just a few words

There’s some conversation going on lately on ways to improve the quality of the posting on this site, making it more computer/security oriented. Too many of the posts just pertain to general anything. Not that there’s anything wrong with general chit-chat but it would be nice to be able to do more sharing of knowledge.

We the members of AO are ourselves responsible for this.

Newbies come to this site and ask a simple question, only to get responses like RTFM of go search google. If a newbie asks a question pertaining to security he’s auto-banned after being accused of disreputable deeds. Then we complain of no technical conversation.

A simple question can turn into an in-depth discussion if it’s approached correctly and all can learn from it.

Discussions on intrusion, passwords or vulnerabilities do not have to be presented in a ‘teaching’ fashion. That would be against the rules but a lot can be said without creating script kiddies or newbie bashing at the other extreme

I suggest, that unless we have a blatant script kiddie, we have a serious (or lighthearted) discussion on the subject. If someone asks a simple question let us not chase him or her away, but rather do our best to help.

let me say that im as guilty as anyone and there are some here who do not offend anyone and try to help all,

I for one intend to do everything I can to make AO a more attractive place for people to come and learn and share knowledge. (I know, I know…then stop posting)

Thank You for letting me share

i agree Tedob i think a lot of people have been scared away if people ask about packetsniffing passwords exploits people always just jump to the conclusion that they are brakeing in to networks doesnt tools like JTR and various packetsniffers and exploits help a lot of of people secure there networks?

I agree as well, I've seen a few people scared away in a period of like a week. I think that each question, as you said, can turn into an extremely in-depth discussion. The only thing is, if we let it. We really should be trying to "combat" the kiddie behavior that has been going on with real Security Information based discussions. I've learned alot from AO and from what I've heard, people have learned from me. I want to help contribute and learn to this place, and having more technical discussion's and answering people's questions instead of chasing them, is a good way to help.

I agree with the idea and I agree with the fact that all of us, myself included, have to stop assuming everyone is out to cause trouble. But there are valid reasons why we have jumped to these conclusions.

Part of the problem is the fact that this site is promoted as a hacking site and many people don't have the correct definition of hacking. The world at large thinks hackers are malicious. A lot of people come to this site wanting to learn about malicious hacking. As a result we assume that they are up to no good.

I came to this site for that very reason, by a google search, and was turned around by the people here. In that respect I think we do need to get back to the basics of trying to enlighten people that come here that we are in fact a security site, capable of teaching and sharing infinte amounts of information.

I will try harder not to jump to conclusions, as it makes me a hypocrite and that is something I don't need to be, and to do for others what AO has done for me.

I think you bring up a good point. A simple question can grow into a great discussion. In defense of those who tell the person to RTFM or go to google. If you look at the question its usually the type, How do I hack my teacher's hotmail account and so forth.

My question is how far do you want to go in these discussions? Last week we had a good topic called how to hack winXP. A lot of good ideas were brought up but the post was suicidal due to the script kiddy nature of the posts.

Agreed, definitely. Maybe by taking out the metatags (Hacking, Hackers) less script kiddies will search google for Hacking and come here. But yeah, their are reasons to assume, but unless you have a blantant s'kiddie like Tedob1 said, try turning it into a real discussion that people can add to if they are knowledgeable in that specific subject. There is nothing like having a real "Hot" Topic where everyone add's something they know and keep the topic a really good one. If people add to it, and help out others, I'm sure we'd be proud to think, "Hey, I contributed to a great discussion, and I'm sure someone learned from it". I, myself, would be happy to have a HUGE topic where mostly EVERYONE add's something they know and/or can contribute. Sorry for the long post, but I do think this is a good Topic and one that we really need to look at.

detoxsmurf obviously if someone asks "How do i hack my teachers hotmail" s/he is a potentially dangerous kiddie. But is someone claiming to be a teacher asks how do i keep my hot mail from being hacked adn how is it done, comments like: don't leave your computer unattended any one can access your hot mail account from your computer due to the authentication process they use" gives them nothing but good advice, encourages others too give good advice. any one reading the posts will GET good advice and everyone learns and has a chance to share. Where as posts like: get lost, you just want too hack your teachers email, are just counter productive for this site.

Now im not saying NOT to get rid of SKs, we should all do what we want, freedom is paramount. All im saying is that im not going to assume they are SKs, but not give tips on breaking in at the same time, and offer this as a suggestion, in an attempt to better the quality of posts

maybe im wrong, but didn't that hack winXP thread go suicidal because of someone posting to that thread and not because of the thread starter or the nature of the thread? Or am I confusing that with another thread?

This is really good "thread" Tedob1....I definitly agreed with you...
Can't say no more...Really good read for anewbie like myself...

I almost totally agree with you tedob1, but you have to admit brand new users who treat AO as if it were google, starting several threads a day asking 1 dimentional questions easily found already answered elsewhere, do not add to the quality of the posts here, and are a pain in the ass in general.

Oh, btw, how do you hack?? :)

your right doktorf00bar there are those with absolutly no grasp of technology, and again, tell them off if you must, although IMO just ignoring them will make them go away and not discourage those that do have an understanding but have not posted before and would like to.

You hack something by learning it well enough to make it work FOR you!

Ahhh, but it isn't lack of tech knowledge I chide, but laziness. If you can use google to find AO, and know it is a security/tech/whitehat hacking/whatever site, you know how to go type "router" in the little search dialog. There are many complete newbies here that post inciteful, probing questions that show the AT LEAST did a little research. I would absolutely never neg someone just for not knowing about something.

btw, Wha'ts a router?? :)

Do what thou whilst!

A router is a tool used for putting beveled edges on wood or making precision cuts and joints I.E., dovetail.

:-)

as can tell iam new here and i tryed helping some1 use sub7 which i can use quite well and 2day i got a pm off a guy off here telling me 2 clam down or get kicked off 4 some reason could u plz pm me tellin me y he said that :confused:

Quote:

---

Originally posted here by prodikal
i agree Tedob i think a lot of people have been scared away if people ask about packetsniffing passwords exploits people always just jump to the conclusion that they are brakeing in to networks doesnt tools like JTR and various packetsniffers and exploits help a lot of of people secure there networks?

---

Actually when taking classes like the SANS GSEC training the first things they have you do is download packet sniffers, password crackers, etc for windows and unix/linux and learn how to use them. They even have you download and play with sub7, netbus, etc (in a test environment you set up of course).

It's like everyone who complains about there being a downloads section on a security site....you have to realize you have to know the enemy's tools and methods in order to protect against them.

There are some legit reasons to ask for trojans, cc generators, etc. When asked about them we need to ask the requestor on why they want that tool and in alot of cases on here make sure they know enough to test that tool in a safe environment and have everything in place to fix their system afterwards.

Quote:

---

Actually when taking classes like the SANS GSEC training the first things they have you do is download packet sniffers, password crackers, etc for windows and unix/linux and learn how to use them. They even have you download and play with sub7, netbus, etc (in a test environment you set up of course).

It's like everyone who complains about there being a downloads section on a security site....you have to realize you have to know the enemy's tools and methods in order to protect against them.

There are some legit reasons to ask for trojans, cc generators, etc. When asked about them we need to ask the requestor on why they want that tool and in alot of cases on here make sure they know enough to test that tool in a safe environment and have everything in place to fix their system afterwards.

---

hey juridian thanks for clearing that up :thumbsup: but new people that ask questions like that some times they dont make there self clear and people do infact jump down there throat with negs it a shame really because if threads with people asking how crackers crack there system and explaining how it happens and how to clear up afterwards maybe all of us could learn some thing new and bring back the technical aspect of the site

utterly agree with Tedob for bringing up this point... a voice of reason in a site that has recently been having way too many duious threads.

and in an attempt to practice what others are preaching...... hackers r us.... I very much suspect the pm telling you to clam it was because you were telling someone how to use sub7 - a known SK tool - something which tends to be frowned upon round here. I didn't see the thread you posted but I supect that you may have been less than discrete giving out this kind of info - did you for example ask the guy why he wanted to know how to use sub 7 or did you just tell him? There 'may' be a legit use for using sub7 on your own network in order to see how it works and how best to protect your own network against similar trojans - but far too often it's used by kiddies to 'hack' into someone else... what kinda 'credentials' or 'reason' did the person you spoke to give for wanting to know how to use it??? I suspect they didn't give any reasons and that you didn't ask for any - so how do you know that you haven't just given some lame brain an easy route to screwing someone else??


just my two <insert currency of choice here>

Z

PS I did say I was attempting to 'practice' ;-)

I have been thinking about this a while and about the best I have come up with is to use the anti-point system to reinforce discussion about technical topics, security, etc. I am not saying neg off topic posts, but maybe they shouldn't be getting positive points either...hard call.

For example, I got more positive antipoints for: http://www.antionline.com/showthread...058#post577058
(a post regarding a US promise to take out scud sites in the event of war)

than I had for the previous 20-40 posts answering/posting/commenting on technical issues. While I am not saying that I don't appreciate the points, many of the questions are asked by people new to AO and they by default will not be able to reward AP's (or at least not many), so perhaps it would be a 'good thing' for the more senior members to reward those who discuss technical issues and provide help, rather than heavily rewarding (not saying don't reward, just maybe not so heavily (maybe even be given the ability to chose a certain level of AP's to reward would be nice (rather than a predetermined amount based on our AP's) off-topic posts.

Dunno, with that said, I will go crawl back off into my hole...

/nebulus

There will always be people giving out points for silly things (silly meaning points for topics that obviously have nothing to do with computers or security). What you do about that is what makes the difference. From time to time I get people who tell me that they are gonna 'slap me with some greenies' for this or that....and I tell them not to bother unless it is for a post that earns them.

exellent points... everyone.
thanks to tebob1 for bringing this up!!! very much a topic of discussion.

i think too what we need to keep in mind is that we have a rare opportunity to influence some of these skriptkiddies. they come looking for knowledge. we give them knowledge as well as an understanding of security and white hat. those who were first enticed by the power that is obtained through knowledge can also realize that same knowledge can be used for good or evil. (i will not use my powers for evil)...

just as dart vader was turned to the dark side, he was also reformed at the end (o.k, that was prolly really geeky there, sorry ;) )

I want to second Qwerty. Even when someone comes and asks a definite SK question we can use that as an opportunity to influence them away from the "Darkside". Another problem that occurs is with language barriers. We have lots of members from other countries who are using English as a second language. There are tons of us from America that can't understand the Queen's English at all. Misunderstanding of posts is bound to happen.

If I interpret Tedob's post correctly, and I agree with this interpretation, I believe the focus is on a bit more tolerance so that newbies aren't driven off. If the question is SK oriented it can easily be directed towards more depth and more true security by a continuing thread.

If someone posts multiple threads on the same topic they could be warned first. I know that my first warning about searching for past threads before posting was PM and not a neg. For me that meant it was appreciated constructive criticism and not a nastygram. Even with searching though it is easy to post topics previously posted using other wording etc. When these posts are bled on it is a shame and detracts from the possible value of the site.

Some things are catch 22's. Example. I want to post on subject A. Subject A was posted on 3 months prior but the question wasn't fully answered. Do I post a new subject and get negged because it had been discussed or do I post a reply to the first thread and get negged for dredging up an old thread. I have seen both happen to people. Most older members have learned to put disclaimers on their initial posts.

I personally would like to see the site show more allowance for new members. If you have 3 or 4 green dots and start pulling SK crap or posting multiple threads you should be negged. Those poor 1 gray dot guys should be given a break until their true intentions can be determined. Then we can all balance our AP point system on the SK's and black hats :D

Great thread, some very valid points. :cool:
There do seem to be 2 types of antionliners
1. the ones who try to help others (even trying to decode to "dumb" questions)
2. the people who like to show off how many APs they got and how smart they think they are.

Totally agree with the tolerance to newbies (not just coz I am one :rolleyes: )

Yes, I also say be kind to newbies, because, no matter how long you've been at it, there is always at least one dumb question left in you, i mean, there are some things that just don't come up in computer discussions that seem easy to you or me, but my slip by someone with equal or even greater intelligence. recently a kid in my class, after holding up his end of a twenty-minute conversation about port surfing and password auditing, asked me... "What's an optical mouse?" get my drift? we all have something we don't know as well as others, apparently thats why we have this site!! :-)

I agree to an extent. Some poeple use AO to express something in gen. chit chat because they can't express it anywhere else. many are too afraid, due to low self esteem. here, they can get feedback on who agrees and who doesn't. i do agree that some discussions should be more security oriented, and that those who need the help get it and not be tormented for the help they request.