anomit
In the zone
I have not written this. Got it from here : *www.donkboy.com/html/vol1.htm
What is Telnet?
Telnet is a program that allows you to connect to other computers using ports. Every computer/server has ports, the most common ones you would see when using telnet are:
Port 21: FTP
Port 23: Telnet
Port 25: SMTP (Mail)
Port 37: Time
Port 43: Whois
So, for example you could tell Telnet to connect to mail.virgin.net on port 25. This would connect you to Virgins mail server.
Telnet really is essential, and its a great information tool as well.
What is an IP address?
An IP address is a unique number which is given to you when you use your modem to connect to the internet. No two people can have the same IP address at one time, and your IP address changes every time you connect. An IP address looks like this: 198.164.32.123 Usually, the first 6 numbers will be the same every time you connect because they tell us what Internet service provider you are using (For example, 198.164 is the standard beginning for a Virgin.net IP address). The last 5 numbers are unique to you. Believe it or not, people can find out absolutely tons of stuff about you just from seeing your IP address. You also probably don't realise that your IP address is logged practically every time you do anything on the net. This happens so that if you do something you shouldn't be (being an evil Haxor for instance!) the people who logged your IP can contact your Internet service provider and get you thrown off the net. The other bad thing about IP addresses, is the misuse that people can do with them. If someone on IRC gets hold off your IP address (that’s easy by the way, there is a command /dns which gives them anyones IP) they can type it into a nuke program and crash your connection or even your computer. Recently, IP addresses have also been used in a lot of trojan programs such as Back Oriface and Netbus.
What is a trojan/worm/virus/logic bomb?
This is excerpted from: Computer Security Basics by Deborah Russell and G.T. Gengemi Sr.
Trojan: An independent program that appears to perform a useful function but that hides another unauthorized program inside it. When an authorized user performs the apparrent function, the trojan horse performs the unauthorized function as well (often usurping the priveleges of the user).
Virus: A code fragment (not an independent program) that reproduces by attaching to another program. It may damage data directly, or it may degrade system performance by taking over system resources which are then not available to authorized users.
Worm: An independent program that reproduces by copying itself from one system to another, usually over a network. Like a virus, a worm may damage data directly, or it may degrade system performace by tying up system resources and even shutting down a network.
Logic Bomb: A method for releasing a system attack of some kind. It is triggered when a particular condition (e.g., a certain date or system operation) occurs.
What is PGP?
This is excerpted from: PGP(tm) User's Guide Volume I: Essential Topics by Philip Zimmermann
PGP(tm) uses public-key encryption to protect E-mail and data files. Communicate securely with people you've never met, with no secure channels needed for prior exchange of keys. PGP is well featured and fast, with sophisticated key management, digital signatures, data compression, and good ergonomic design.
Pretty Good(tm) Privacy (PGP), from Phil's Pretty Good Software, is a high security cryptographic software application for MSDOS, Unix, VAX/VMS, and other computers. PGP allows people to exchange files or messages with privacy, authentication, and convenience. Privacy means that only those intended to receive a message can read it. Authentication means that messages that appear to be from a particular person can only have originated from that person. Convenience means that privacy and authentication are provided without the hassles of managing keys associated with conventional cryptographic software. No secure channels are needed to exchange keys between users, which makes PGP much easier to use. This is because PGP is based on a powerful new technology called "public key" cryptography.
PGP combines the convenience of the Rivest-Shamir-Adleman (RSA) public key cryptosystem with the speed of conventional cryptography, message digests for digital signatures, data compression before encryption, good ergonomic design, and sophisticated key management. And PGP performs the public-key functions faster than most other software implementations. PGP is public key cryptography for the masses.
How do I know if I telnet to a Unix system?
Ok, let me tell you how a unix system might greet you if you connected to it. First, when you call up a UNIX, or connect to one however you do, you will usually get this prompt:
login:
*Note: If you get the prompt "Logon:" it probably ISN'T Unix.
That means that this is PROBABLY a Unix system, Some Unix systems will tell you what they are or give you a message before a
login: prompt, as such:
Welcome to SHUnix. Please log in.
login:
Or something like that. Ok, we are at the login prompt, now you need to enter in a valid account. An Account usually consists of 8 characters
or less. After you enter in an account, you will probably get a password prompt of some sort. The prompts may vary, as the source code to the login program is usually supplied with UNIX, or is readily available for free.
Well, The easiest thing I can say to do to login is basically this:
Get an account, or try the defaults. The defaults are ones that came with the operating system, in standard form. The list of some of the Defaults are as follows:
Account Default Password
Root Root
Sys Sys / System / Bin
Bin Sys / Bin
Mountfsys Mountfsys
Admin Adm / Admin
Uucp Uucp
Nuucp Anon
Anon Anon
User User
Games Games
Install Install
Demo Demo
Guest Guest
Daemon Daemon
The accounts root, mountfsys, umountfsys, install, and sometimes sync are root level accounts, meaning they have total power. Other logins are just "user level" logins meaning they only have power over what files/processes they own.
What is a shell account?
A shell account allows you to use your home computer as a terminal on which you can give commands to a computer running Unix. The "shell" is the program that translates your keystrokes into Unix commands. With the right shell account you can enjoy the use of a far more powerful workstation than you could ever dream of affording to own yourself. It also is a great stepping stone to the day when you will be running some form of Unix on your home computer.
What is a shadowed password?
A shadowed password is when, in a unix passwd file, instead of the encrypted password being shown in the password field, a single character will be shown (usually an X or a *). This tells the comp that the password file is actually stored somewhere else, probably where normal users cant go. You may be able to find the Unshadowed backup file though:
[The following list of likely places to find the unshadowed backup is available from the "Hack FAQ" written by Voyager.]
Unix Path needed Token
----------------------------------------------------------------------
AIX 3 /etc/security/passwd !
or /tcb/auth/files/<first letter #
of username>/<username>
A/UX 3.0s /tcb/files/auth/?/ *
BSD4.3-Reno /etc/master.passwd *
ConvexOS 10 /etc/shadpw *
ConvexOS 11 /etc/shadow *
DG/UX /etc/tcb/aa/user/ *
EP/IX /etc/shadow x
HP-UX /.secure/etc/passwd *
IRIX 5 /etc/shadow x
Linux 1.1 /etc/shadow *
OSF/1 /etc/passwd[.dir|.pag] *
SCO Unix #.2.x /tcb/auth/files/<first letter *
of username>/<username>
SunOS4.1+c2 /etc/security/passwd.adjunct =
##username
SunOS 5.0 /etc/shadow
<optional NIS+ private secure
maps/tables/whatever>
System V Release 4.0 /etc/shadow x
System V Release 4.2 /etc/security/* database
Ultrix 4 /etc/auth[.dir|.pag] *
UNICOS /etc/udb =20
Here is what a shadowed password file will look like:
arif
:1569:1000:Mohd Arif Khan:/udd/arif:/bin/ksh
arigo:1570:1000:Ryan Randolph:/udd/arigo:/bin/ksh
aristo:1573:1000:M. Aristo Setiawan:/udd/aristo:/bin/ksh
armando:1577:1000:Armando Huis:/udd/armando:/bin/ksh
arn:1582:1000:Arn mett:/udd/arn:/bin/ksh
arne:1583:1000:arne banan:/udd/arne:/bin/ksh
aroon:1585:1000:Aroon Thakral:/udd/aroon:/bin/ksh
arozine:1586:1000:Igor Berg Mogielnicki:/udd/arozine:/bin/bash
arranw:1588:1000:Arran Whitaker:/udd/arranw:/bin/ksh
(and endless more)
Notice those X's? That tells you the password is shadowed. So, find out what Unix system it is, find the shadowed password file, and if you can get to it save it and crack it.
P.S. This thread will be updated from time to time keeping in view the diff types of questions asked here. Other members too can contribute with their answers.
This should prevent rerun of threads dealing with same questions.
What is Telnet?Telnet is a program that allows you to connect to other computers using ports. Every computer/server has ports, the most common ones you would see when using telnet are:
Port 21: FTP
Port 23: Telnet
Port 25: SMTP (Mail)
Port 37: Time
Port 43: Whois
So, for example you could tell Telnet to connect to mail.virgin.net on port 25. This would connect you to Virgins mail server.
Telnet really is essential, and its a great information tool as well.
What is an IP address?An IP address is a unique number which is given to you when you use your modem to connect to the internet. No two people can have the same IP address at one time, and your IP address changes every time you connect. An IP address looks like this: 198.164.32.123 Usually, the first 6 numbers will be the same every time you connect because they tell us what Internet service provider you are using (For example, 198.164 is the standard beginning for a Virgin.net IP address). The last 5 numbers are unique to you. Believe it or not, people can find out absolutely tons of stuff about you just from seeing your IP address. You also probably don't realise that your IP address is logged practically every time you do anything on the net. This happens so that if you do something you shouldn't be (being an evil Haxor for instance!) the people who logged your IP can contact your Internet service provider and get you thrown off the net. The other bad thing about IP addresses, is the misuse that people can do with them. If someone on IRC gets hold off your IP address (that’s easy by the way, there is a command /dns which gives them anyones IP) they can type it into a nuke program and crash your connection or even your computer. Recently, IP addresses have also been used in a lot of trojan programs such as Back Oriface and Netbus.
What is a trojan/worm/virus/logic bomb?This is excerpted from: Computer Security Basics by Deborah Russell and G.T. Gengemi Sr.
Trojan: An independent program that appears to perform a useful function but that hides another unauthorized program inside it. When an authorized user performs the apparrent function, the trojan horse performs the unauthorized function as well (often usurping the priveleges of the user).
Virus: A code fragment (not an independent program) that reproduces by attaching to another program. It may damage data directly, or it may degrade system performance by taking over system resources which are then not available to authorized users.
Worm: An independent program that reproduces by copying itself from one system to another, usually over a network. Like a virus, a worm may damage data directly, or it may degrade system performace by tying up system resources and even shutting down a network.
Logic Bomb: A method for releasing a system attack of some kind. It is triggered when a particular condition (e.g., a certain date or system operation) occurs.
What is PGP?This is excerpted from: PGP(tm) User's Guide Volume I: Essential Topics by Philip Zimmermann
PGP(tm) uses public-key encryption to protect E-mail and data files. Communicate securely with people you've never met, with no secure channels needed for prior exchange of keys. PGP is well featured and fast, with sophisticated key management, digital signatures, data compression, and good ergonomic design.
Pretty Good(tm) Privacy (PGP), from Phil's Pretty Good Software, is a high security cryptographic software application for MSDOS, Unix, VAX/VMS, and other computers. PGP allows people to exchange files or messages with privacy, authentication, and convenience. Privacy means that only those intended to receive a message can read it. Authentication means that messages that appear to be from a particular person can only have originated from that person. Convenience means that privacy and authentication are provided without the hassles of managing keys associated with conventional cryptographic software. No secure channels are needed to exchange keys between users, which makes PGP much easier to use. This is because PGP is based on a powerful new technology called "public key" cryptography.
PGP combines the convenience of the Rivest-Shamir-Adleman (RSA) public key cryptosystem with the speed of conventional cryptography, message digests for digital signatures, data compression before encryption, good ergonomic design, and sophisticated key management. And PGP performs the public-key functions faster than most other software implementations. PGP is public key cryptography for the masses.
How do I know if I telnet to a Unix system?Ok, let me tell you how a unix system might greet you if you connected to it. First, when you call up a UNIX, or connect to one however you do, you will usually get this prompt:
login:
*Note: If you get the prompt "Logon:" it probably ISN'T Unix.
That means that this is PROBABLY a Unix system, Some Unix systems will tell you what they are or give you a message before a
login: prompt, as such:
Welcome to SHUnix. Please log in.
login:
Or something like that. Ok, we are at the login prompt, now you need to enter in a valid account. An Account usually consists of 8 characters
or less. After you enter in an account, you will probably get a password prompt of some sort. The prompts may vary, as the source code to the login program is usually supplied with UNIX, or is readily available for free.
Well, The easiest thing I can say to do to login is basically this:
Get an account, or try the defaults. The defaults are ones that came with the operating system, in standard form. The list of some of the Defaults are as follows:
Account Default Password
Root Root
Sys Sys / System / Bin
Bin Sys / Bin
Mountfsys Mountfsys
Admin Adm / Admin
Uucp Uucp
Nuucp Anon
Anon Anon
User User
Games Games
Install Install
Demo Demo
Guest Guest
Daemon Daemon
The accounts root, mountfsys, umountfsys, install, and sometimes sync are root level accounts, meaning they have total power. Other logins are just "user level" logins meaning they only have power over what files/processes they own.
What is a shell account?A shell account allows you to use your home computer as a terminal on which you can give commands to a computer running Unix. The "shell" is the program that translates your keystrokes into Unix commands. With the right shell account you can enjoy the use of a far more powerful workstation than you could ever dream of affording to own yourself. It also is a great stepping stone to the day when you will be running some form of Unix on your home computer.
What is a shadowed password?A shadowed password is when, in a unix passwd file, instead of the encrypted password being shown in the password field, a single character will be shown (usually an X or a *). This tells the comp that the password file is actually stored somewhere else, probably where normal users cant go. You may be able to find the Unshadowed backup file though:
[The following list of likely places to find the unshadowed backup is available from the "Hack FAQ" written by Voyager.]
Unix Path needed Token
----------------------------------------------------------------------
AIX 3 /etc/security/passwd !
or /tcb/auth/files/<first letter #
of username>/<username>
A/UX 3.0s /tcb/files/auth/?/ *
BSD4.3-Reno /etc/master.passwd *
ConvexOS 10 /etc/shadpw *
ConvexOS 11 /etc/shadow *
DG/UX /etc/tcb/aa/user/ *
EP/IX /etc/shadow x
HP-UX /.secure/etc/passwd *
IRIX 5 /etc/shadow x
Linux 1.1 /etc/shadow *
OSF/1 /etc/passwd[.dir|.pag] *
SCO Unix #.2.x /tcb/auth/files/<first letter *
of username>/<username>
SunOS4.1+c2 /etc/security/passwd.adjunct =
##username
SunOS 5.0 /etc/shadow
<optional NIS+ private secure
maps/tables/whatever>
System V Release 4.0 /etc/shadow x
System V Release 4.2 /etc/security/* database
Ultrix 4 /etc/auth[.dir|.pag] *
UNICOS /etc/udb =20
Here is what a shadowed password file will look like:
arif
:1569:1000:Mohd Arif Khan:/udd/arif:/bin/ksharigo
:1570:1000:Ryan Randolph:/udd/arigo:/bin/ksharisto
:1573:1000:M. Aristo Setiawan:/udd/aristo:/bin/ksharmando
:1577:1000:Armando Huis:/udd/armando:/bin/ksharn
:1582:1000:Arn mett:/udd/arn:/bin/ksharne
:1583:1000:arne banan:/udd/arne:/bin/ksharoon
:1585:1000:Aroon Thakral:/udd/aroon:/bin/ksharozine
:1586:1000:Igor Berg Mogielnicki:/udd/arozine:/bin/basharranw
:1588:1000:Arran Whitaker:/udd/arranw:/bin/ksh(and endless more)
Notice those X's? That tells you the password is shadowed. So, find out what Unix system it is, find the shadowed password file, and if you can get to it save it and crack it.
P.S. This thread will be updated from time to time keeping in view the diff types of questions asked here. Other members too can contribute with their answers.
This should prevent rerun of threads dealing with same questions.
