• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

hacking methods

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses

View previous topic :: View next topic  
Author Message
eeps24
Just Arrived
Just Arrived


Joined: 04 Dec 2004
Posts: 0


Offline

PostPosted: Sat Mar 26, 2005 12:33 am    Post subject: hacking methods Reply with quote

does anyone know a site / guide where i can learn about hacking methods...DoS,smurf,man in the middle, land attack ......my security+ book doesnt satisfy me on these explainations
Back to top
View user's profile Send private message
alt.don
SF Boss
SF Boss


Joined: 04 Mar 2003
Posts: 16777079


Offline

PostPosted: Sat Mar 26, 2005 1:15 am    Post subject: Reply with quote

Hello eeps24,

Well I would not counsel you to walk before you can run. Perhaps you would be best to study the basics first such as tcp/ip and programming. Off of these two subjects is everything else computer wise based. Should that not satisfy you then check out metasploit framework or other like minded tools. Though you will never really know anything until you understand the foundation upon which all exploits are built.
Back to top
View user's profile Send private message Visit poster's website
eeps24
Just Arrived
Just Arrived


Joined: 04 Dec 2004
Posts: 0


Offline

PostPosted: Sat Mar 26, 2005 3:56 am    Post subject: Reply with quote

i have a decent foundation of tcp/ip,im no expert, but im not that much of a newbie with it...........just that in my security book.....it didnt detail the attacks well ........i want something where i can get details on information......not just a summary..........i want to be certified not paper certified, im sure many of you have noticed me with all my postings (sorry about that),i dont just want to learn something, i want to know why, whats going on etc, if anyone has any links or material i would greatly apprecaite it ......thanks
Back to top
View user's profile Send private message
dgavrilovic
Just Arrived
Just Arrived


Joined: 22 Mar 2005
Posts: 0


Offline

PostPosted: Sat Mar 26, 2005 4:57 am    Post subject: Reply with quote

check the SANS reading room. they might have some more detailed analysis info on the stuff listed in the sec+ books.
Back to top
View user's profile Send private message
Exodus
Just Arrived
Just Arrived


Joined: 28 Mar 2004
Posts: 0


Offline

PostPosted: Sat Mar 26, 2005 6:12 am    Post subject: Reply with quote

the best "hacking method" is your programming capabilities....
the underline is that hacking inst about methods... and it isnt somthing
you learn step by step.. it is somthing you learn from experince and researchs
Back to top
View user's profile Send private message
alt.don
SF Boss
SF Boss


Joined: 04 Mar 2003
Posts: 16777079


Offline

PostPosted: Sat Mar 26, 2005 3:41 pm    Post subject: Reply with quote

Simply go to www.k-otik.com and download some code. Compile it and use in in your home lab then.
Back to top
View user's profile Send private message Visit poster's website
Cybertrion-Systems
Just Arrived
Just Arrived


Joined: 03 May 2005
Posts: 0


Offline

PostPosted: Tue May 03, 2005 8:10 pm    Post subject: Reply with quote

one should be good in programming agreed but many of the code available on the net are outdated.
Better be in touch with the latest exploits, advisories and codes. This will help you out.
Back to top
View user's profile Send private message
njan
Trusted SF Member
Trusted SF Member


Joined: 02 May 2005
Posts: 9
Location: Scotland, UK

Offline

PostPosted: Tue May 03, 2005 8:49 pm    Post subject: Reply with quote

Quote:
does anyone know a site / guide where i can learn about hacking methods...DoS,smurf,man in the middle, land attack ......my security+ book doesnt satisfy me on these explainations


Take a step back for a moment here - what exactly are you trying to accomplish? I'll take it as red that you don't want to learn about these things in order to employ them as they were intended - which leaves two possibilities: either you want to learn about them for the sake of the knowledge itself, or you want to be able to defend yourself (or others) from similar attacks. In either case, you need to understand how these attacks work.

Quote:
Simply go to www.k-otik.com and download some code. Compile it and use in in your home lab then.


As alt.don correctly points out, testing these forms of nasty in a controlled environment is an excellent way to learn - but in order to fully appreciate how they work, you need to be able to dissect them and understand what they're actually doing, as ultimately, understanding solely how to use these 'tools' only gives you the ability to break things (ie. to use them maliciously) and recognise what the effects of these attacks are - neither of which are useful either for understanding what these attacks are actually doing or how they work.

Looking at those two goals separately for a moment, then, there are two pieces of knowledge you can pursue:

* How these attacks work

As 'Cybertrion-Systems' and exodus point out, in order to accomplish this, you need to learn to program. This coupled with a little knowledge of TCP/IP will let you understand how a SYN flood or a smurf attack is executed.

* What these attacks are doing

Although understanding how the attacks work helps, the best way to understand this is a little more practical (but also requires theoretical knowledge). Play with tcpdump, ethereal, or snort, and actually *watch* what one of these attacks does. If you have a 'decent foundation' in tcp/ip, you should have a basic understanding of what a packet dump from one of these programs means, but in order to fully get under the skin of the exploit, you will require an excellent knowledge of both how tcp/ip works and what non-standard uses of it do to servers in a controlled environment.

These are slightly different methods of accomplishing the same thing, and if you pursue either, you'll end up not only with an excellent understanding of a form of attack, but a set of theoretical knowledge (c programming and/or tcp/ip) which will be extremely useful to you in the future.
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register