LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-24-2007, 11:59 AM   #16
nx5000
Senior Member
 
Registered: Sep 2005
Location: Out
Posts: 3,307

Rep: Reputation: 57

Quote:
Originally Posted by nomb
Sry, thought you were refering to myself.
No no no
And for you, professional is an insult?
Anyway..
Quote:
Something I would like to know tho is with the white-hat certifications that are out there I wonder if they do show you how to write your own. I would assume they would which would in my opinion take white-hat out of the 'script kiddie' classification. I dont know if they do tho so don't quote me on that.
[mylife lol]
When I was a bit younger (8-10 years ago), I wanted to do this kind of job and the fashion of security arrived and it was not funny anymore. I got sick by the hype and media around it.
I took a more general path and just made security my hobbie without doing any harm.
[/mylife]
So I can't give you an answer. But I would say that for testing a system, you first have to know it. The first step would be to have some basic and advanced linux/windows certification, general ones.
Then you probably have to make yourself a name or work for a company that is known for good results.
You can also concentrate on one precise subject (like pax, nx bit, web security,..)
But take care, this kind of jobs are ephemeral IMO. After 5 years, new kids will arrive and will hack your box in less than you can think because there are new techniques.
At the opposite, experience is very important. Understanding general security concept is a must background.
Quote:
One more thing, most definitions tie script-kiddies to using programs to 'attack' computers. So I was originally gonna say that most everyone could be classified as a 'script-kiddie' once they use nmap to scan, but now looking at it, since technically your not 'attacking' the computer do you think that would still count?
script kiddies are the ones who will use automated attack tool without understanding.
Also when massive attack tool are used, I really find this lame.
There is no fun, only fame.

nmap is used during the information phase of the attack. In theory, this is considered illegal (You are not supposed to access a service that is not referenced somewhere).

I would highly suggest to never ever scan back a system even if it's really tempting. It's illegal and you can get into trouble easily
 
Old 04-24-2007, 12:13 PM   #17
nomb
Member
 
Registered: Jan 2006
Distribution: Debian Testing
Posts: 675

Rep: Reputation: 58
Ya, I'm majoring in network security and I have my mcse and ccna. Even tho I spend hours on the computer a day (my wife doesn't like that) I'm still struggling to keep up with all the new stuff. (I just found out today about port knocking -- which I think is really awsome.) I think anyone would prefer professional over anything else.

Some good papers on the legality of port scanning can be found here.

A good one there breaks down the Scott Moultin case where the courts ruled that:

"act of conducting an unauthorized port scan and throughput test of
defendant's servers does not constitute a violation of either the
Georgia Computer Systems Protection Act or the Computer Fraud and
Abuse Act."

Basically what I got was that port scanning isn't illegal. However, I'm not sure about publishing the information you recieve. Either way there are a lot of interesting documents.

And kalabanta:
I posted a quick list for you at the end of page 1. Altho you're on your own for finding where to get them.
 
Old 04-24-2007, 05:17 PM   #18
reverse
Member
 
Registered: Apr 2007
Distribution: Gentoo
Posts: 337

Rep: Reputation: 30
Quote:
One more thing, most definitions tie script-kiddies to using programs to 'attack' computers.
And what about those people who use their own programs to attack computers? They are script-kiddies by your so called "definitions".

Quote:
I was wondering if it would help my Linux career to be more than familiar with hacking in all its forms?
What exactly is your "Linux career"? And I don't think you understand the amount of knowledge one would need in order to be "more than familiar with hacking in ALL ITS FORMS". Think: you need to know how to write exploits, reverse engineering, social engineering, cryptanalysis, etc. etc. etc.

Now if you mean: be familiar with "script kiddie techniques" and use those to try to break into your server, that's a whole different story. An administrator can make tests of greatly varying success on the network he looks after without being able to write a simple shell code to save his life. This doesn't make him a bad administrator, but it also doesn't make him "more than familiar with hacking in all its forms".

P.S.: I don't understand how, so far, nobody has yet complained about the so called improper use of the word "hacker". I suppose people are sticking to the important things, rather than tripping over nomenclature.
 
Old 04-25-2007, 08:44 AM   #19
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 782
Blog Entries: 8

Rep: Reputation: 158Reputation: 158
Quote:
Originally Posted by reverse
P.S.: I don't understand how, so far, nobody has yet complained about the so called improper use of the word "hacker". I suppose people are sticking to the important things, rather than tripping over nomenclature.
The terminology doesn't bother me so much, as I tend to read the context around the word to get the implied meaning and chalk it up to a misuse of the world and move on to other things.
 
Old 04-25-2007, 08:48 AM   #20
nomb
Member
 
Registered: Jan 2006
Distribution: Debian Testing
Posts: 675

Rep: Reputation: 58
Quote:
Originally Posted by reverse
And what about those people who use their own programs to attack computers? They are script-kiddies by your so called "definitions".
That definition is from wikipedia, and that was my point exactly. Glad you see it my way.

In my mind a script-kiddie is someone who uses a program or any exploit for what ever purpose who doesn't understand how it works even a little bit.
 
Old 04-25-2007, 09:38 AM   #21
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 782
Blog Entries: 8

Rep: Reputation: 158Reputation: 158
Quote:
Originally Posted by nomb
That definition is from wikipedia, and that was my point exactly. Glad you see it my way.

In my mind a script-kiddie is someone who uses a program or any exploit for what ever purpose who doesn't understand how it works even a little bit.
Example: directory traveral attempts to gain access to /etc/passwd on an IIS server
 
Old 04-25-2007, 09:47 AM   #22
Crito
Senior Member
 
Registered: Nov 2003
Location: Knoxville, TN
Distribution: Kubuntu 9.04
Posts: 1,168

Rep: Reputation: 53
In my mind a "white hat" or "security professional" is someone who couldn't hack it as a programmer.
 
Old 04-25-2007, 09:50 AM   #23
nomb
Member
 
Registered: Jan 2006
Distribution: Debian Testing
Posts: 675

Rep: Reputation: 58
Quote:
Originally Posted by unixfool
Example: directory traveral attempts to gain access to /etc/passwd on an IIS server
Your response makes no sense. Just because you use directory traversal does not mean your a script kiddie. (didn't think this thread would get into this debate...) Directory traversal is an exploit which is usually done by hand. Hence takes it out of the script-kiddie classification. I guess maybe someone might use a premade script somewhere to do this but most people I know who have used this technique have always done it by hand.

If your confused on exactly what directory traversal is and how it is used you can check here.

Quote:
Originally Posted by Crito
In my mind a "white hat" or "security professional" is someone who couldn't hack it as a programmer.
My everyday job is a programmer. I'm also majoring in network security and networking. I can tell you from personal experience most programmers might know 3, 4, languages well. Where most network admins (who also should be 'white hat hackers' or 'security professionals' if the are good at their job) not only probably know a few languages (I've not met a network admin yet who didn't) but also needs to know a ton of information about networking and security. So if anything I think you have your statement backwards.

nomb

Last edited by nomb; 04-25-2007 at 10:06 AM.
 
Old 04-25-2007, 10:05 AM   #24
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 782
Blog Entries: 8

Rep: Reputation: 158Reputation: 158
Quote:
Originally Posted by nomb
Your response makes no sense. Just because you use directory traversal does not mean your a script kiddie. (didn't think this thread would get into this debate...) Directory traversal is an exploit which is usually done by hand. Hence takes it out of the script-kiddie classification. I guess maybe someone might use a premade script somewhere to do this but most people I know who have used this technique have always done it by hand.

If your confused on exactly what directory traversal is and how it is used you can check here.
It means you're using a tool to blindly assess a box without thought, which is what I see 9 times out of 10 when I'm performing my everyday work duties.

To run a tool that was designed to exploit a Linux application when the target machine is actually using a Win32 application is just plain dumb, which is what script kiddies are...dumb. They are either too lazy to check what the tool does or they lack the aptitude.

Believe me, I'm not confused when I see "../../../../../../../../etc/passwd" in Snort payload and Snort is triggering a definitive directory traversal alert. Directory traversal can be done by hand or can be used in a script which can be leveraged by another tool. Unless you're saying I just saw "../../../../../../../../etc/passwd" 100 times and each time I saw that payload, someone was behind the scenes copy/pasting that into a browser 100 times....I think not.

You might want to take a look at some Nessus plugins. I believe Nessus has some plugins that attempt directory traversal. Commercial products such as Foundscan and Qualys' VA tool also conduct directory traversal, in case you're wondering if Nessus only does this.

Last edited by unixfool; 04-25-2007 at 10:10 AM.
 
Old 04-25-2007, 10:13 AM   #25
nomb
Member
 
Registered: Jan 2006
Distribution: Debian Testing
Posts: 675

Rep: Reputation: 58
Quote:
Originally Posted by unixfool
It means you're using a tool to blindly assess a box without thought, which is what I see 9 times out of 10 when I'm performing my everyday work duties.

To run a tool that was designed to exploit a Linux application when the target machine is actually using a Win32 application is just plain dumb, which is what script kiddies are...dumb. They are either too lazy to check what the tool does or they lack the aptitude.

Believe me, I'm not confused when I see "../../../../../../../../etc/passwd" in Snort payload and Snort is triggering a definitive directory traversal alert. Directory traversal can be done by hand or can be used in a script which can be leveraged by another tool. Unless you're saying I just saw "../../../../../../../../etc/passwd" 100 times and each time I saw that payload, someone was behind the scenes copy/pasting that into a browser 100 times....I think not.

You might want to take a look at some Nessus plugins. I believe Nessus has some plugins that attempt directory traversal.
I agree with your definition completly. And in your example I agree with you as well. It just seemed like you were saying "anyone using the directory traversal technique is a script kiddie." So I was just pointing out that it can easily be done by hand in which case I would disagree. Also, if that person wrote their script on their own I would also not classify them as a script-kiddie because they know how the directory traversal works.
 
Old 04-25-2007, 10:32 AM   #26
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 782
Blog Entries: 8

Rep: Reputation: 158Reputation: 158
Quote:
Originally Posted by nomb
Also, if that person wrote their script on their own I would also not classify them as a script-kiddie because they know how the directory traversal works.
Kiddies borrow tools that others create. I didn't state that kiddies create scripts. If I wrote a script that exploits a machine and I post it to the WWW, the script would be downloaded and most likely used, but used in a dumb manner by joe-shmoh script kiddie. While the kiddie wouldn't create a directory traversal script, he could certainly use it...he just wouldn't use it to its best effect.
 
Old 04-25-2007, 11:50 AM   #27
nomb
Member
 
Registered: Jan 2006
Distribution: Debian Testing
Posts: 675

Rep: Reputation: 58
Exactly I agree completly.
 
Old 04-25-2007, 12:01 PM   #28
Crito
Senior Member
 
Registered: Nov 2003
Location: Knoxville, TN
Distribution: Kubuntu 9.04
Posts: 1,168

Rep: Reputation: 53
Script kiddies are so dumb they need security professionals to tell them who they are. Good thing only people qualified to wear hats can create scripts -- white, grey or black only, sorry red hats.
 
Old 04-25-2007, 12:06 PM   #29
nomb
Member
 
Registered: Jan 2006
Distribution: Debian Testing
Posts: 675

Rep: Reputation: 58
Should we submit that as the new wikipedia definition?
 
Old 04-26-2007, 08:08 AM   #30
sleepyEDB
Member
 
Registered: Dec 2005
Location: /USA/MI/Detroit/home
Distribution: MEPIS, antiX, RHEL
Posts: 105

Rep: Reputation: 15
Thumbs up

Quote:
Originally Posted by kalabanta
Are all these tools mentioned before for windows or Linux?
Check out the Backtrack Security distro. It's a real Linux distro based on Slax and it contains just about every pen-testing tool you would need; except for nessus (due to a change in licensing), but it should be easy to install it on your own.

It also runs off of a LiveCD, or can be installed on the machine if you so choose.


sleepy

Last edited by sleepyEDB; 04-26-2007 at 08:09 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
CEH - Certified Ethical Hacker Crito Linux - Certification 4 11-18-2006 08:33 PM
What is the best platform of Linux for ethical-hackers? maximus1u2 Linux - General 2 02-24-2005 11:09 AM
An ethical question about Mandrake Dreamcast Mandriva 5 07-15-2004 06:13 AM
Gentoo - Ethical? bkeating Linux - Distributions 17 04-15-2003 06:22 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration