• Choose a category
• All
• Classic-Fiction

SolarWinds Toolset, Queso, Harris Stat, and Cheops are all network-management tools that can be used for operating system detection, network diagram mapping, listing services running on a network, generalized port scanning, and so on.

These tools diagram entire networks in a GUI interface including routers, servers, hosts and firewalls. Most of these tools can discover IP addresses, host names, services, operating systems, and version information.

Netcraft and HTTrack are tools that fingerprint an operating system. Both are used to determine the OS and web-server software version numbers.

Netcraft is a website that periodically polls web servers to determine the operating system version and the web-server software version. Netcraft can provide useful information the hacker can use in identifying vulnerabilities in the web server software. In addition, Netcraft has an anti-phishing toolbar and web-server verification tool you can use to make sure you're using the actual web server rather than a spoofed web server.

HTTrack arranges the original site's relative link structure. You open a page of the mirrored website in your browser, and then you can browse the site from link to link as if you were viewing it online. HTTrack can also update an existing mirrored site and resume interrupted downloads.

Understand How Proxy Servers Are Used in

Launching an Attack

Preparing proxy servers is the last step in the CEH scanning methodology. A proxy server is a computer that acts as an intermediary between the hacker and the target computer.

Using a proxy server can allow a hacker to become anonymous on the network. The hacker first makes a connection to the proxy server and then requests a connection to the target computer via the existing connection to the proxy. Essentially, the proxy requests access to the target computer not the hacker's computer. This lets a hacker surf the web anonymously or otherwise hide their attack.

Hacking Tools

SocksChain is a tool that gives a hacker the ability to attack through a chain of proxy servers. The main purpose of doing this is to hide the hacker's real IP address and therefore minimize the chance of detection. When a hacker works through several proxy servers in series, it's much harder to locate the hacker. Tracking the attacker's IP address through the logs of several proxy servers is complex and tedious work. If one of the proxy servers' log files is lost or incomplete, the chain is broken, and the hacker's IP address remains anonymous.

How Do Anonymizers Work?

Anonymizers are services that attempt to make web surfing anonymous by utilizing a website that acts as a proxy server for the web client. The first anonymizer software tool was developed by Anonymizer.com; it was created in 1997 by Lance Cottrell. The anonymizer removes all the identifying information from a user's computers while the user surfs the Internet, thereby ensuring the privacy of the user.

To visit a website anonymously, the hacker enters the website address into the anonymizer software, and the anonymizer software makes the request to the selected site. All requests and web pages are relayed through the anonymizer site, making it difficult to track the actual requester of the webpage.

Understand HTTP Tunneling Techniques

A popular method of bypassing a firewall or IDS is to tunnel a blocked protocol (such as SMTP) through an allowed protocol (such as HTTP). Almost all IDS and firewalls act as a proxy between a client's PC and the Internet and pass only the traffic defined as being allowed.

Most companies allow HTTP traffic because it's usually benign web access. However, a hacker using a HTTP tunneling tool can subvert the proxy by hiding potentially destructive protocols, such as IM or chat, within an innocent-looking protocol packet.

Hacking Tools

HTTPort, Tunneld, and BackStealth are all tools to tunnel traffic though HTTP. They allow the bypassing of an HTTP proxy, which blocks certain protocols access to the Internet. These