Penetration Testing

[J_K9]

Dear All,
As I have just set up my wireless network at home, I would like to learn some penetration testing techniques, as well as programs I can use. I am familiar with nmap, and I have also downloaded programs like GFI LANguard and Nessus, boot cds like PHLAK and Knoppix-STd. I have read through as many AO tuts and threads as possible, but I would still like someone to tell me in a step-by-step way how to test my network to see if it has any holes, can be easily hacked, etc, and also which programs to use. Should I test the router or each PC individually?

Thanks in advance,

J_K9

[zencoder]

Well, what's the goal you want to achieve? Testing the integrity of your router? Your PC's? The privacy of your wireless network? It sounds like you have a passing familiarity with a lot of the concepts, and a few of the tools, but your post is very unclear.

It's like asking how to build an Automobile because you bought a 29 piece wrench set from Sears/Craftsman. I am certain the community here can answer your questions and provide the direction you want, but you have to ask the right question. Perhaps listing what you want to achieve, specifically, would help.

[XTC46]

1) download netstumbler and wepcrack...ok now you have a machine on the network.
2) download cain & able and scan the network for computer
3) run username enumeration on each machine.
4) run brute froce attacks on each name...


ok now youre on the wireless network, and have access to all machines (eventually) with out using a single exploit and all free tools.

chances are this will take alot fo time, only becasue of the brute force, use dictionary for faster attack.


*disclaimer* this is for learning use only. By reading this you agree that you will not use this really lame information for illegal operations. I am not responsible for your stupidity if this fails to work. and will not be liable if any information above is incorrect.

[ZomBieMann77]

Just for posterity's sake the newest version of cain and able just released not very long ago can be found here

[J_K9]

Thanks for posting guys. Basically, what I want to do is make sure that no randomer can just crack my network and be able to view all the shared documents and stuff that I have which are for me and my family only. I have MAC filtering enabled, use WPA, and have every computer as updated as possible. I just don't want someone coming along and sharing my broadband connection, or viewing my shared files, so that's why I want to see how easy it is to gain access to and how long it would take. This is why I asked how to do it and what programs I would need.

J_K9

[hongkongdragon]

Learn how to use Raindow Crack and generate a 64GB Raindow Table. You will be able to crack any Window 12 character password in a matter of few minutes.

[J_K9]

Thanks hongkongdragon, but that's not really what I'm looking for. Just telling me to get RainbowCrack and learn how to use it is not really what I'm trying to get at. As said above, I just want to see how easy it is and how long it would take for Mr. Cracker to access my network and share my broadband/view all my shared files.

J_K9

[ZomBieMann77]

I gotta say that the new cain and able has been a real eye opener for me. I thought I had my stuff pretty well locked down and found a few holes I had no idea they existed.