Networking Edition
__ __
__ __ __
/ // /__ ____ ___ __ __ / // /__ _____/ /_____
____
/ _ / _ `/ _ \/ _ \/ // / / _ / _ `/ __/ '_/
-_) __/
/_//_/\_,_/ .__/ .__/\_, / /_//_/\_,_/\__/_/\_\\__/_/
/_/ /_/ /___/
___ _ __
/ _ \(_)__ ____ ___ / /_
/ // / / _ `/ -_|_-</ __/
/____/_/\_, /\__/___/\__/
/___/
February 16, 2000
See http://www.happyhacker.org
Introducing - Mister E-us, who is the editor of our new Networking
edition of the Happy Hacker Digests. Today we get an introduction
to who he is and why he hacks, and following this, his first
turorial on TCP/IP, the protocol that makes the Internet run.
Preface: Hacking is my way of life
So you want to be a hacker? Want to smash firewalls and
get root? Want to rule cyberspace? Want to find out what the
government is really doing? Want to become 31337? Well sorry
to disappoint you, but that's not really what it's all about.
To all of you that want to continue reading at this point,
I'll give you a little background on myself. I've been in this
game for about 8 years now, dating back to the days of local
BBS's and ANSI art. Modems were 1200 baud and hard drives were
under 100 megabytes, when you could afford them. I've been in
systems all over the world, and I've met quite a few interesting
people along the way.
Let's get down to hacking, all you have to do is be up
all night, drink Mountain Dew, and have pizza boxes stacked all
over, right? Wrong, most *real* hackers have jobs and lives.
Some of us are even lucky enough to do this for a living. Besides,
how can you hone your social engineering skills if you are locked
in a dark room by yourself? Hackers don't spell like th1$, and
real hackers make it a point to express themselves clearly through
their words.
If you want to be a hacker there are protocols and procedures
that you must know to be accepted as one of the group.
1. NEVER EVER pretend your something your not. You will ruin
yourself, hackers can smell a rat and nothing makes them happier
than publicly (and I do mean publicly) exposing a fraud.
2. If you ask a hacker for help you MUST do background reading,
nothing will stop you faster than trying to find a shortcut.
3. Do NOT try to prove your skills, if you have them, you
will show them. People will be able to see them without doing
anything stupid.
4. Do NOT instigate trouble with other hackers, they may be
better than you, and may have less morals. Avoiding getting personal
is a good way to avoid this altogether. If things do get out
of hand, get up and back away from your computer, go live your
life for a while.
5. READ READ READ: This is pretty self explanatory, but do
it. Try to learn something everyday, and use it in practice.
At this point I'd like to state my position on this "hacker
war"
currently taking place. I find it very hard to believe that a
true hacker would ever deface a website. Having the knowledge
is one thing, using it is another. I would have no trouble defacing
websites, I just choose not to. I'm sure several of you will
write me and say, "I don't believe you, show me how."
Don't bother, refer to rule #3 above. I've already proven myself
to those who are truly in the know. Denial of service (DoS) attacks
appear to be on the rise of late, especially with the latest
distributed (DDoS) effort against Yahoo. I don't see DDoS as
a new concept, I can remember a while back when the threat was
distributed port scanning. Same concept, different application
of principle. There have also been people who have said to me,
"If a company leaves themselves open, why shouldn't I go
in?" Well, if I saw my neighbor's doors were unlocked I
wouldn't walk in and sit down. For some of you it may be a hard
to comprehend, but it's called respect for other people's property.
If I noticed someone's door were unlocked, instead of helping
myself, I'd probably tell them instead. That's how you gain respect,
respect someone else and you get it back.
Hacking is my way of life, and it's not a destination,
it's all about the journey. I'm working some new tools, putting
some theories I have into practice. I'm not sure I'm going to
release them to the public (I'm not sure I want to be responsible
for what the script kiddiez may do with them), but I'll make
sure I go into detail if they work out.
The TCP/IP Basics
Chapter 1 -- A glance at TCP/IP or (Uh, what's a packet?)
In this series we will explore the wonders of the protocol
that made the internet what it is today. It will start from
the basics and theory and lead to practical applications of this
knowledge. Some of the things discussed later may *NOT* be legal
in your locale, please check your local computer crime laws.
(Or do them at home.)
Starting at the beginning we can understand TCP/IP
by understanding the parts that make it up. The following Diagram
will show the building blocks of networking and how they fit
together.
--------- --------- ---------
| SNMP | | Telnet| | FTP | <--- Application
Layer
--------- --------- ---------
--------- ---------
| UDP | | TCP | <--- Transport Layer
--------- ---------
--------- ---------
| ICMP | | IP | <--- Network Layer
--------- ---------
--------- --------- --------- ---------
| ARP | | RARP | | Ether | | PPP | <---
Link Layer
--------- --------- --------- ---------
As you can see, with one block on top of another, there
is more than just TCP/IP networking. As our focus is on TCP/IP
though the following explanation will focus solely on the anatomy
of a TCP/IP packet. The link layer adds the source and destination
mac addresses to the packet. The network layer adds the source
and destination IP addresses. The transport layer adds the source
and destination port numbers. At this point there is a pseudo
layer called the session layer that adds the data to the packet,
although one might argue this is also a function of the transport
layer as well. The application layer is exactly that, the application
that is passing the packets. The following diagram may help
pull this together.
SAMPLE PACKET
**********************************************************************
*(Link Layer)
*
* =============================================================*
* =(Network Layer)
=*
* = ++++++++++++++++++++++++++++++++++++++++++++++++++++=*
* = +(Transport Layer)
+=*
*Source =Source + Source -----------------------------------------
+=*
*Mac =IP + Port - Data
- +=*
*Dest =Dest + Dest -
- +=*
*Mac =IP + Port -----------------------------------------
+=*
* = +
+=*
* = ++++++++++++++++++++++++++++++++++++++++++++++++++++=*
* =
=*
* =============================================================*
*
*
**********************************************************************
Tearing this down further brings us to the TCP portion
of this text. The TCP header is broken down into ten sections,
they are as follows: source port number, destination port number,
sequence number, acknowledgement number, header length, reserved,
flags, windows size, TCP checksum and urgent pointer. Let's
look first at flags. Flags are set based on what the packet
is trying to accomplish. The six flags are as follows:
URG <-- Urgent Flag
ACK <-- Acknowledgment number is valid
PSH <-- Push this data on as soon as possible
RST <-- Reset the connection
SYN <-- Synchronize sequence numbers to establish a connection
FIN <-- Sender is finished sending data
This brings us to the TCP three way handshake for making connections.
This is the way all TCP connections are made.
--------- ---------
|HOST A | 1. Syn |HOST B |
| | ---------------------> | |
| | | |
| | 2. Syn/Ack | |
| | <-------------------- | |
| | | |
| | 3. Ack | |
| | ---------------------> | |
| | | |
--------- ---------
1. Host A initiates a connection to Host B and says, (SYN)chronize
your TCP sequence with me.
2. Host B responds back and says, I've (ACK)nowleged your
request, (SYN)chronize your TCP sequence with me.
3. Host A responds, I (ACK)nowledge your request, let's start
talking.
With this basic understanding you can learn why some denial
of service attacks work, what use they might have, the TCP sequence
prediction vulnerabilities, and port scanning.
The next installment will discuss port scanning, half scans,
and stealth scanning.
This is a list devoted to *legal* hacking! If anyone plans
to use any
information in this Digest or at our Web site to commit crime,
go away! Welike to put computer criminals behind bars where
they belong!
Email addresses:
Windows Editor Greggory Peck wineditor@happyhacker.org
Unix Editor Mike Miller unixeditor@techbroker.com
Network editor neteditor@techbroker.com
Hacker Wargame Directors Vincent Larsen vincent@sage-inc.com
John Vranesevich jp@antionline.com
Clown Princess Carolyn Meinel To Subscribe computer program
antionline-subscribe@onelist.com
To Unsubscribe computer program
antionline-unsubscribe@onelist.com
List owner John Vranesevich antionline-owner@onelist.com
Happy Hacker is part of a 501 (c) (3) tax deductible
organization
