Tutorial: Wargames: Part 2 -- LONG

[hypronix]

This stuff is beautiful, and I stongly believe such tutorials are somewhat rare - given the depth and breadth - "out here" [in Internet land].

As for colleges... yeah, Canadian colleges have this stupid thing about certificates but... the experience is never something you can render useless And I think any decent computer security specialist has to learn every morning with his/her coffee about what's new out there [exploits, tools, software etc.]

[Sunflare]

Nice tutorial, I'm enjoying these - I participate in war games similar to this with other computer students at my high school. Some observations about the "brute force" method mentioned... Brute Force is easily foiled in many cases by a more complex password. That Junior Admin who used "letmein" as a password is an example of someone who just doesn't know how to create a decent one. The brute-force program that I use in my games uses a dictionary-base attack first to see if the password is a single english word, then it checks simple phrases (like let me in) before moving on to a standard "try everything" approach. The only way I can think of to brute force a password like "s0m3timr$fqxqut*b%s0m3timr$fqxqut*b%" (I've never managed to successfully do this) is to distribute ranges of possiblities to check between a few hundred systems. Needless to say, this will overload a network and so you must be able to check passwords without contacting the server. (Eg: download a .pwl file and distributing it).

I guess what I'm trying to say is... use complicated passwords; while a long password is annoying to type in, if it's the admin password it pays to make it complex.

Once again, an awesome tutorial.

[MrLinus]

That Junior Admin who used "letmein" as a password is an example of someone who just doesn't know how to create a decent one.

Actually, that Junior Admin was an example of someone who doesn't understand the importance of locking an account after too many retries. The fact that I spent so long on it meant that at some point, even with a strong password, I'd get it.

Some sent me a note asking how I can post this and yet discourage questions about "hacking". I guess it comes down to "intent". That is, what's the goal. If the goal is to learn how to "hack my g/f's account so I can prove she's been cheating on me", then no. I don't advocate or support this. If the goal is to learn how attackers do what they do so I can lock down my machine better and keep users more informed, then this is what it's for.

I guess, it becomes a question of ethics.



I still have a couple of more tuts to work on for this series but have taken some time off due to some bronchitis. Perhaps later today I can get #3 up and then another one later this week or early next week.