ATul Singh

Although TCP appears to be safe protocol because of all the negotiation involved in session establishment and all the protocol and the precision involved in data exchanged, don't get complacent.its not much secure than it should be. Network Sniffers can be setup  on the unsuspected machine to sniff the data on the network and they can snoop clear text data such userIds and passwords that are not encrypted in any way. I have one of my friend who did all this ,, he sniffed a dozen passwords and played with their network data. He was very much expert in doing sniffing and using them, othes friend don't even know their passwords are just floating in raw txt on the network. Session hijacking software, such as Hunt, uses another approach to exploit an existing TCP session. These attempt to intercept an established TCP session and hijack one end of the connection from the session to an evil host.  The problem is that conventional TCP exchanges do not require an...

An ACK scan operates by sending a TCP ACK frame to a remote port. If there are no responses or an ICMP destination unreachable message is returned, then the port is considered to be "filtered" Scans of ports are done for a variety of reasons, but they usually are used to discover whether a host or hosts are offering a particular service. If a host is found to be offering a service that might be exploitable, the hacker might try to break in using some vulnerability.Often, scans are blatant; the hacker makes no attempt to hide his reconnaissance of your network, except that the computer from which the scans originate might be compromised. The hacker assumes that either no one is monitoring the scanning activity or that by using the compromised host, no one can identify the hacker with the scan. Most likely there will be no attribution because no one can associate the hacker with the scan. This can be done by issuing folowing command #nmap -sA <host_address> Followin...