Know security without hacking - Page 3
Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 38

Thread: Know security without hacking

  1. #21
    Yes, that's my CC number! 576869746568617's Avatar
    Join Date
    Dec 2003
    Location
    Earth
    Posts
    397
    I'm usually not one to disagree with MsMittens....but this time I must!

    I personally don't consider myself a hacker but rather look at myself as someone who is very curious about things and likes to solve problems. I still have a lot of learning to do before I'd ever put myself into that category.
    Irregardless of what you choose to label yourself, IMHO, this very statement makes you a hacker, MsMittens, by the "classical" definition of the term, as that is the type of person the term originally referred to. The term has since been perverted and distorted and no longer means the same thing in popular culture.

    So.......In my book, MsMittens is a hacker! (a good one, of course )
    Windows 9x: n. A collection of 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor. Written by a 2 bit company that can\'t stand 1 bit of competition.


  2. #22
    Senior Member
    Join Date
    Jun 2003
    Posts
    236
    I think it depends on what you mean by 'know computer security' and what exact field your in

    Id say many people in the computer security profession do not need to know anything about 'hacking', they just need to know how to run vulnerablity assesment and how to install patches and what is required to lock down a system.

    If your going to be a programmer in the computer security field then yes should now what goes into hacking what vulnerablitlies a hacker is looking for and what it takes for you as the programmer to write safe code, but this still doenst mean you having to know so much hacking just how to be safe.

    Now if your a code auditer or vulnerability researcher then obvioulsy yes you should know about hacking and the more the better.
    That which does not kill me makes me stronger -- Friedrich Nietzche

  3. #23
    Senior Member
    Join Date
    Mar 2003
    Posts
    452
    I'm going to attempt to answer the question, in the sense of the word hacker as you used it here.

    You don't need to compromise computer systems in order to become a computer security expert. You would want that type of skill if you are going to be auditing or pentesting a system. Computer security is a large feild in itself, and doesn't always meen compromising a system. Lots of people don't realize that there is much more than being able to get into a to system to being a computer security expert.

    Most people don't realize that computer security specialists also have to create computer usage policies. Work hand in hand with management to discuss disaster recovery, and business continuity procedures, review logs, always learning, and keeping up to date with the latest security issues.

    So, if you ask what makes a good computer security expert, I'd say that person would need to have some of those abilities.


    --PuRe
    Like this post? Visit PuRe\'s Information Technology Community. We\'ve also got some kick ass Technology Forums. Shop for books and dvds on LiveWebShop.com

  4. #24
    rebmeM roineS enilnOitnA steve.milner's Avatar
    Join Date
    Jul 2003
    Posts
    1,018
    A brief answer to the question is of course you can know computer security without being a hacker.

    However I will again re-emphasise that it depends upon your definition of a hacker.

    I'm guessing that what is meant here is "Can you be a computer security expert without having the skills to compromise systems?"

    And the answer to that is yes, easily.

    In order to provide good security for my personal systems and those systems I am responsible for at work I do not require the ability to compromise any of those systems.

    By reading AO, keeping the systems up to date, deploying a viable security model, making the most of AV & firewall, keeping security in the minds of IT staff & users, using vunerability scanners (such as nessus/ nmap etc.) and ensuring the internet profile shown offers little help to 'hackers' I am able to provide security to these systems that has so far has not been compromised.

    I have no idea how to exploit a vunerable wuftp server, deface a website or other typical 'hacks'.

    Now I am not stupid enough to think these systems are totally secure, but on a risk/cost analysis they are (so far) doing the job.

    Being an expert at security in a business environment is all about the business case. Keeping the organisation's IT secure at a cost the business can understand and is willing to pay for, explaing to the business what isn't secure and why the costs aren't justified.

    On a personal note, a security expert means that your home system hasn't been compromised.

    Steve
    IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com

  5. #25
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    On a personal note, a security expert means that your home system hasn't been compromised.
    Do you mean by others or yourself?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  6. #26
    Member
    Join Date
    Jun 2003
    Posts
    71
    You do not need to know how to hack to protect a computer or network. If you go to any of the hacking challenge websites and look at the top dogs they are major programmers. They know every programming language you can think of: VB, Java, JavaScript, C, C++, etc., etc.

    Alot of very experienced and successful network security experts I've met had minimal or no programming at all. I even had to help one security guy with html for a web page. And html is extremely easy to learn.
    \"The feeling of losing your mind is a terrible thing. But once it\'s gone, you\'re fine.\"
    Carrie Fisher

  7. #27
    Banned
    Join Date
    Jul 2002
    Posts
    877
    Originally posted here by ikalo
    I have found some guide in dowload section of antionline...
    it was Guide for Almost Harmless Hacking or something like that...
    Many things I read there about hacking/tweeking Win95 I alerady know, so I ask myself: If I know how to edit registry, how to remove virus/troyan/spyware manualy, or to tweek XP ... optimise services running... how to set my LAN to access internet.. how to setup firewall.. does it all makes me hacker...
    In my eyes if you do all of this just to be called something as childish as "hacker" then your nothing at all to begin with. This is one of the many reasons why I would almost be offendid to be called anything of the sort. Also nobody seems to remember back when "hacker" meant that you enjoyed something technical and it was often something you spent long hours on... or maybe you were the first to do something. Now that the word "guru" is also being thrown in the mix here, I not only dislike many of the peaple who use the word hacker... but most of the time it can be viewed as nothing but a big pissing contest at best due to words like expert and guru being thrown into the mix.

    Want to crack software & maybe find a buffer overflow? learn assembly... Wanna do lame and stupid sKiddie stuff like trojan someone's box? Maybe dDoS? Get a compiler and play with sockets... Defacements interesting to you? Get into a mixture of programing and web-dev...

    I don't see how prancing around repeating the words hack and hacker over and over agian has anything to do with security... yet alone computers. Its all a way for users & little kids to feel good about themselves or feel a sence of belonging around other peaple who have the ability to look at a screen, use a mouse, and press buttons on a keyboard.

  8. #28
    Senior Member
    Join Date
    Jun 2003
    Posts
    220
    well in my views, until n unless you know how the other person breaks in , how will you know how to stop him/ her? You need to think like him/ her.
    Now is the moment, or NEVER!!!

  9. #29
    Senior Member
    Join Date
    May 2003
    Posts
    159
    I guess it is very important to have the fundamentals of network, application and other underlying technologies to be very clear clear....

    I am sure that most of the hackers as they call themselves and many that I have known seriously depend on a host of tools freely available on the network...... I am not against using tools..... But my point here is often they dont know what to expect as output and are always amazed to see the output of target PC.. amataeur hackers as we call them....

    I guess anyone could do that once he / she decides to spend say 6 hours for a week and learn a couple of OS.....

    But defending is something else....... All the years of effort can go in vain by one succesful attempt of an hacker...

    So it is like ... A security professional has to win at all times to meet his security objectives ..while a hacker has to win only once.. and his objectives are met....

    Finally back to the question....

    No u dont need to be hacker to learn good security but often because ur security concepts are very clear it would be very easy for u to play a role of hacker also....
    ****** Any man who knows all the answers most likely misunderstood the questions *****

  10. #30
    rebmeM roineS enilnOitnA steve.milner's Avatar
    Join Date
    Jul 2003
    Posts
    1,018
    Originally posted here by MsMittens
    Do you mean by others or yourself?
    Very funny...

    I've never manaaged to compromise my home system except by social engineering.

    /me Dearest, I need to do some work setting up bluetooth syncronisation to your phone, what's you logon password?
    /my_partner Its ******
    /me Thank you.

    Steve
    IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •