Security Basics mailing list archives
Re: Intro To Hacking
From: Jonathan Loh <kj6loh () yahoo com>
Date: Mon, 18 Oct 2004 12:45:44 -0700 (PDT)
With that said. How did you build your first honeypot then? Were you not a beginner? There are different types of beginners here. One that has training and one that does not. Think about it how does anyone build anything? If everyone took your approach we'd be back in the stone ages! Everyone has to start somewhere. --- Miles Stevenson <miles () mstevenson org> wrote:
Hi Jason, First of all, I URGE you to please take your "insecure" machine OFF the network! Please do us all a favor and keep your machine from becoming "0wned" by an attacker and used to attack others. Even though I'm sure you don't intend to harm others, you are still responsible for that harm if it should happen. Honeypots are NOT for beginners, but for advanced security researchers that know what they are doing, and carefully monitoring their systems with numerous controls in place to keep that honeypot from being used to attack others. WIth that being said, there are tons of resources out there for beginners, but few that follow a systematic approach to learning offensive attack methods in a logically organized way. I would say that one of the BEST out there is the SANS Track 4 "Hacker Techniques" class taught by Ed Skoudis. Less costly options include popular books like the "Hacking Exposed" series. One free option, would be to check out the SANS reading room and read the papers written by SANS Track 4 students: http://www.sans.org/rr In general, I would avoid "blackhat" resources while you are a beginner, because they tend to be less organized, full of grammatical errors that can make it difficult to understand the material, and usually aren't as good at thouroughly verifying their facts. Leave this stuff for when you get to an intermediate stage, and it will be a lot easier to swallow. But this stuff DOES become valuable once you get to that point because you can pick out the clever ideas and apply them in a practical way. Finally, you are going to have a MUCH easier time with this stuff if you have a strong background in networking and programming. It's no coincidence that so many successful security people out there usually have 5-10 years of experience in one or both of these professions before moving on to security. The better grasp you have of networking and programming, the better off you'll be. Good luck in your endeavors. -- Miles Stevenson miles () mstevenson org PGP FP: 035F 7D40 44A9 28FA 7453 BDF4 329F 889D 767D 2F63
ATTACHMENT part 2 application/pgp-signature
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com
Current thread:
- Intro To Hacking Jason Dusek (Oct 15)
- Re: Intro To Hacking Miles Stevenson (Oct 18)
- Re: Intro To Hacking Jonathan Loh (Oct 19)
- Re: Intro To Hacking Miles Stevenson (Oct 19)
- Re: Intro To Hacking Jonathan Loh (Oct 19)
- Re: Intro To Hacking VHP3 (Oct 18)
- Re: Intro To Hacking Greg Tracy (Oct 18)
- Re: Intro To Hacking Barrie Dempster (Oct 19)
- Re: Intro To Hacking Micheal Espinola Jr (Oct 18)
- Re: Intro To Hacking Greg Tracy (Oct 18)
- Re: Intro To Hacking Jon Lawhead (Oct 18)
- Re: Intro To Hacking xyberpix (Oct 20)
- Re: Intro To Hacking Andrew Smith (Oct 18)
- Re: Intro To Hacking Jason Dusek (Oct 18)
- Re: Intro To Hacking Andrew Smith (Oct 18)
- Re: Intro To Hacking Jason Dusek (Oct 18)
(Thread continues...)
- Re: Intro To Hacking Miles Stevenson (Oct 18)