What's New!

Chat with

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 


Meet the 
Happy Hacksters 

Help for 



It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

 More exploit files ...

Now suppose you want to scan your friend's ports. This is the best way to scan, as you won't have to worry about your friend getting you kicked off your ISP for suspicion of trying to break into computers. How do you know what your friend's IP address is? Ask him or her to run the command (from the DOS prompt) 'netstat -r'. This shows something like this:

C:\WINDOWS>netstat -r

Route Table

Active Routes:

Network Address Netmask       Gateway Address Interface      Metric        198.59.999.200  198.59.999.200      1           1
198.59.999.0  198.59.999.200  198.59.999.200      1
198.59.999.200           1
198.59.999.255 198.59.999.200  198.59.999.200      1      198.59.999.200  198.59.999.200      1 198.59.999.200             1

Active Connections

 Proto Local Address         Foreign Address       State
 TCP   lovely-lady:1093      mack.foo66.com:smtp    ESTABLISHED

That 'gateway address' and 'interface' both give the current IP address of your computer. If you are on a LAN, the gateway should be different from your own computer's IP address. If you or your friend are on a LAN, however, you should think twice before port scanning each other, or the LAN's sysadmin may notice your activity. Warning, sysadmins have quite an arsenal of larts to use on suspicious-acting users.

Newbie note: Lart? What the heck is a lart? It is a "luser attitude
readjustment tool." This is a generic class of techniques used by sysadmins to punish lusers. What is a luser? A wayward user. To get a sampling of popular larts, see http://mrjolly.cc.waikato.ac.nz. You want your sysadmins to be your FRIENDS, right? Never forget this!

What are some of the vulnerabilities to win95 and NT, you ask? Check previous GTMHHs for this information. Perhaps the most important thing to remember about Windows is equal to root in Unix), can run a program that uses any port it wants, even a well-known port. This vulnerability is demonstrated by a program from Weld Pond of L0pht fame called 'netcat'. The program can be obtained from:


Read the documentation that ships with the program, or the Guides on (a) win95 and telnet from:


or (b) NT security from:


...for information on uses of netcat.

More exploit files-->>

Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Visit this group


Return to the index of Guides to (mostly) Harmless Hacking!

 © 2013 Happy Hacker All rights reserved.