they are usually kept open. Otherwise they are blocked using the firewall so as to prevent intruders from using the open ports for making unauthorized connections.

4. Specific words or phrases: A firewall can be configured to filter one or more specific words or phrases so that both the incoming and outgoing packets are scanned for the words in the filter.

For example, you may set up a firewall rule to filter any packet that contains an offensive term or a phrase that you may decide to block from entering or leaving your network.

Hardware vs. Software Firewall:

Hardware firewalls provide higher level of security and hence preferred for servers where security has the top most priority. The software firewalls on the other hand are less expensive and hence preferred in home computers and laptops.

Hardware firewalls usually come as an in-built unit of a router and provide maximum security as it filters each packet at the hardware level itself even before it manages to enter your computer. A good example is the Linksys Cable/DSL router.

PROXY SERVER

In a computer network, a proxy server is any computer system offering a service that acts as an intermediary between the two communicating parties, the client and the server.

In the presence of a proxy server, there is no direct communication between the client and the server. Instead, the client connects to the proxy server and sends requests for resources such as a document, web page or a file that resides on a remote server. The proxy server handles this request by fetching the required resources from the remote server and forwarding the same to the client.

How Proxy Server Works?

An illustration of how a proxy server works is shown in the Figure 2.1.

As shown in the below example, whenever the client connects to a web proxy server and makes a request for the resources (in this case, “Sample.html”) that reside on a remote server (in this case, xyz.com), the proxy server forwards this request to the target server on behalf of the client so as to fetch the requested resource and deliver it back to the client. An example of client can be a user operated computer that is connected to the Internet.

image

Figure 2. 6

A proxy server is most widely used to conceal the IP address or the origin of the Internet users during their activity. Since it the proxy server which handles the requests between the client and the target, only the IP address of the proxy server is exposed to the outside world and not the actual one. Therefore, most hackers use a proxy server during the attacks on their target so that it would be hard to trace back to them.