I was scanning a network I have access to (legit), and saw a few 'interesting' packets, and was curious, is there a program one can use to edit packets, so to speak, and change what computer it says the packet is coming from?
Printable View
I was scanning a network I have access to (legit), and saw a few 'interesting' packets, and was curious, is there a program one can use to edit packets, so to speak, and change what computer it says the packet is coming from?
Not sure of a program, but this is more or less the definition of spoofing.
Heard of the tearm and know what it is, how would I prevent it, or learn how to do it, so I can figure out how to prevent it? The best way to prevent something is to learn how to do it yourself.:cool:
Really? Do you write your own viruses and spyware too, or do you just slap some protection software on there. The argument that one must learn how to do something to prevent it is just regurgitated dogma.Quote:
Heard of the tearm and know what it is, how would I prevent it, or learn how to do it, so I can figure out how to prevent it? The best way to prevent something is to learn how to do it yourself.
- Let's go fight a war so we can learn how to prevent it.
- Let's screw the prom queen so we can learn how to prevent teen sex.
- Shoot heroin in my arm so I can learn how to stop drug abuse.
Most software already prevents it for you, and those that don't are patched so they do, until someone figures out how to circumvent it, then the software needs to be updated again, and round and round we go. If you want to learn how to prevent it, then understand where the flaws lie in the applications, and how they are exploited. Understand the motivation of skiddies and malicious coders.
If you want to study how they work in order to recognize the behaviors, then that is another story all together. Those skills are useful in Incident Response or Computer Forensics. If you want to study how it can be done in order to be able to conduct effective pen testing or vulnerability assessment, than that too is another matter. Understanding how something works is not the same as learning how to do it.
Better yet, learn about an OS, any OS, TCP/IP, read any of the RFC's. If you understand those things, then there is no real need to know how to facilitate an attack. If you understand, then you will be able to prevent those things.
Now you'll have to excuse me. I'm on a mission to prevent alcoholism, so I am going to get s**t-faced. :p
I think its a perfectly legit argument, not valid in the instances you use, because it is pointless things, not ones of critcal importance, although, screwing the prom queen isn't a bad idea.... :D
Who would you rather have secure your computer against hackers, a profesional hacker, such as a certified ethical hacker, a goal I hope to eventually reach, or a security profesional?
The security profesional knows what programs and policies to set to secure the computer. The hacker knows how to break into your computer, and therefore, how to fix the hole.
Who would you rather have protect your house against burgaries, like in the show It takes a thief, an ex-theif, or someone who secures homes as a profession, I gotta go at the moment, but if you insist, i will prove my point when I have time.
My money would be on the security professional, as that is a much more balanced and comprehensive skillset.
Hackers are inevitably limited and blinkered due to the single-mindedness of their objectives. Also, their knowledge is very perishable due to the patches that groovicus has mentioned.
:)
wait...so I shouldnt shoot up heroin to learn to prevent drug abuse?
Yup, I've seen threads like this before. I know how you can prove your point. HaCk yOuR ScHoOlS AdMiN PaSsWoRd. Then log into the system and give all your buddies straight A's. After you're expelled, get a job in the security field and post to the AO community with your new job credentials.Quote:
Originally posted here by LaoTzu
Who would you rather have protect your house against burgaries, like in the show It takes a thief, an ex-theif, or someone who secures homes as a profession, I gotta go at the moment, but if you insist, i will prove my point when I have time.
Ok, you got me. Understanding teen sex and drug addiction are indeed pointless. I'm sure all the sociologists, scientists, and psychologists who have made careers out of studying that sort of thing will be comforted to know that their life's work is pointless.
No. At worst, they may know a couple of different ways to exploit a system by hand. At best, they know how to run a suite of tools to find the vulnerabilities. And keep in mind that vulnerability testing and pen testing are two very different things. And what is the so called hacker going to do when he/she finds a vulnerability? Are they going to rewrite your OS or application for you, or are they going to tell you to patch your system? I'll vote for the latter. In the case of the former, the reason they don't have to depend on the tools is that they understand the OS.Quote:
The hacker knows how to break into your computer, and therefore, how to fix the hole.
That argument is not valid. You are implying that only two kinds of people know how to secure a house. I would contend that architects, engineers, insurance adjusters, and building inspectors know quite a lot about home security also.Quote:
Who would you rather have protect your house against burgaries, like in the show It takes a thief, an ex-theif, or someone who secures homes as a profession
Hope you have lots of time :)Quote:
i will prove my point when I have time.
Does this mean I'm fully qualified to prevent teen sex?