August 18th, 2003, 03:56 PM
How to go about...
Alright, I have read a few post so far and I am in complete amazement at the knowledge that is floating around here. I am extremly new to "this" (hacking, cracking, whatever the correct word is sorry if I offended anyone). I am not trying to find out how to get into my buddies system or anything what I want to learn is how to check a network for holes or weak spots. Along with my companies site and so forth.
My OS as of current is Windows 2000 but I am wondering if I should switch over to Mandrake 8.2. A buddy of mine gave me that software and I am wondering if it would be wise to load it up, or if it won't make much difference. I have been reading a bit on Linux and it sounds wonderful, yet I have no clue about it. So my first question is, should I dual boot W2K with Mandrake 8.2? Or, should I continue running W2K without any linux.
Next question is, can anyone help me with just the basics... I don't want people to hand me code and me pass it off as my own because I would one day like to help people on this thread but for now, I need to learn and be humble and take advice from those cats that are smarter than me so please if you know of a good way to start or someone has alittle extra time they could donate to me I would in gratitude.
August 18th, 2003, 04:01 PM
I've no experience of Mandrake - I use RedHat - very simple to use (good job really!)
You'll need both Win (2K is fine) & linux to do the job correctly.
A good starting point is nessus, since it will allow you to check out your machine (& works network but make sure you have written permission to do so!) and it will detail any vunerabilities it finds.
Check out this tutorial: http://www.antionline.com/showthread...hreadid=247255
It's a very good starting point.
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
August 18th, 2003, 04:06 PM
As far as dual booting goes... it is a great idea. If you have a spare box that would be even better... since its your first time you don't want to kill your windows box.
Most of what you can do on linux, you can also do on windows. You just need third party apps. Some are free, some are not. With linux, you'll find that you have most of those tools standard and most are free.
Linux is great to learn and know. Some jobs are just better suited for a linux box while others are better for windows. Just depends on what you are doing.
As far as the basics... start by reading in the tutorials forums . Members have gone through and written up these fine documents and you will "break your cherry" so to speak. If you have questions after that (which you def. will) ask them.
Welcome to AO. Its a great place to learn computer security. Of course this site won't teach you everything... you still have to learn networking, coding, and just general computing (whatever you don't know). There are tons of books that can help out with all of this too. Many people post their opinions on books in the book/product review forum. Don't forget to read in the newbie forums too. Chances are... your questions have been answered dozens of times... you just need to find them.
August 18th, 2003, 04:07 PM
Hey adiz ,
I know how you feel , dude . I think the best way to learn about network security is to read loads of computer text books on the network side of computers . The For Dummies siereis i really good , and the do some on linux to i belive . Also , if you have the cash , i reccomend to go on courses on network security , and also get some practical experience . a good website to start on is Happyhacker.org ( ignore the name !!!) . on linux , i think the best option is to buy an old computer to run linux on . If You have any question , email me at TheLizzardBoyREMOVETHISBEFOREEMAILIN...CK@yahoo.co.uk or send me a private message on this site !! . Sayonara !!! ( and good luck !!!)
August 18th, 2003, 04:35 PM
Ok, First I got to commend you, You are one of the first people that I have seen that actually says they want help but doesn't ask for the answers just wants to be put in the right direction.
So I will try to help you out here. Phish was right read through the Tutorials to bust your cherry there are tutorials on just about everything in there good Idea skip to the end there are alot of really good ones that are really old, but the topics that they talk about are still in use.
Now next thing that you should do is learn what you already have on your system. I and alot of other people are quick to say Windows is Lame and you can't do anything with it. I am formally taking that statement out of my dictionary right now. Windows is fine a bit annoying but fine. Learn the already pre-programed tools that are there. Good book to pick up is"Dos for Dummies" It's let's you know all the basics of Dos really good book I recommend it.
Now about learning Linux, if you aren't ready or don't really want Linux as your main Os just get a shell account somewhere. It will let you learn how to move around and do things in Linux.
The last thing that I will say Redbull. It is your God I am commonly up at night drinking, while reading I didn't go to sleep until 4:30 ;ast night becasue I was up reading. Read, Read, Read oh yeah anyone that tells you to buy this or that there usually wrong most programs you can find somewhere for free. I recommend that you become familiar with you best friend.
Learn it live it Love it.
That is all that I have to say right now anything else that you need to know as I already said PM me or send me an AIM message.
Oh yeah remember you will never learn everything pick one area that you want to Master then move to the next.
To get you started if you don't already know about these look something up on, Tracert, Ping, Netstat, Nbtstat. All things that you might want to learn. Last thing don't be afraid to experiment some of the best things ever found were found because someone experimented with something.
Hope that helps.
August 18th, 2003, 08:51 PM
Cool, i really like your post, its not like the normal ones you see in everyother forum saying can you hack this hotmail account, my girlfriends email acount, yada yada yada.......
I started with Mandrake 8.2 and found it great I was a bit daunted by the fact that people (i think mostly the hardcore microsoft lovers) made linux out to be something incredibly difficult to install, some linux distros are, but mandrake is really simple - your probably gonna have to sit and stare at the screen for a bit to figure out the partition tables but once you done that its just a matter of pressing enter, selecting packages and typing a couple of account names, (by the way choose the expert install for mandrake cos IMO you learn a little more)
I recommend dual booting you linux and M$ OS's then you have the abiltiy to do all sorts, The linux HOW-TO's really do provide excellent support, as well as people here and people at comp.os.linux and all of its subsidurys
as far as network security goes a good things to learn to get you started are possibly a programming language (something like C) and then maybe a scripting language like python or perl (I personnally prefer python but the majority of people in the network secuirty commmunity like perl)
also learning the basics like tcp/udp ports, protocols, packets, sockets, how various exploits work like buffer overflows, and other such things
RFC's and the rainbow books are also very good sources of info although they can be rather complex
these websites would be useful
theres allot of info provided at these
hacking, cracking, whatever the correct word is sorry if I offended anyone
in my option these mean this
hacking = hacking is good, doesnt involve breaking the law or illegally breaking into boxes that arent yours, usually people with a fasicination in computers and network security. The term hacker, hack and hacking can apply to other thinks like "hardware hacker", someone who likes to modify, make better a piece of electronics
cracker = only have the intention of breaking, stealing or general wrong doing, this is illegal steal credit card numbers and using them is a form of cracking, itll land u up in prison with a cell mate called bubba who just wants to be your special friend.
August 19th, 2003, 01:14 AM
Another option would be to run Knoppix - its a linux distro that you can run directly from your cd-rom drive....it has its disadvantages as it will run slower than if it was directly on your HD and the fact you can't save system settings for the same reason but it is a good way to get yourself familiar with a linux distro before you go through the messy business (ok some people will argue its very easy but I HATE doing it) of partitioning your HD and setting up the dual boot. You can find more about knoppix here -> http://www.knoppix.org/
& heres what it says about itself on the site :::
just throwing some more ideas in
What is KNOPPIX®?
KNOPPIX is a bootable CD with a collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a Linux demo, educational CD, rescue system, or adapted and used as a platform for commercial software product demos. It is not necessary to install anything on a hard disk. Due to on-the-fly decompression, the CD can have up to 2 GB of executable software installed on it.
August 19th, 2003, 01:47 AM
Yeah I didn't even say anything about the boot from cd thing, there are a couple of Os that do that I think Val, I know Caldera does and I think that Suse does I will let you know RH does not which kinda blows but oh well.
One last thing I forgot to ask how much do you want to learn what has been said already is enough to get you out of that normal point and click user group, the question is do you want to do if you want to become a a computer savy person then that info will get you there if you want to become a System Admin then you fot a lot more to learn.
Just depends I recommend that you learn a language though.
Start out with.
HTML really easy to learn.
Good place to learn HTML
Hope it helps, don't be afraid to ask questions
August 19th, 2003, 02:04 PM
But, I would like to test to see how strong my network is and I would like to try to hack it because I would know what ports are open, and If I would be able to get in. (Sorry if this just sounds like ramble was up all night after installing Mandrake 8.2 yahooo!!! i LOVE it) Anyway, I am going for a business degree in college right now, but would like to focus on computers but not be a code writer for some bum ass company the rest of my life. I want to be able to give back somewhat, so what would be the best thing to focus so that I could do that.
(Once again, sorry if this is ramble up all night, on my linux!!)
August 19th, 2003, 03:16 PM
Just a FYI- Mandrake is now out with version 9.1 and you will find many updated packages with that. You could go through and manually update all your packages in 8.2... but that'd be a pain in the a$$. I just downloaded 9.1 last night to try it out and I haven't loaded it yet. (doing it tonight) I tried 8.2 before and I liked it, I just try to keep current packages. I'm rebuilding my home server and RH9 is giving me media errors no matter how many disks I make or how many times I download it. It gets stuck at disk 2 and fails to unmount the cdrom so I can try another disk... I'm thinking its my cdrom.. but I'll know after I try to install mandrake 9.1 tonight.
valhallen mentioned knoppix above. It is a great set of tools and I use it all the time. It is very useful when you get locked out of a box or you need read only access to a hard drive and don't want to risk any of the data on it. The only thing that I'd recommend would be knoppix-std.
knoppix-std is the "security tools distrobution" and it is also bootable. just like knoppix, you boot right from CD and use a ramdisk. This has many security tools that are not included with the knoppix standard distro. I would recommend you to try out both versions and see which version suits you better. Its not meant to be a distro that you use everyday... just something in case of emergency, quick access to tools when you need them, etc.