sharing files


if you're on the internet, then you're on a network; the internet is in fact a network of networks, hence, the internet = internetwork. networking is more than just connecting a bunch of computers together; it's about grouping together any number of different technologies to work seamlessly with one another.

let's explore a little about the different ways of getting your computer to communicate with other computers, without being directly plugged into them.

to start with something simple, "messenger" is a built-in service that windows uses to send popup messages. with sp2, this service is disabled by default but several networks out there still use older versions of windows and have this service enabled. if you know a machine's id (or host/computer name) on the network, you can send a popup message from the command line, simply by typing "net send compid hello there." if you know your computer's name (start > right-click my computer > properties > computer name > full computer name) you can send a popup message to yourself to see it in action. people sometimes take advantage of this to send advertisements to other people on the network, for example, your isp's network. you could also send popup messages to your cubicle buddy. considering computer names are usually some form of confusing id, people may not recognize that it's being sent to you from another computer. you can enable/disable messenger by going to start > control panel > administrative tools > services > messenger > startup type.

two other ways to communicate with other computers using dos are via the ftp (file transfer protocol) and telnet commands. with ftp or telnet, you can connect with another computer and easily access each other's file systems. you can download programs with nicer guis to take advantage of these rather than going through the command line. programs such as ws_ftp le for ftp, or putty for telnet, both are free. these methods usually require a username and password to login to whatever server you're trying to communicate with, although sometimes people have an anonymous user setup. you could even use ftp with internet explorer, by typing an ftp address instead of an http address as follows: ftp://user:password@ftpserver/url-path:port

think of a "port" as if it's a phone socket: each one has to have an address (like your house, only in this case an ip) and they are just different ways for data to get in. hence, when an ip appears with a specific port number it is referred to in whole as a "socket." this is a socket: 192.168.0.2:21. several protocols (or services) have "standard" ports (numbers 01023 are standard ports) that are assigned by the iana (internet assigned numbers authority). for example, the http protocol by default listens on port 80; ftp listens on port 21, etc. a full list of registered services and their corresponding port numbers can be obtained at http://www.iana.org/assignments/port-numbers

the ietf (internet engineering task force; as in, all of those smart guys responsible for making sense out of everything internet) says this about the telnet protocol: "the purpose of the telnet protocol is to provide a fairly general, bi-directional, eight-bit byte oriented communications facility." for our intents and purposes, all you really need to know about telnet is that it is a commonly used tool that is used to connect to a remote computer using a socket, or ip + port (we will cover remote-desktops in the next section). the default port for the telnet protocol is 23. luckily, all versions of windows from 95 on up have a telnet program included.

the telnet program can be accessed by pressing win + r and typing "telnet." to see the syntax for the telnet program simply type "help" and press enter. as you will see by typing "o host" (for example, "o www.example.com" will attempt to establish a connection with "example.com"), telnet will also work by specifying an ip address. a somewhat less-known fact about the telnet program is that it can be used to connect to ports on remote computers other than the standard telnet port 23. this is achieved by using the syntax: "o hostname port-number"

you might ask yourself, "what benefit could this information possibly give me?" virtually all server administration and security penetration attempts happen from a remote location. the most common method that a hacker uses to determine his/her entry point is by finding an open service or port number to exploit, thus using it to gain access to the target system. for example, if you find an available smtp server (which usually runs on port 25) then you could use it to send mail (imagine someone else using your computer to send all their mail). port validation is literally that simple. often, this is one of the first steps you take in "footprinting" a remote network. it is by far one of the most valuable tools you will ever use. while your intention may not be to break into computer systems, it is always a good idea to understand how these mechanisms work. after all, you may find yourself defending your computer systems from such attacks.

once you master the art of using telnet for all of your port validation needs, as well as understanding the underlying concepts of what comprises network services, you can use other tools to check for open ports. one common tool is a port scanner, which would scan all the ports you specify in a fraction of the time it takes you to do it manually. for the scope of this book, we won't go into the usage of a port scanner, but you should know by now where to find more information.

as far as security is concerned, you can use different firewalls to close unused or unnecessary ports, but you don't want to be so paranoid as to disable all of your ports because it would render your system's network capabilities useless (ports are needed to communicate).

ftp is a much better way to share files than via instant messaging or e-mail; you can simply give someone the address to your folder and sharing is as simple as drag & drop. don't worry; we can be specific about who can access what for security. unfortunately, there is no way within xp home edition to publish an ftp site without the use of third-party software (i know, what a pain!). if you're using home edition, feel free to skim through.

to start, we'll first need to check that iis (internet information services) is installed and set up; this is not available to xp home users. go to start > control panel > add or remove programs. click the "add/remove windows components" button in the left-pane, make sure iis is checked, and click "details." the components that you will need (if you don't have them already) are common files, file transfer protocol (ftp) service, and internet information services snap-in. if these items aren't checked, then check them and click "ok" followed by the "next" button. this should automatically configure things for you, although you may be prompted for your xp cd.

an ftp site is automatically created that you can access by either going to c:\inetpub\ftproot, or by typing ftp://yourip in your browser; unless you've got a firewall (which you should) or router set up it is completely unsecure. go to start > control panel > administrative tools > internet information services. here you can use the left navigation to find your ftp folder; just right-click it and select "properties."

the first tab (ftp site) allows you to rename the site, set the ip (if you're using a router), set which port people use to connect through, limit how many people can connect at the same time, decide how long they can sit idle before being automatically disconnected, or view everyone currently connected via the "current sessions" button (i would certainly hope it is empty; if it's not you can disconnect them).

the second tab (security accounts) allows you to require a username and password for people connecting, although by default it allows anonymous access and unless you have a specific reason to change it then you should leave it this way.

the third tab (messages) allows you to display messages for people, perhaps welcoming yourself to someone else's computer if you're doing this on their pc instead of yours.

the fourth tab (home directory) allows you to decide what folders/files are accessible, as well as what permissions people viewing the site have (you probably don't want them modifying your files).

now you should be all set if you're on an extremely insecure computer; otherwise we need to proceed with how to allow access through your firewall and/or router. i'm assuming you're using the xp default firewall; otherwise you'll need to figure out how to do this with whatever firewall you are using.

go to start > control panel > windows firewall and then click the "advanced" tab. highlight your connection and click the "settings" button. check the "ftp server" box to allow traffic through (make a note of what other services you can allow) and click ok. you're done here.

now how about that router? i have no idea what router you're using, so this could be tricky. first of all you need to access your router's setup screen: grab the manual or download it to figure out how. once you're in, you need to create a "virtual server" for port 21 (the default ftp port) with your ip address (your internal ip address if you're using a router). then finally, you're done. just give a friend the address ftp://yourip and swap away :-) if it doesn't work, you may need to contact your isp as some providers discourage servers for bandwidth concerns (even though they could just cap users' bandwidth instead, tyrants). you can cap (aka hog) bandwidth on your network as well using what is called qos or quality of service.

by default, no information is encrypted with ftp, which is why it is recommended that you leave anonymous access enabled; otherwise people intercepting packets could access usernames and passwords. overall, unless you go out of your way to set up something like ssl (secure socket layers) consider any information you're sharing via ftp public and accessible by anyone. it is perfectly secured from the rest of your system unless you're running the iis "web" server. to be safe, disable access through your firewall and/or router when you're not using it.




Tapeworm - 1337 Hax or Handbook
Tapeworm - 1337 Hax or Handbook
ISBN: N/A
EAN: N/A
Year: 2005
Pages: 74

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net