HACK inn

[chsh]

Originally posted here by JRUMJ
Sorry I don't mean to jump the gun, just felt his comment was uncalled for.

I have learned about the OSI 7 layers. Which definitely help but I am "curious" as you say about hacking. I am not just speaking of networks. The way I see it is if I cannot do something I want to do I find another way to do it (right? that is how most people are) A administrator will close all entrances to a specific potential problem area (Right??) And he moves along to the next task. Ok that "hacker" found another way to do exactly what he wanted which is why they are hackers (Why I would like to know MORE than I do now about hacking). Hopefully this will clear up any thoughts you guys have of my wanting to hack a bank or something.

If you can on the spot describe the differences between the OSI model and the TCP/IP (or DOD) model, then maybe complaints about what you are and aren't getting taught are valid (or not). Honestly though, in your original post you ask about stuff that requires a good working understanding of networking to know. Do you know what an ISN is? Do you know which (of UDP, TCP, and ICMP) include packet checksums? Do you know what an RFC-standard response is from a router when you're trying to send stuff to a port that's blocked/unavailabe? Which protocols are used in this? It's not run of the mill "I have an IP address, netmask, and gateway" type stuff that you're asking about. You need a solid foundation. Simply saying "I have learned about the OSI 7 layers" doesn't really cover jack.

Originally posted here by Tiger Shark
Girls and boys....

I don't have the time right now or I would help the guy... He's kosher... Cut him some slack and answer the questions.... Most colleges etc. barely teach how a computer works... At least the kid is _thinking_... Give him a break....

Kosher doesn't equate to flaming people who are actually replying with useful information IMO. I think reds are perfectly justified. Crying because it wasn't the exact response he wanted to heard is BS.

[aciscorouter]

Hey there, I posted a tutorial/guideline last year for hardening the configuration of a Cisco router - My Tutorial

Hope this helps...

Gary

[JRUMJ]

Thanks, don't know where to start.....foxyloxley, Relyt, nihil, |3lack|ce, and Tiger Shark thank you for your time it is appreciated!

I understand public/private ip's and static/dynamic routing. Also the protocols that are used on common ports.

Nihil I understand your point about old hacking tools or information is not very useful because of rapid changes. On the other hand, it helps to know even if it isn't used often or at all. New tech usually comes from some type of revision or mod of the older.

|3lack|ce, I honestly started taking about DOS and DDOS denial of service attacks, teardrops and sort tonight in my WAN class. Good thing to know! Exactly what I was looking for by posting this type of question..... I need to do more reading on this, my book has only 1 page and not much to say. I know it is when you send a request UDP and ties up the destination (because it is waiting for the handshake but doesn't get one, just repeat connection requests) which will result in internal (in the targets network) denial of service. This is where the hacking side would help me. What would/how would this packet be sent? I know UDP is connectionless, it doesn't care if the packet gets there or not. AHHHHHHHH.... So hard to explain typing. So you send a packet, destination will acknowledge, respond and wait for the connection that never comes. How would you prevent the connection? I guess I just don't understand...

Thank you!! I need to research this more..... Also the smart whois, firewall logs information definitely helpful! No need to get rude, you are correct LOL

Tiger Shark - You made a very good point about the teachers (sounds like you have been in my shoes ) Thanks!

[JRUMJ]

.

[sec_ware]

Hi

I need to do more reading on this, my book has only 1 page and not much to say. I know it is
when you send a request UDP and ties up the destination (because it is waiting for the
handshake but doesn't get one, just repeat connection requests) which will result in internal (in
the targets network) denial of service. This is where the hacking side would help me.

Although I understand your motivation (since it is the same as mine - to understand the
working of things in detail), this is not necessarily needed as a network administrator.
In case you are interested in particular details, learn them if you have the time to do
so - and ask your teacher questions, for which he might not know the answer

Let me take the DOS as an example:
I guess the point to be made is that there are ways to DOS, DDOS a network, a server,
a service, hence to make "it" unavailable. It is hopeless to try to understand how
this is done in detail for every attack vector[1,2,...] (because there is a huge number of
"how to do so"s), but one should learn how to cope with such an attack[1,3,4,5,...] in general.
As a network administrator you have to make sure that your network is available - learn
how to remove one of the conditions of the vulnerability "xDOS", and there is no
vulnerability "xDOS" anymore.

Of course there is a relation between "understand how to avoid a DOS" and
"understand how to DOS", but it is not the same. Another example to illustrate this:
the principle of a basic heap overflow is to misuse two commands (which allows
you to overwrite an arbitrary region in memory) - I understand 5 ways how to exploit this.
Now, if you are designing your memory management, you do not have to know these
5 ways (out of thousands?) - you need to know that these two commands are
intrinsically dangerous and redesign your management accordingly.


Cheers


P.s. Hopefully, this is a reasonable "I just became AntiOnline Senior Member" post


[1] http://www.cert.org/tech_tips/denial_of_service.html
[2] http://en.wikipedia.org/wiki/Denial_of_service
[3] http://grc.com/dos/intro.htm (old and grc.com, but still a nice read )
[4] http://www.tech-mavens.com/synflood.htm
[5] http://www.google.com/search?q=count...Aacm.org&meta=

[Tiger Shark]

sounds like you have been in my shoes

Nope... I hire people though... and it bugs the **** out of me when interviewing someone with a Masters in Computer Science and finding out they know jack sh1t about how a computer works... But they are great at writing programs in Cobol for their schools accounting systems...

So hard to explain typing. So you send a packet, destination will acknowledge, respond and wait for the connection that never comes. How would you prevent the connection? I guess I just don't understand...

That's a teeny part of this kind of DoS. This DoS relies upon using up the resources of the operating system. Whenever a connection is made the system sets aside a control "session", (brain dump on the absolute term), but, depending upon the OS it has a specific number of these sessions available and it is limited by it's physical memory that can be set aside for these sessions. The first packet you sent in your scenario opens a control session... That's not going to do any harm... but there comes a point of "saturation" where you send enough packets to use all available control sessions. No further use of that computer is possible for legitimate means because it is now unable to accept any further connections. The defense against this is a properly written OS that can recognize that there is a buildup of unused sessions and times them out quickly enough to be able to continue functioning.

Hope that helps some.

[Konshuss]

Oh dear!! Are you at uni? or college? or Sixth form? Why dont you type these simple qusetions into a search engine!! Why are people replying to his query with essays?

[Tiger Shark]

Why are people replying to his query with essays?

Because most technical documents don't give you the "feel" for what is going on.....

Because some of us don't mind helping people rather than just telling them to "Google it"... :rolleyes"

Because the OP says he has read a bunch of stuff.... and he still isn't grasping it.....

Need I go on?????

[HTRegz]

Hey Hey,

TS: People who have degrees in comp sci are very different from people who are taking networking... At least up here anyways... At college we made fun of the Uni people taking comp sci... they could program circles around us... but they couldn't turn on their computer... It's the style of the course... As for college programs... We covered the CCNA, CCNP, Nortel NetKnowledge, The Cisco Security and Access controls book, 2 semesters of security, courses in every operating system. It was covered.. you just had to have a basic thought process to take the information they were giving you and apply it..

I haven't seen this mentioned, although I skimmed quickly through some of the stuff.. so..
JRUMJ: Which semester are you in and how many semesters are there... Before they can teach you "hacking" btw, refer to it as security around here, they have to make sure you know everything else.... We didn't cover security until the last year of my program... What courses are you taking... what courses have you taken, what courses will you take in the future... Perhaps you're missing something in the classes that we can help you find.

Peace,
HT

[Tiger Shark]

they could program circles around us

...and this is what bugs the hell outta me.... Computer science should = The Science of Computers/ing. It doesn't. The Uni's are lying to the kids who then spend 4 years getting a degree that is absolutely useless to them in the real world... But the Uni's get lot's of cool options on the programs of the administration dept and loads of great reports... And the kids are paying them to do it... SUX!!!