I was wondering about ethical hacks.
Do many Admins do ethical hacking of their own network looking for potential threats?
I was wondering if it would help my Linux career to be more than familiar with hacking in all its forms? |
if your a network administrator, it would absolutely help. there are companies devoted to just this. sorry for the short answer!
|
My view of ethical hacking is this: a policeman has to know how to shoot a gun to protect the community, but the criminal can also shoot a gun. Hacking is like a gun, the knowledge in the right hands is a useful tool, in the wrong hands of a cracker or black hat is dangerous.
|
Quote:
And it's my opinion that good admins know how to identify break-ins, but the GREAT ones break in to their own systems (or at least know how to test for vulnerabilities with real "blackhat" tools and what to do with problems they find) so they're ahead of the game in terms of prevention. Like Kalabanta stated, the knowledge is just a tool...it's up to you to determine how you use it. |
I don't think you will have one person who is knowledgeable about network administration tell you otherwise. I have a few servers myself and I might not be able to just go out and take over any computer (or want to for that matter) but I definately scan my own with tools looking for vulnerabilities. I would say tho, don't focus on the 'tools'. If you can learn how to do something manually you need to so you can understand what the 'tool' is doing. Obviously I'm not talking about port scanning or anything easy like that but go out and (for example) if you have ftp running, find an exploit for your version of ftp and take a look at the source code. It's probably be some sort of buffer overflow but still try to learn as much as you can about how it is done and not so much on what can do it for u. (please keep in mind that knowing the tools is important as well.) However if u take the time to learn what is going on, where u might have only been able to block the vulnerability from one program u then can fix it for all. I just had a son and haven't gotten any sleep for awhile so if this doesn't make since I apoligize.
nomb ***EDIT*** I would look into running some virtual machines for you to test agains so u don't mess up your box. |
Google for Darknet.[org|com|net] if you want 'ethical' hacking tools designed to help you try to hack into your own server for educational purposes.
There's some very well written stuff there; just keep in mind though that as good as they are, every hack leaves behind a trail. I helped admin a re-seller server for a while and it was very slickly hacked by some of the tools available from Darknet, and they left the tools behind as an example. Had they not, there was still the server logs and ISP records to track them down. They didn't 'destroy' anything, but were just showing us how crappy our security was.. |
Ya they were definately trying to make a statement. LoL If they had been serious they would have crond a script to remove their lines out of the logs. Thats really funny they left the tools.
***EDIT*** Few other sites: insecure.org securityfocus.com neworder.box.sk |
It's usually called "penetration testing" by professionnals
http://www.derkeiler.com/Mailing-Lis...ocus/pen-test/ |
Who said any of us were professionals?
ethical/penetration testing/white-hat its all the same. |
I was answering to the person asking the question
Quote:
Carrer ... Professional "White hat" and "ethical hacking" is script-kiddies terminology. |
Well, the tool they did leave behind was something of a self-contained shell, and was quite capable of wiping the entire server AND the MySQL databases with less than 2 or 3 clicks. It was a full GUI-based shell with replication abilities etc.. I think if they had intended to be malicious, erasing the logs would have been unnecessary, as the entire machine would have been empty :D
|
Sry, thought you were refering to myself.
And yup they are 'script kiddie' terminology. Considering his question I figured I'd use terms he's probably heard before. Something I would like to know tho is with the white-hat certifications that are out there I wonder if they do show you how to write your own. I would assume they would which would in my opinion take white-hat out of the 'script kiddie' classification. I dont know if they do tho so don't quote me on that. One more thing, most definitions tie script-kiddies to using programs to 'attack' computers. So I was originally gonna say that most everyone could be classified as a 'script-kiddie' once they use nmap to scan, but now looking at it, since technically your not 'attacking' the computer do you think that would still count? |
Quote:
In the broad sense, scanning is usually a precursor to some type of questionable activity. I do incident response for a living and normally report scans, although they are usually considered low priority since a scan usually isn't malicious. If I see a host scan against a Class B, I report it, and, one hour later, see more scans from the same source IP but looking for running services on hosts found during the first scan, the priority escalates. Granted, its nothing but scanning, but there's a definitive trend. Why the diatribe? People use the technicality that a scan isn't an attack a good bit these days, while, behind the scenes, there ARE people out in the world wide web that consider it rude and actually watch for this type of activity...all because of a few truly bad people. If you wouldn't scan an FBI/CIA/NSA computer from your home, you probably shouldn't scan anyone else's IP(s) either. If they don't hunt you down (depends on what you're doing and how they perceive it), its almost a guarantee that your ISP will be notified. The potential trouble lessens when you scan a home account...business/govt netrange owners will probably react differently. |
Are all these tools mentioned before for windows or Linux?
|
what r u looking for i can tell u for either.
For linux I would definately recomend: nmap nessus john the ripper wireshark netcat For windows I would recomend: nmap lc5 john the ripper cain n able wireshark netcat For webbased pages I would recomend: any structure downloader firefox with web devel addon and agent switcher Since none of these actually 'attack' the computer, you shouldn't be called a script kiddie for using them. Altho from a programming standpoint, why wasted the time writting your own when u can recycle someone elses. |
All times are GMT -5. The time now is 05:50 AM. |