Click to return to BOL home page
Banker Store eCard Exchange Vendor Connect Career Connect Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads BOL Conferences CrimeDex Em@il Education FREE Briefings Record Retention

   

















    Site Map

    Our Sponsors

    Home





Compliance Gurus
Lending Gurus
Operations Gurus
Security Gurus
Marketing Gurus
eBanking Gurus

Print Friendly! Email This Article! Discuss NOW!


How could hackers figure out what our Internet server is running?
by L. Michael Guard
BIO AND CONTACT INFO

QUESTION: How could hackers figure out what our Internet server is running?

ANSWER: There are actually a wide variety of techniques and software programs available which are utilized to do this. In fact, it's even possible to do it over the Internet. See, for example, Netcraft's What's That Site Running at http://uptime.netcraft.com/up/graph

Being able to identify the type & version of software being utilized by the target sight is one of the major purposes behind the second stage of a network hack, Scanning.

The first stage of a hack is Footprinting, the process of identifying a list of network & IP addresses through using tools & techniques such as whois queries and zone transfer downloads. This provides valuable information for attackers, including employee names & phone numbers, IP address ranges, DNS servers, and mail servers.

The second stage of a hack is the process of determining what systems are alive and reachable from the Internet on the target network. Part of the process requires the attacker to have specific knowledge about the different operating systems and software commonly utilized. A variety of tools & techniques are utilized to gather information, for example ping sweeps, port scans, & automated discovery tools.

Most successful hacks require the hacker to correctly identify the software being utilized in order for him to know what the potential vulnerabilities are in the target network. You can perform what are called simple banner grabbing techniques which will grab information from such services as FTP, telenet, SMTP, HTTP, POP, and others. This is the simplest way to detect an operating system and the associated version number of the service running. Two of the best tools to help with the process are nmap & queso, which both provide TCP/IP stack fingerprinting capabilities.

For a more detailed answer providing all specifics of every step, identification of all software tools utilized by Hackers for the process, as well as instructions for using the software, see: Hacking Exposed, Network security Secrets & Solutions, by Stuart McClure & Joel Scambray, Osborne/McGraw-Hill.

First published on BankersOnline.com 3/19/01
Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking
BOL Archives    Privacy Policy    Important Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.