Berif description on NAT, Internal VS External IP Addresses, IP Address Hiding, Perfect Cyber Crime, Proxy Server, Unblocking Websites, People Hacking, VPN and HTTP Tunneling
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Cyber security and ethical hacking 3
1. Cyber Security & Ethical Hacking
By Mehedi Hasan
Lecture 3:
NAT, Internal VS External IP Addresses, IP Address Hiding,
Perfect Cyber Crime, Proxy Server, Unblocking Websites, People
Hacking, VPN and HTTP Tunneling
2. IP Address
When the internet was initially created, there was no shortage of IP
addresses. However, as internet usage spread, an acute shortage of
IP addresses was created was created worldwide. This led to the
emergence of NAT of Network Address Translation.
The biggest advantages of NAT are:
• Reduces Need for IP addresses.
• Improves security.
• Easier implementation of Network.
Internal IP Address and External IP Address
Introduction to NAT
3. IP Address
Let me give you an example to explain a NAT. Let us assume that
there are 100 employee in an office. Every employee has a internal
phone on their number with an extension number. There is a
receptionist in the office who controls all incoming /outgoing phone
calls in the office. We can call her NAT. The receptionist has a lookup
table that contains a list of employee names and their respective
extension numbers. Now look at how incoming and outgoing phone
calls are handled.
Outgoing call:
Employee -----------Receptionist -----------------Target number.
The person at the destination number will only see the mail office
line phone number and not your internal desk number. This give you
security & prevents annoying people from calling you. It also allows
Internal IP Address and External IP Address
Introduction to NAT
4. IP Address
Incoming Call:
Outside number ----------------Receptionist ----------Internal Extension
When someone from outside the office wants to call you then they
have to call on the office main number. The receptionist or
automatic phone system will pickup the call and ask the outside to
enter the extension number or name they want to speak to.
Depending upon the extension number entered, the lookup table is
used to route the call to the appropriate employee in the office.
Internal IP Address and External IP Address
Introduction to NAT
5. IP Address
A NAT system operates in the same way. All employee in the office
are giving unique internal IP addresses which normally can not be
accessed from outside the network. When a internal computer
wants to connect to the internet, then the router assigns the internal
computer a public external IP address that has been bought by the
company. The same public external IP address is shared by all
computers in the network. The internal IP addresses of the
employees remains protected, because outsiders are always only
communicate with the public IP address of the company.
Internal IP Address and External IP Address
Introduction to NAT
6. IP Address
For example, let us assume that there are 100 student in a collage and
all of them have been assigned internal IP addresses: 10.95.1.23,
10.95.1.1……………..10.95.1.99. if student X (IP addresses is 10.94.1.23)
wants to access a system Y onside the network, then the following will
happen:
• Step 1: Student X connects to router requesting an outside
connection. Router knows student X’s internal IP address
• Steps 2: Router allows the internal system to communicate with
outside world using the networks public IP address.
• Step 3: The router maintains a lookup table that maps different
connections made by internal computers to various port numbers. Let
un see an example to make this clearer.
Internal IP Address and External IP Address
Introduction to NAT
7. IP Address
Step 3: The router maintains a lookup table that maps different
connections made by internal computer to various port numbers. Let
us see an example to make this clearer.
Say there are two internal systems A (10.95.1.23) and B (10.95.1.1)
and both of them initiate connections to the same website
www.gmail.com. The public IP address of the network is 204.98.11.2,
then the router will store the 2 connections in a lookup table in the
following manner.
10.95.1.23 is stored as 204.98.11.2: port X
10.95.1.1 is stored as 204.98.11.2: port Y
Gmail.com thinks it is communicating with only the public IP
addresses 204.98.11.2. to send data to the internal system 10.94.1.0
gmail will send date to 204.98.11.2 and to send data to the internal
system 10.04.1.1, gmail will send data to 204.98.11.2: Y
Internal IP Address and External IP Address
Introduction to NAT
8. IP Address
Step 4: When the router of the college receives data from the
remote computer, then the data is forwarded to the respective
internal system based on the lookup table.
Data send to the public IP address 204.98.11.2: X, is forwarded to the
internal system 10.95.1.23 and data sent to the public IP address
204.98.11.2: Y , is forwarded to the internal system 10.95.1.23 . As
simple as that.
Internal IP Address and External IP Address
Introduction to NAT
9. IP Address
Internal IP address can be found out using the commands:
Netstate –n
Ipconfig /all
External IP address can be found out by opening your browser and
connecting to:
www.whatismyipaddress.com
Internal IP Address and External IP Address
How to find out your internal IP address and external IP
address?
17. The Real Cyber Crime
Proxy Bouncing (Hide your IP).
Mac Spoofing (MacMakeup, Mad Macs, Ether Change,
Bwmachak).
WAR Driving (Connect to random wi-fi network).
Onion Routing (Tor Encrypts Data + 3 Server Minimum)
22. IP Scanning
Types of Proxy Servers: Socks and http
HTTP Proxy Server:
Http Proxy server allow you to bypass filtering mechanism & access
blocked control. User sends HTTP request to proxy server, who then
reads the host header in the HTTP request, connects to the target
server and transmits back whatever data the server sends back.
Usually works with only HTTP apps. For example,
www.anonymizer.com
23. IP Scanning
Types of Proxy Servers: Socks and http
HTTP Proxy Server:
Http Proxy server allow you to bypass filtering mechanism & access
blocked control. User sends HTTP request to proxy server, who then
reads the host header in the HTTP request, connects to the target
server and transmits back whatever data the server sends back.
Usually works with only HTTP apps. For example,
www.anonymizer.com
Socks Proxy Server:
Socks Proxy Server allow you to bypass filtering mechanisms &
access blocked content. Socks is a protocol that transmits data
between source and destination via a proxy server without reading
any of the contents. Hence it works with all protocols like TCP, UDP
etc and will allow you to use all applications (like mail, browsing, FTP,
ets). For example tor.
24. IP Scanning
MultiProxy : Allows you to keep changing proxy server the
same session. Supports both HTTP & SOCKS proxy
29. IP Scanning
A VPN (Virtual Private Networks) is a group of computer
connected together privately through a public network like
the internet. Usually VPN services give you an encrypted
secure and anonymous communication channel
30. IP Scanning
Popular VPN Services: HideMyAss, IPVanish, Strong VPN,
Box VPN, 12VPN, GoTrusted and others.
31. HTTP Tunneling
Let us assume that in your college or company, FTP protocol (Port
21) is blocked or torrents are blocked. The firewall only allows HTTP
traffic on port 80, all other ports are blocked. It is possible to
encapsulate FTP or torrent traffic inside HTTP protocol and bypass
the firewall.
Step 1: Install HTTP Tunneling software server on your home or
outside computer that has unrestricted access.
Step 2: Install HTTP tunneling software client on your college or
office computer that has restricted access.
32. HTTP Tunneling
Step 3: Now your connection diagram will be the following:
You ------------FTP or torrent software ------------HTTP Tunneling client
-----------------sends FTP or Torrent traffic encapsulated into HTTP
protocol via port 80 to bypass firewall --------HTTP Tunneling server
on home computer -----------FTP or torrent destination.
Now you can use college computer to access everything on your
home network including unrestricted internet.
Tunnelizer, HTTPort and HTTP Tunnel and so one.
33. Super Network Tunnel
This is a commercial tool that perform two way HTTP tunneling . Not
only can you access your home network from college. But you can
access college network from home.
38. Proxy Workbench
Proxy workbench records all data passing through particular system
in teal time. Fantastic to study how connections happen.
39. People Hacking
Whatever you do online, you are leaving a trace behind on some
website, server of system in some part of the world or other.
People hacking is the technique of searching the entire internet
looking for private information about some individual. The
information that you can find out is the following.
• Contact Addresses.
•Date of Birth.
•Email Address.
•Contact Number.
•Place of Work.
•Satellite Photos.
•Work History.