Read Carefully

Let's start
~~~~~~~~~~~

If you read carefully all what i'm telling here, you are smart and you work hard on it,
you'll be able to hack. i promise. That doesn't really make you a hacker (but you're on the way).
A hacker is someone who is able to discover unknown vulnerabilities in software and able to
write the proper codes to exploit them.



Some definitions
~~~~~~~~~~~~~~~~

I'm going to refer to every kind of computer as a box, and only as a box.
This includes your PC, any server, supercomputers, nuclear silos, HAL9000,
Michael Knight's car, The Matrix, etc.

The systems we're going to hack (with permission) are plenty of normal users, whose
don't have any remote idea about security, and the root. The root user is called
superuser and is used by the admin to administer the system.

I'm going to refer to the users of a system as lusers. Logically, I'll refer to
the admin as superluser.


Don't get busted
~~~~~~~~~~~~~~~~


Let's suppose you haven't skipped everything below and your Linux bow is now connected to the net.

It's now turn for the STEALTH. You won't get busted! just follow my advices and you'll be safe.

- Don't hack
this is the most effective stealth technique. not even the FBI can bust you. :-)
If you choose this option, stop reading now, cause the rest is worthless and futile.

- If you change a webpage, DON'T SIGN! not even with a fake name. they can trace you, find
your own website oe email address, find your ISP, your phone number, your home...
and you get busted!!

- be PARANOID, don't talk about hacking to anyone unless he is really interested in hacking too.
NEVER tell others you've hacked a box.

- NEVER hack directly from your box (your_box --> victim's box).
Always use a third box in the middle (your_box --> lame_box --> victim's box).

Where lame_box is a previously hacked box or...a shell account box!
A shell account is a service where you get control of a box WITHOUT hacking it.
There are a few places where shell accounts are given for free. One of them is nether.net.

- Don't hack dangerous boxes until you're a real hacker.
Which boxes are dangerous:
Military boxes
Government boxes
Important and powerful companies' boxes
Security companies' boxes
Which boxes are NOT dangerous:
Educational boxes (any .edu domain)
Little companies' boxes
Japanese boxes

- Always connect to the internet through a free and anonymous ISP
(did i tell you that AOL is NOT an ISP?)

- Use phreking techniques to redirect calls and use others' lines for your ISP call.
Then it'll be really difficult to trace you. This is not a guide to phreaking anyway.


TCP ports and scanning
~~~~~~~~~~~~~~~~~~~~~~

Do you got your stealth linux box connected to the internet (not aol)?
Have you read the manual as i told you?


Then we shall start with the damn real thing.

First of all, you should know some things about the internet. It's based on the TPC/IP protocol,
(and others)

It works like this: every box has 65k connection PORTS. some of them are opened and waiting for
your data to be sent.

So you can open a connection and send data to any these ports. Those ports are associated with
a service:

Every service is hosted by a DAEMON. Commonly, a daemon or a server is a program that runs
on the box, opens its port and offers their damn service.

here are some common ports and their usual services (there are a lot more):

Port number Common service Example daemon (d stands for daemon)
21 FTP FTPd
23 Telnet telnetd
25 SMTP sendmail (yes!)
80 HTTP apache
110 POP3 qpop


Example:
when you visit the website http://www.host.com/luser/index.html, your browser does this:
-it connects to the TCP port 80
-it sends the string: "GET /HTTP/1.1 /luser/index.html" plus two 'intro'
(it really sends a lot of things more, but that is the essential)
-the host sends the html file

The cool thing of daemons is they have really serious security bugs.

That's why we want to know what daemons are running there, so...

We need to know what ports are opened in the box we want to hack.

How could we get that information?

We gotta use a scanner. A scanner is a program that tries to
connect to every port on the box and tells which of them are opened.

The best scanner i can think of is nmap, created by Fyodor.
You can get nmap from my site in tarball or rpm format.