June 25th, 2004, 07:30 AM
"Practicing" with a home network...
Hey, I searched around for some info on this on the site and found a similar thread but I have some more newbishly specific questions, and I didnt wanna bump an old thread and annoy some people...
I currently have two desktops (one fairly new and pretty fast, the other very old and very slow), both dual booting windows and redhat 9 connected to eachother and the internet via a wireless network through a router connected to a cable connection. I am also going to be purchasing a laptop soon...
I have been really wanting to experiment with some exploits and try out some port scanning and packet sniffing etc.. and maybe even see if i can set up one as a fake little honeypot and see how it works by trying to get into it with the other computer, and just generally do lots of experimenting to see how things work haha.
But, I really am not sure how to go about this...i'm really not sure how I would set up a sufficient network between the two or soon 3 computers.
I was just hoping someone could offer me some advice on setting up the network between the two and what I would need to do to accomplish some experimenting...
i'm sorry if this is a bit of an annoying question, but even the most general response would be very helpful and appreciated !
June 25th, 2004, 07:33 AM
I believe in making the world safe for our children, but not our childrenís children, because I donít think children should be having sex. -- Jack Handey
June 25th, 2004, 07:36 AM
cool, ill look around there, thanks!
i guess i should have looked around on other sites first....sorry about that :\
 - is there any way i can set up a similar network to the direct ethernet cable connection described on that site with the wireless network from a router? I know I would have to change alot around, and maybe even eliminate the router (?)....but...uh...i'm not so sure lol..
also, that whole "hacker lab" thing is completely dedicated to windows...im looking to do this through linux
June 25th, 2004, 08:46 AM
Ok so you want to setup a linux wargame network so you can practice your hacking skills. hmmm... my guess is first thing to do is YOU learn how to network them, because that is the first and most important part of hacking or computers networking.
I've set up a few of these myself but if your really interested, 1. do your homework 2. buy a few books on linux and maybe hacking 3. get your friends into it, Hacking in a group (legally ofcause) is a lot more fun, challenging and you will learn alot more.
By the way b4 any question, goto www.google.com and have atleast a 5 min search
my 3 cents
June 25th, 2004, 09:14 AM
and try out some port scanning
As far as experimenting... A standard skiddie attack is to first scan a computer for open ports and vulnerabilities, find if there are exploits for those services, then grab the exploit code from the net (using Google or some other search) and execute it. A popular vuln scanner is Nessus... Now you can scan the computer and try to get in. If it succeeds, try and fix the hole or find a way of preventing it from happening. It's really just a matter of tooling around and trying a lot of different stuff. Oh, and don't forget to have fun in the process.
And Google is your friend, as Modderfokker pointed out.
June 25th, 2004, 07:09 PM
thanks alot guys!
I already have used nmap and nessus, and ethereal a bit, I was just looking for advice on setting up a "Hacker lab" with my 2 computers on a wireless network with my current set up...
But i guess youre right modderfokker, I really probably should just look around and try to figure it out from the base for myself. I was just hoping for someone to get me started with a bit of a general idea of what exactly it is I am going to have to do ... haha i am lost
Thanks for your help everyone....im off to start searching for some texts to read about networking basics haha
June 25th, 2004, 07:37 PM
You might also want to take a look at a MS system. You can download a trial copy of Win2k3 server so that you can get some experience.
N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)
June 25th, 2004, 08:18 PM
I suggest ditching Redhat for something like Knoppix STD. You can boot from the CD and it has many security tools and documentation pre compiled and installed..Ready to run.
Airsnort and Kismet in particular ( you mentioned wireless ).
June 25th, 2004, 10:21 PM
Well, if you wanna mess around and see what all you can do as suggested before you could check out nessus... and nmap ver. 3.50 would be good too.
For wireless WEP cracking if you wanna see if you can break into your own Wi-Fi network from outside the LAN and you're using WEP inside the LAN try AirSnort (also suggested before) and/or look into WEPCrack. With AirSnort if I remember correctly you'll need to passively capture around 5-10 million packets and after that time it will make some guesses on what the Key is from the packets captured and analyzed. As far as the sniffing goes you could use Ethereal but I've got some captured packets in the past that were a tad inaccurate. Ethereal has a capture and display filter that are both powerful and you can use pcre's around them and some boolean logic to narrow down your results specifically to what you want. Like for example using 'ip.addr==IP Address goes here' in the display filter would only display ip-layer traffic (including ICMP, IGMP etc) and up to transport-layer UDP & TCP. It would ignore the lower Ethernet II traffic though you'll probably want to see that so it's up to you what filtering rules you'll want to use. With Ethereal you'll need WinPCap for Windows or LibPCap if you're running it from RedHat.
You might also want to try EtterCap which is a powerful sniffer for Switched-LANS (can even sniff ciphered protocols) and has some decode support there too... or even try CommView for Windows, it's pretty nice and I've yet to see one inaccurately captured/displayed packet (all GUI). Only thing is if you go with CommView with their "Trial" you'll only be capturing half of the packets as that is the trial limitation (really sucks). There's ways around that though. There's others but these were the ones worth mentioning. Good luck with your experimentation.
http://www.insecure.org to get NMap. (Nix & NT/XP/2K)
www.commview.com to get CommView. (Windows)
http://ettercap.sourceforge.net to get EtterCap. (Nix & NT/XP/2K)
http://winpcap.polito.it/ to get WinPCap. You'll want to get 3.0 or earlier if you're using NMap with it. 3.1's incompatible with NMap 3.50 but they do offer a patch in C that'll fix that. Save yourself the time and use 3.0. 3.1 isn't much different. (Windows NT/XP/2K)
http://sourceforge.net/projects/wepcrack/ to get WEPCrack. (Nix)
June 25th, 2004, 11:41 PM
Which ever you choose your OS to be (Windows/Redhat sounds fine) make sure you explore it inside out. I continue to (even though I've been doing it for awhile) explore my home network's machine's (which is Win98/Me and OpenBSD). Experimenting only on your home network is key as you could and would probably get in trouble if done otherwise. So be sure to study your OS inside out.