1- Ports can have numbers from 1 to 65535:

 The Well Known Ports are those from 0 through 1023

 The Registered Ports are those from 1024 through 49151
 The Dynamic / Private Ports are those from 49152 through 65535

2-
Port(s) Protocol Service Details Source
used by Hackers Paradise trojan (also uses port
456 tcp trojans SG
31)
456 tcp macon-tcp macon-tcp IANA
456 udp macon-udp macon-udp IANA
456 tcp HackersParadise [trojan] Hackers Paradise SANS
456 tcp,udp macon macon Nmap
456 udp macon-udp macon-tcp Neophasis
.

3- OS Detection according to TTL Values:

Windows 9x/NT Intel 32

Windows 9x/NT Intel 128
Windows 2000 Intel 128
DigitalUnix 4.0 Alpha 60
Unisys x Mainframe 64
Linux 2.2.x Intel 64
FTX(UNIX) 3.3 STRATUS 64
SCO R5 Compaq 64
Netware 4.11 Intel 128
AIX 4.3.x IBM/RS6000 60
AIX 4.2.x IBM/RS6000 60
Cisco 11.2 7507 60
Cisco 12.0 2514 255
IRIX 6.x SGI 60
FreeBSD 3.x Intel 64
OpenBSD 2.x Intel 64
Solaris 8 Intel/Sparc 64
Solaris 2.x Intel/Sparc 255

4-
The optional parameter df can either be set to yes or anything other than yes.
df When set to yes, date will be displayed in DMY format: 4 March 2010. When set
= something other than yes or when this parameter is not included, date will be
displayed in MD,Y format: March 4, 2010.

TOS 0 means that the router doesn't pay attention to the setting of the
>bits. The OSPF process supports only one type of service, which could be
>called type 0, and is just the ordinary default behavior, without reference
>to the setting of the TOS bits.
5- To skip Bios password on Laptop use default passwords.
To skip Bios password on Desktop use all of the above.

6- Windows IP Configuration Tool (ipconfig)

The Windows IP Configuration tool (ipconfig) is the command-line equivalent of the
accessory "Winipcfg" that was present in Windows 9X/Me. It is used to display the
TCP/IP network configuration values. To open it, enter "ipconfig" in the command
prompt. If you are connected directly to the Internet, you will obtain your IP address. (For
a discussion of what an IP is, go here.) The figure below shows the result for a broadband
connection where the IP is assigned automatically. Here the IP is your computer's
temporary address on the Internet.

If you are on a local area network using a router, the information is different. You do not
obtain the IP corresponding to the network's address on the Internet. (To obtain the IP
that the Internet sees, go to a source such as DSL Reports Whois.) The IP given is
the local address on the network. This information can be helpful in diagnosing network
problems. Also listed is the "gateway" or router address on the local network. The figure
below illustrates the result.

Switches for IPConfig

There are also a variety of switches for ipconfig that add functions. These are invoked by
entering "ipconfig /{switch}". To obtain a list of switches, enter "ipconfig /?" or "ipconfig
-?". These are shown in the figure below. The switches of most interest to everyday use
are "release" and "renew". Note that IP addresses are typically assigned or "leased" for a
period of time, often a day or more. It sometimes happens that IP addresses are no longer
valid or are in conflict. Problems can often be solved by first releasing the IP address and
then renewing it. Sometimes cable or DSL modems that seem to be disabled can be
restored this way. If you travel and use broadband connections elsewhere, you will often
find this procedure of releasing and renewing the IP address to be necessary.

For a detailed output of network parameters, you can use the command "ipconfig
/all". Unless you are experienced with networks, however, this may be more than you
want to know.
The switches "flushdns" and "displaydns" are are also sometimes useful in everyday use
and they are discussed onanother page at a sister site.
Ping
Check your dedicated server with command line tools
Ping is an old Unix tool that has been around for a long time but many PC users are
unfamiliar with the Windows version. Pingsends out a packet to a designated internet
host or network computer and measures its response time. The target computer will return
(hopefully) a signal. It is a way of determining the quality of your connection to another
site. You will also receive an IP address that corresponds to the user-friendly type of
URL (see this page for further discussion of IPs and URLs). To use ping, open a
command window and type: ping <hostname>. For example to ping Dell, enter: ping
dell.com Please note the use of a hostname, not a complete URL. The prefix "http://" is
never used. Many sites also do not require "www" . By convention, 32 byte packets will
be transmitted four times. You will receive a screen output that looks like:
The screen tells me that the IP for dell.com is 143.166.83.230 (For the moment, at least.
This can change.) It also tells me that the average round trip time for a packet was 69
milliseconds, which means I have a good connection to dell.com. Long reply times of
several hundred milliseconds are indicative of a slow connection. Note that some major
sites such as microsoft.comdo not like being pinged and block pings. In that case you will
get a "Request timed out" message.
In addition to being used on the Internet, Ping is often used to test connections on local
networks. More details can be found in this Microsoft article.
Tracert
Tracert (traceroute) is another old tool borrowed from Unix. The actual path between two
computers on the Internet is not a straight line but consists of numerous segments or
"hops" from one intermediate computer to another. Tracert shows each step of the path
taken. It can be interesting to see just how convoluted it is. The times for each hop and
the IP addresses for each intermediate computer are displayed. Tracert shows up to 30
hops. It is convenient for finding if there is one particular segment that is causing a slow
or bad connection. A typical command might be "tracert dell.com".
Pathping
This command combines functions of Ping and Tracert. Pathping will first list the
number of hops required to reach the address you are testing and then send multiple pings
to each router between you and the destination. After that, it computes results based on
the packets returned from each router. Because pathping displays the degree of packet
loss at any given router or link, you can determine which routers or subnets might be
having network problems. Note that the whole process may consume 5-10 minutes
because many pings are being sent. There are switches to modify the process and these
can be seen by entering "pathping /?" in the command prompt.
Netstat
Netstat displays the active TCP connections and ports on which the computer is listening,
Ethernet statistics, the IP routing table, statistics for the IP, ICMP, TCP, and UDP
protocols. It comes with a number of switches for displaying a variety of properties of the
network and TCP connections. (One tricky point: the switches must be prefixed with a
minus, not a slash.)More detail is at this page. One possible use for Netstat is to
determine if spyware or Trojans have established connections that you do not know
about. The command "netstat -a" will display all your connections. The command "netstat
-b" will show the executable files involved in creating a connection. A figure showing all
the switches and syntax is given below.

Nslookup
This command helps diagnose the Domain Name System (DNS) infrastructure and comes
with a number of sub-commands. These are mainly for systems administrators. The
primary interest for average PC users is its use to find the computer name corresponding
to a numeric IP. For example, if you want to know who is "216.109.112.135" , enter
"nslookup 216.109.112.135" and you will find that it is (or was anyway) a Yahoo
computer. My firewall keeps a log of the IPs involved in the attempts to probe my
computer and I sometimes look a few up to see who they are. (There are
also Whois search sites available on the Web as mentioned in the Ipconfig section.)

ContextSub-contextCommandsdiagconnect- Establishes, verifies, and then drops a

connectioniphost, mail, newsping- Verifies connectivityadapter, iphost, mail, newsshow-
Lists network components and settingsall, client, ip, mail, modemgui- Starts the network
diagnostics tool in Help and Support Center.Graphical user interface

7- Dial up vs Broadband Connection:

Comparing the two connection types, Broadband and Dial-up:

 features dial-up broadband
availability ubiquitous limited
access initialization dialing into isp none; always on
theoretical top speed 56.6Kbps 1,000 - 11,000Kbps
real-world top speed 48Kbps 900 - 10,500Kbps
% loss to transmission 15 - 25% 5 - 15%
streaming media access poor good - excellent
average cost £10+/month £18+/month
protocol analog digital

The fundamental difference between dialup and broadband Internet connections

is the manner in which the connection is made from your PC to the Internet. A
dialup service connects to the Internet through your phone line. The modem in
your PC "calls" an Internet Service Provider (ISP) and connects with a maximum
speed of 56,000 bytes per second, better known as a 56K speed connection. Each
time your PC dials into the ISP, it is assigned an Internet Protocol (IP) address,
which you can think of as an "Internet address." A different, unique IP address is
assigned at the beginning of each visit so that the ISP can recognize your PC and
make sure you can send and receive email, surf the Internet, and so on; basically,
this address lets your ISP know where to send the information you are requesting
through your modem. In terms of hackers, in order for someone to gain access to
your computer, it would be necessary for them to know your IP to successfully do
so. The fact that your IP address constantly changes essentially makes
your Internet connection more secure.

In contrast, when you connect to the Internet via a broadband Internet

connection, the process is slightly different. Once your PC is connected to the ISP
through a cable or DSL connection, it remains connected until the cable box or
DSL line is disconnected or physically unplugged. A DSL connection runs
through unused wires in your existing phone line without disruption and can
translate data at 5 million bytes per second, or 5Mbps. Broadband services are
often referred to as "always on" services because it is not necessary to make a
setup call to your ISP each time you wish to access the Internet; this means that
once you are assigned an IP address, you keep it until you request it to be
changed.

Comparison of Broadband and Dial Up Connection

The dial-up connects to the internet through a modem and a dedicated telephone line. The
telephone line remains engaged when the internet is accessed via a dial-up internet
connection. The broadband internet connection is done using various mediums like
the cable, DSL and satellite internet. The broadband internet connection provides internet
access without keeping the phone lines busy.

The dial-up internet connection has to dial an access number to connect to the internet.
The broadband internet connection on the other hand, does not require any access number
to be dialed for internet connection. Moreover, the voice and internet services cannot be
simultaneously used in a dial-up internet connection. The broadband internet connection
provides a simultaneous access to voice and data communication.

When a dial-up connection is established between an internet user and an internet service
provider, the modem dials the access number and every time a new IP address is assigned
to your computer. In contrast, the IP address assigned to your computer is the same
throughout when the broadband internet connection is used. The IP address changes, only
if the cable or DSL modem is physically disconnected and a connection is again
established with the internet service provider. Thus, the IP address does not change
unless there is a physical disconnection of the modem. The internet always remains
connected in case of the broadband internet connection. The dial-up internet connection
on the other hand keeps on connecting and disconnecting according to the needs of the
internet user.

As the IP address keeps on changing in case of a dial-up internet connection, the crackers
cannot hack the IP addresses easily. Crackers are black-hat hackers, i.e. people who use
unethical techniques to hack a computer. However, in case of the broadband internet
connection, the IP address does not change so often, which can prove beneficial for the
crackers.

The traditional telecommunication systems used analog signals for communication and
the dial-up connection therefore needs a modem to convert the analog signals into digital
signals. The broadband internet connection, on the other hand, does not require the
analog to digital and digital to analog conversion.

Dial-up internet access does not require a special router; while the broadband internet
connection requires a router. A router is a device that provides connection between the
user and the internet service provider.

The dial-up connection makes it difficult to view or download videos, download e-mail
attachments, play video games and other tasks that require high speeds as these cannot be
provided by a dial-up connection. The broadband internet connection provides a higher
speed in comparison with the dial-up connection and therefore supports the services like
videos and bulk downloading. The dial-up connection provides a speed of 56 kbps, but
some modems can provide a speed of 320 kbps. The speed of the broadband internet
connection generally is around 2 Mbps.

The cost of the dial-up internet connection is decided, based on the calls per minute,
similar to the telephone billing procedure. The cost of the broadband internet connection
is decided by the rent you pay to the internet service provider.

The dial-up and broadband internet access are used, based on the need of the internet user
and the availability of services in the required area.

8- Open Ports
Local System- netstat –a
Remote System – Use online nmap utility zenmap on www.nmap.org

9- TTL Details

TTL Details
The Time To Live, (TTL) value of an IP packet represents the maximum number of IP
routers that the packet can go through before being thrown away. In current practice you
can expect each router in the Internet to decrement the TTL field by exactly one.
The TCP/IP specification states that the TTL field for TCP packets should be set to 60,
but many systems use smaller values (4.3 BSD uses 30, 4.2 used 15).
The maximum possible value of this field is 255, and most Unix systems set the TTL
field of ICMP ECHO_REQUEST packets to 255. This is why you will find you can
`ping' some hosts, but not reach them with telnet(1) or ftp.
In normal operation ping prints the ttl value from the packet it receives. When a remote
system receives a ping packet, it can do one of three things with the TTL field in its
response:
• Not change it; this is what Berkeley Unix systems did before the 4.3BSD-Tahoe
release. In this case the TTL value in the received packet will be 255 minus the
number of routers in the round-trip path.
• Set it to 255; this is what current Berkeley Unix systems do. In this case the TTL
value in the received packet will be 255 minus the number of routers in the path
from the remote system to the pinging host.
• Set it to some other value. Some machines use the same value for ICMP packets
that they use for TCP packets, for example either 30 or 60. Others may use
completely wild values

10- Ping Sweep

- A ping sweep (also known as an ICMP sweep) is a basic network

scanning technique used to determine which of a range of IP addresses map to live hosts
(computers). Whereas a single ping will tell you whether one specified host computer
exists on the network, a ping sweep consists of ICMP (Internet Control Message
Protocol) ECHO requests sent to multiple hosts. If a given address is live, it will return an
ICMP ECHO reply. Ping sweeps are among the older and slower methods used to scan a
network.
There are a number of tools that can be used to do a ping sweep, such as fping, gping,
and nmap for Unix systems, and the Pinger software from Rhino9 and Ping Sweep from
SolarWinds for Windows systems. Both Pinger and Ping Sweep send multiple packets at
the same time and allow the user to resolve host names and save output to a file.
To disable ping sweeps on a network, administrators can block ICMP ECHO requests
from outside sources. However, ICMP TIMESTAMP and Address Mask Requests can be
used in a similar manner.