password on most cases (unless you typed in an "unpassworded" username. In that case it will simply log you in as that user without requesting for a password) and then runs a program specified by the sysadmin(22) and let's you work with it. In most cases you will get into a text-based shell (a command interpreter(20)). The problem is: you cannot do ANYTHING. It all depends on what kinds of permissions the user that you are logged in as has. The user root(14) has all permissions (read everything, write (and delete) everything, execute everything and change other people's permissions).Okay, so let's try going to port 23 on someone.com. At first we get this:Welcome to someone.com, running FreeBSD 4.13Login:Aha! Someone.com is running an operating system called FreeBSD 4.13! That has to be worth something (we might come across a bug report regarding a bug that exists on FreeBSD 4.13 and might enable us to hack this server at a certain point). Every piece of information about a webserver is important.Now, since we don't know a username and a password for this server we could either terminate the connection or try guessing. Most servers have a guest account (username: guest, password: guest or just username: guest) or a newuser account (username: newuser, password: newuser, or just username: newuser), but that certainly won't help us hack these guys... unless there's a major hole in these accounts. You'll have to figure these things out by yourself.Note about the word server: a computer is called a server if it offers any services. If not, it is called a host.5. Timeout - okay, so I've got a daemon(1) waiting on port(2) 23 for incoming connections. Now, what happens if someone connects to it and does absolutely nothing? He would simply remain connected to that daemon until one of us either reboots or closes the connection. You don't want anyone connecting to some port on your computer and just hanging there, do you? This would only waste va...
