Ethical Hacker Community Forums

Hi everybody and sorry for my questions ...

I have a laptop under Windows Vista (still hate windows) connected to the internet via a wireless router . assuming that i have 3 routers and each router is connected to internet through a modem (3 routers , 3 modems , 3 internet connections) , the question is can i connect my laptop to these 3 routers and have 3 internet connections ??? .
because i have an apachi server running on my laptop and i have 3 domain names which i can forword them to any IP address i want , let's say domain 1 > net connection 1 IP
domain 2 > net connection 2 IP
domain 3 > net connection 3 IP

i want when anyone connects to any domain of these , to be routed to my apachi server running on my laptop where each domain has it's own IP and internet connection (domain 1 > net 1 = 128kbps / domain 2 > net 2 = 512 kbps / domain 3 > net 3 = 2mbps) ???

or is there any other way to use 3 domains and route them to 1 apachi server but via diffirent internet connections (diffirent IPs) ? plz help

i know my explanations are not clear , thats cuz am bad in english , but i will answer any question related to my question lol .

and thank you in advance

Teamer,

first things first, my answer depends on each of your network connections having a separate, static IP address.

The bandwidth you quote for the connections: are they the upstream figures? Bear in mind that as standard (in the UK at least) even a 20Mbps ADSL connection may be limited to as little as 256kb upstream. Which is the important aspect if you are trying to server content.

Also check with your telco's t's & c's as there may be restrictions on hosting content of the connection, possibly with some inbound ports being filtered.

All that said, some solutions....

Simplest solution would be to configure Apache to listen on each IP for each domain as appropriate and set DNS records for each domain. Job done.

I'm assuming that there is some issues with this however. Do you routers pass through public IP addresses or NAT to a private range? Make sure that you get your NATs configured so that external traffic reaches the correct internal IP/service.

If you're using Vista I'd suggest some form of hardware firewall if available, resorting to software f/w at a minimum.

One issue you may face is the default gw settings in Vista. I've had issues in the past trying to dual-home a 2003 server using native windows infrastructure. Not sure if Vista will have the same or similar issues, but if you encounter problems this may be a place to look.

Hope this is of some help.
RR

1) Why not use Apache Virtual Host's instead? http://httpd.apache.org/docs/2.2/vhosts/ (assuming you're on v2.2, if not check here first: http://httpd.apache.org/docs/).

2) Are you wanting to serve content 24/7? You may significantly decrease the lifetime of your laptop.

BillV

Thank yo guys , i have som questions left if you don't mind ...

"my answer depends on each of your network connections having a separate, static IP address" < yes every connection has it's own static IP , seperate .

i do not care for the upstream as i need this only to test kinda a big website and i need only 10 users online (at the same time) to test it's functionality and resource consumpsion . plus the development o this site is being done remotly by programmers connected to my laptop .

the current upstream is 6kBps thats one of the reasons why i want to let testers and programmers connect to my laptop through diffirent internet connections , just because having a (6KBps * 3) upstream would be enough .

There are no restrictions (i think) on hosting content because all ports ar open , secondly , am not hosting a content to the public , it's just a private temporary small webserver .

my quesion is : "configure Apache to listen on each IP for each domain as appropriate and set DNS records for each domain" < HOW ???

and if i am connected to 3 routers with a modem and internet connection for each router through my WiFi card on the laptop ... wouldn't tha be just the same IP ? i don't know , anyway i also need to know how to configure the apache to do it because i use a LAN connetion also :-p

all the routers routs incoming connections from WAN on port 80 to my laptops port 80 (apache) now i am on a single router (don't want to risk and buy 3 others if i can't use them) and it works .


"f you're using Vista I'd suggest some form of hardware firewall if available, resorting to software f/w at a minimum" , i don't need a firewall cuz this webserver will be shutdown when me and the other programmers complete our project .

Thanks RR

BillV thanks for the links ;-) i'll look there i hope it will help me :-) .

"Are you wanting to serve content 24/7? You may significantly decrease the lifetime of your laptop." i believe that we will complete our project in 3 weeks or so , but if i done the 3 connection thing , we will complete it within a week , so no fear on the laptop , anyway i still have another one which is better (linux) , and 3 desktop PCs which can really be used as web servers . :-)

Teamer,

couple of things
All good, first fence hurdled.

The links that BillV has provided should point you in the right direction. However without knowing the exact config of your environment step-by-step instructions will be near impossible. But the setup you describe should be fairly simple, just read and experiment.

Fair enough, your call. What's your IP by the way?......

How about port forwarding? Again, this assumes that you have static IPs from your ISP. Something like this:

Router 1      \
Public IP 1    }--  Laptop Prvt IP on Port x
Port 80        /

Router 2      \
Public IP 2    }--  Laptop Prvt IP on Port x + 1
Port 80        /

Router 3      \
Public IP 3    }--  Laptop Prvt IP on Port x + 2
Port 80        /

Of course, you would then have to config Apache to listen for traffic on your chosen assigned port numbers (as opposed to port 80), and also allow those ports through firewalls. Something like 65000, 65001, 65002.

You could also make the argument that this would be additional security albeit through obscurity. No one would be able to connect to your laptop directly through port 80, since there is no listening service on that port. An Nmap scan would reveal it eventually, but since it's not a well-known port, an attacker would have to tell Nmap to look at a larger range of ports. Fun little point.

Don

RoleReversal hehehe thanks for the nice reply :-p we've completed our project so no need for my ip 's now looool .

and don thanks for the info , thats what i did exactly :-D ,nice schema .

and all other guys thanks , now i want to be a EH for sure , not only a programmer hehehe .

one question out of the subject ...

   My friend had an accident and was badly injured to go to university , he was in the hospital for more than a month which leaded to failing in all the subjects of that semester , he asked me to hack the universities database and edit the marks at least to pass the subjects and said he would pay me if i needed anything , and that some guys has done that before and that the security in the university sucks ... is that kind of hacking an ethical one ? if yes , can yo help me by telling me what to do ? i already got the IP address of the university and the IP address of the database server on thier lan , and i think it's oracle , what can i do ?.

and if i can ge the password that regestrars use to edit/add marks of subjects + the software they use over lan to do these tasks , how can i use this software with the password from WAN ???

if htis isnot an ethical hacking i won't do it , but i really want to help my friend cuz i know the situation he's in now

I think deep down, you already know the answer to this one.

Timing is a funny beast. Did he or anyone from his family contact the univ to inform them of his situation when it happened? It may be too late if he waited too long, but maybe a simple phone call to his instructors/professors or an advisor would be all it would take. Hell move on up to the Dean if he feels like he's not being heard.

If either of you get caught, it will be much worse than the extra semester or year he has to put in.

Don

Teamer,

I'll echo Don's comments, if you are unsure whether this action is ethical you may want to try a career as a lawyer ;) ... Whilst I agree your friend may have mitigating circumstances these should be addressed through the correct channels.

As Don stated if either of you get caught the repecussions are going to be exponentially higher than just re-taking a semester. From your friends perspective I'd also suggest that if he hasn't learnt any of the material from the missed semester slipping through and up to the next level may pose a challenge without the foundation knowledge.

RR

don friend , he contacted th registration office in the university but it was too late they told him , second some guys did hack and changed 3 or 4 marks without being caught , i wish i could get thier emails or phone# to get thier help ... anyway , i could figure out that they use MsSql and a mail server on the same box as a database server , all i can do now is to do a password generator and let it try to guess the password for user root on ms-sql server (thats if there are a root user) cuz i know that MySQL almost always has a user called "root" don't know about Ms-SQL ... and second i don't know anything about tcp/ip protocol for the MS-SQL server ... i think i'll just use a PC with apachi server installled and make a generator using PHP ... boooring :-s .

they won't catch me i know , iknow also that the network admnistration there is 0 security level and that they have only one engineer to fix the lan cables or the servers if anthing wrong , and he never appears in the university unless there's some problems with the connection or the servers there (acually 1 IIS server and 1 MySQL+Mail server) < i even have more complicated network and powerfull boxes in my home !!! .

Teamer,

that sounds like a good candidate for famouslastwords.com.

From reading your posts  I'm under the impression that you are fairly new to this? I'd suggest one of the reasons that you may not get caught is that you may not succeed. Also the admin may know more than you give him credit for.

Finally, as you're on ethicalhacker.net, I'd suggest that this action isn't ethical (or more importantly legal) therefore your time would be better spent on studying rather than 'pimping' your grades.

Just because you can do something doesn't always mean that you should...

I echo RoleReversal's words. This is an ethical site and an EH would not compromise those ethics. We are here to do the right thing, not to just go and change grades to make things easier. Nothing good will come of not doing the work. Take a deep breath and really think about what you want to do before you go and make a costly mistake.

As to the sysadmin not being the smartest security guy around, I think you might be seriously underestimating him. That is a huge mistake. Last thought, is to think your action through. Don't do something to get yourself in hot water. It burns.

LOL! I wasn't going to reply but its amazing to me that Teamer seems so confident he wont get caught but isn't even that sure how to hack into the server and was even hoping he could instructions from those that had breached it in the past.  I wish I had a dime for everyone like that I have seen or I have helped get nailed.

 Good luck!   ::)

Sounds like you've got some good war stories there Kev. We'll have to swap stories over a beer sometime...:)

Sounds good to me!  You pay the first round and I will get the second, lol!

hahaha , lol , thanks for all your replies guys , acually my first question was , "is that ethical" well it turned to be not , acually i got get an FTP access to thier webserver which turned to be windows XP !!! , they had FTP ,SMPT , MSSQL and IIS running on the same server (or a pc) , these open ports were routed to a one windows XP server , not to bother my self , i went to the university with an old laptop of mine , i have made a small application on VB6 (really silly huh ? but it saves time alot) to connect to the 21 port it send generated password "0-9 a-z A-Z" , acually i just guessed the username because most of the people just love how "ADMIN" sounds , so it was admin ... i didn't find any difiiculty in blugging the laptop in elec. and hiding it to the following day hoping thier FTP server won't crash down or just block the 21 port ... well , it didn't , and the second day i went early in the morning to the university to find that the password was "ADMIN2008" <<< pretty tough !!! i could try it without this generator stuff !!! , i connected to the FTP server , after cheking the admins room is empty -as always- (acually i was sitting in the library infront of a doo which was labeled 'network administration') which turned to be the everything in the university . s after i connected to the FTP , there were asp files and other stuff , which was the universities web site !!!! , i tried to make a small PH file with an echo command , it worked and the server had a PHP extention , so i uploaded a folder which contained a script to manage  the database (like phpmyadmin , but i was who made that one) , and acually could connect to thier database (after i got all information i needed from a config.asp file 'silly admins') , after little browsing for the database , i found that i could do what ever i wated , but acually i just was wondering if i could do that , and changed nothing because i already told that guy "i wont risk" . then i deleted the folder with the scripts , the test file "echo" and made a small txt file with "you have been hacked , change ur FTP password" .

later i printed a small paper with "you have been hacked , check hacked.txt on webserver root" and sticked that paper on the "network administration" door when the library became embty . they don't have srcurity cams there also so don't worry .

i just wanted to learn , and maybe to avoid a mistake later on .


now i have installed linux ubuntu as a virtual OS guest on my vista laptop ... i made 3 clones and i have 3 linuxes running , every linux has an apachi server running on port 80 ... how can i route connections coming frm the internet to my router to each apachi ??

i have 3 domains

domain 1 > connects to my wireless router port 80
domain 2 > connects to my wireless router port 81
domain 3 > connects to my wireless router port 82

how can i make port the router route port 80 to port 80 on the 1st linux

how can i make port the router route port 81 to port 80 on the 2nd linux

how can i make port the router route port 82 to port 80 on the 3rd linux

i want to learn this virtual server hosting stuff , do they work like this anyway ?

thank you all in advance

'I just wanted to learn'  isn't really a good excuse.  Local laws may vary, but that was simply a bad idea. 


Depending on the router you should simply be able to modify the ACL pretty simply to make this happen.