November 21st, 2002, 02:04 AM
Am I the only useless one?
How many have actually contributed in some way in catching a malicious hacker or cracker? I read the How to Be a profiler section and the Fight Back section but where do I start so I can help in some way? Go to a web site that has been recently hacked and follow the How to be a Profiler tutorial from there? Any suggestions without flames would be greatly appreciated.
I read somewhere you shouldn\'t always believe what you read so what the Hell am I supposed to do?
November 21st, 2002, 02:18 AM
You should be asking how to be a malicious not how to stop one
November 21st, 2002, 02:24 AM
Um, he should be asking how to stop one, this is for security, not hacking. And I havn't caught anyone elither HurrayForSchool. Don't worry, someday, we'll team up and stop every evil hacker in the world!
November 21st, 2002, 02:43 AM
Most often you are not going to catch a hacker/cracker when you are outside looking in. My advice to you would be to continue to learn as much as you can about computers in the areas that interest you the most. Not only how the applications work but how the operating system works, how the hardware works and how they all interact together. Learn a programming language so you have a better understanding of how applications work.
If you have the resources put a small network together at home and practice breaking into one of the computers. Once you have been succesfull examine the box that was broken into. What signs are there to show that you broke into it. You know that you broke into it now find the evidence on that machine that you did. Is there something in a log file, a telltale piece of evidence left behind. Found it cool, now do it again and see if you can duplicate the intrusion and the evidence. I would strongly suggest that you have a clean image of the PC that you restore after each attempt or that you fdisk and rebuild the machine each time so you have a clean environment to test in.
If you are poking around in other people's systems you need to be sure you have permission or you may find yourself in trouble. Finish your education and if you continue to be interested in security work set your goal to get a related job in an IT shop. You may not get into security at the start, but once you get your foot in the door make sure that your supervisors know of your interests and goals and continue to work towards those goals.
I don't feel that this is a good explanation but you asked a big question and there is no off the shelf answer for you. There is no magic wand you have to read, learn, experiment, and develop your skills. Investigations are fun and I enjoy them just as much as when I can prove someone didn't do something wrong, with a few exceptions. I really enjoy knowing that a pedephile is behind bars with the assistance of my investigation. Also a child pornography collector that worked with troubled youth will never work with kids again and my evidence stood up in trial. The FBI is now pursuing federal charges and with luck that SOB will be in federal prison for a while!
If you receive something that says \'Send this to everyone you know,\' pretend you don\'t know me.
November 21st, 2002, 02:44 AM
Even having the knoledge to track an attacker is useful, even if its never implemented. If anything, its better to be proactive and thwart attacks before they even happen as opposed to reacting to an attack and tracking down whomever did it. If you really want to contribute, set up a small lan and let ur friends take a stab at one of the boxes on it, then defend it against them to get a feel for things.
You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
November 21st, 2002, 02:47 AM
I think uselessness is a relative thing. Even the laziest of people serve a purpose. Now granted, it may be something as mundane as ensuring that that couch isn't stolen or that the TV remote is growing legs and walking away, but their purpose is there and fits into the broad scheme of things somehow.
As for learning how to help stop things like this, complete immersion in the culture might be the answer, though not necessarily recommended. What is it that you want to help with? If you are looking to track down crackers, then get to know your systems and networking, inside and out. How can you help to catch a guy if you can't figure out how they breached the system and covered their tracks. Know the routines for reporting. Check with your local law enforcement and/ or Law library. Routines for reporting are typically documented.
If you are looking to know more in the way of profiling, I would recommend appropriating some FBI Psychology, Crime, and Investigation books. A class or two in psychology might not hurt either depending on your learning style.
In this field, knowledge is power. The first thing you can do to be of benefit to any one is to know everything you can and then a little more even still.
\"I believe that you can reach the point where there is no longer any difference between developing the habit of pretending to believe and developing the habit of believing.\"