What's New!

Chat with
Hackers

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

Networking Edition
__ __ __ __ __
/ // /__ ____ ___ __ __ / // /__ _____/ /_____ ____
/ _ / _ `/ _ \/ _ \/ // / / _ / _ `/ __/ '_/ -_) __/
/_//_/\_,_/ .__/ .__/\_, / /_//_/\_,_/\__/_/\_\\__/_/
/_/ /_/ /___/
___ _ __
/ _ \(_)__ ____ ___ / /_
/ // / / _ `/ -_|_-</ __/
/____/_/\_, /\__/___/\__/
/___/

February 16, 2000
See http://www.happyhacker.org

Introducing - Mister E-us, who is the editor of our new Networking edition of the Happy Hacker Digests. Today we get an introduction to who he is and why he hacks, and following this, his first turorial on TCP/IP, the protocol that makes the Internet run.

Preface: Hacking is my way of life

So you want to be a hacker? Want to smash firewalls and get root? Want to rule cyberspace? Want to find out what the government is really doing? Want to become 31337? Well sorry to disappoint you, but that's not really what it's all about.

To all of you that want to continue reading at this point, I'll give you a little background on myself. I've been in this game for about 8 years now, dating back to the days of local BBS's and ANSI art. Modems were 1200 baud and hard drives were under 100 megabytes, when you could afford them. I've been in systems all over the world, and I've met quite a few interesting people along the way.

Let's get down to hacking, all you have to do is be up all night, drink Mountain Dew, and have pizza boxes stacked all over, right? Wrong, most *real* hackers have jobs and lives. Some of us are even lucky enough to do this for a living. Besides, how can you hone your social engineering skills if you are locked in a dark room by yourself? Hackers don't spell like th1$, and real hackers make it a point to express themselves clearly through their words.

If you want to be a hacker there are protocols and procedures that you must know to be accepted as one of the group.

1. NEVER EVER pretend your something your not. You will ruin yourself, hackers can smell a rat and nothing makes them happier than publicly (and I do mean publicly) exposing a fraud.

2. If you ask a hacker for help you MUST do background reading, nothing will stop you faster than trying to find a shortcut.

3. Do NOT try to prove your skills, if you have them, you will show them. People will be able to see them without doing anything stupid.

4. Do NOT instigate trouble with other hackers, they may be better than you, and may have less morals. Avoiding getting personal is a good way to avoid this altogether. If things do get out of hand, get up and back away from your computer, go live your life for a while.

5. READ READ READ: This is pretty self explanatory, but do it. Try to learn something everyday, and use it in practice.

At this point I'd like to state my position on this "hacker war"
currently taking place. I find it very hard to believe that a true hacker would ever deface a website. Having the knowledge is one thing, using it is another. I would have no trouble defacing websites, I just choose not to. I'm sure several of you will write me and say, "I don't believe you, show me how." Don't bother, refer to rule #3 above. I've already proven myself to those who are truly in the know. Denial of service (DoS) attacks appear to be on the rise of late, especially with the latest distributed (DDoS) effort against Yahoo. I don't see DDoS as a new concept, I can remember a while back when the threat was distributed port scanning. Same concept, different application of principle. There have also been people who have said to me, "If a company leaves themselves open, why shouldn't I go in?" Well, if I saw my neighbor's doors were unlocked I wouldn't walk in and sit down. For some of you it may be a hard to comprehend, but it's called respect for other people's property. If I noticed someone's door were unlocked, instead of helping myself, I'd probably tell them instead. That's how you gain respect, respect someone else and you get it back.

Hacking is my way of life, and it's not a destination, it's all about the journey. I'm working some new tools, putting some theories I have into practice. I'm not sure I'm going to release them to the public (I'm not sure I want to be responsible for what the script kiddiez may do with them), but I'll make sure I go into detail if they work out.

 

The TCP/IP Basics
Chapter 1 -- A glance at TCP/IP or (Uh, what's a packet?)

In this series we will explore the wonders of the protocol that made the internet what it is today. It will start from the basics and theory and lead to practical applications of this knowledge. Some of the things discussed later may *NOT* be legal in your locale, please check your local computer crime laws. (Or do them at home.)

Starting at the beginning we can understand TCP/IP by understanding the parts that make it up. The following Diagram will show the building blocks of networking and how they fit together.

--------- --------- ---------
| SNMP | | Telnet| | FTP | <--- Application Layer
--------- --------- ---------

--------- ---------
| UDP | | TCP | <--- Transport Layer
--------- ---------

--------- ---------
| ICMP | | IP | <--- Network Layer
--------- ---------

--------- --------- --------- ---------
| ARP | | RARP | | Ether | | PPP | <--- Link Layer
--------- --------- --------- ---------

As you can see, with one block on top of another, there is more than just TCP/IP networking. As our focus is on TCP/IP though the following explanation will focus solely on the anatomy of a TCP/IP packet. The link layer adds the source and destination mac addresses to the packet. The network layer adds the source and destination IP addresses. The transport layer adds the source and destination port numbers. At this point there is a pseudo layer called the session layer that adds the data to the packet, although one might argue this is also a function of the transport layer as well. The application layer is exactly that, the application that is passing the packets. The following diagram may help pull this together.

SAMPLE PACKET
**********************************************************************
*(Link Layer) *
* =============================================================*
* =(Network Layer) =*
* = ++++++++++++++++++++++++++++++++++++++++++++++++++++=*
* = +(Transport Layer) +=*
*Source =Source + Source ----------------------------------------- +=*
*Mac =IP + Port - Data - +=*
*Dest =Dest + Dest - - +=*
*Mac =IP + Port ----------------------------------------- +=*
* = + +=*
* = ++++++++++++++++++++++++++++++++++++++++++++++++++++=*
* = =*
* =============================================================*
* *
**********************************************************************

Tearing this down further brings us to the TCP portion of this text. The TCP header is broken down into ten sections, they are as follows: source port number, destination port number, sequence number, acknowledgement number, header length, reserved, flags, windows size, TCP checksum and urgent pointer. Let's look first at flags. Flags are set based on what the packet is trying to accomplish. The six flags are as follows:

URG <-- Urgent Flag
ACK <-- Acknowledgment number is valid
PSH <-- Push this data on as soon as possible
RST <-- Reset the connection
SYN <-- Synchronize sequence numbers to establish a connection
FIN <-- Sender is finished sending data

This brings us to the TCP three way handshake for making connections. This is the way all TCP connections are made.

--------- ---------
|HOST A | 1. Syn |HOST B |
| | ---------------------> | |
| | | |
| | 2. Syn/Ack | |
| | <-------------------- | |
| | | |
| | 3. Ack | |
| | ---------------------> | |
| | | |
--------- ---------

1. Host A initiates a connection to Host B and says, (SYN)chronize your TCP sequence with me.

2. Host B responds back and says, I've (ACK)nowleged your request, (SYN)chronize your TCP sequence with me.

3. Host A responds, I (ACK)nowledge your request, let's start talking.

 

With this basic understanding you can learn why some denial of service attacks work, what use they might have, the TCP sequence prediction vulnerabilities, and port scanning.

The next installment will discuss port scanning, half scans, and stealth scanning.

 

This is a list devoted to *legal* hacking! If anyone plans to use any
information in this Digest or at our Web site to commit crime, go away! Welike to put computer criminals behind bars where they belong!



Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group
 © 2013 Happy Hacker All rights reserved.