 |
|
|
|
 |
R.j.
Di piú! di piú! di piú!

Registered: Feb 2004
Location: L, TX, USA
|
|
|
| quote: | Originally posted by Dj Nacht
Meh for school... I rather stay home and read books. Got my Network+ cert this way and my A+ one very soon. If people are really interested in hacking they could always go for the Security+ cert to get started. |
Well, I'm already attending college, so I might as well. But I'm not interested in "actually" hacking, just being in the know; sort of a dilettante of hacking.
___________________
Mixed Genre Mixes [50s, 60s, 70s, 80s, 90s, 00s]:
MGM 6 /
MGM 5 / MGM 4 /
MGM 3 / MGM 2 / MGM 1
Electronic Dance Music Mixes:
EDM 7
|
|
Aug-28-2009 22:21
|
|
|
 |
 |
trancechan
Supreme tranceaddict

Registered: Jun 2009
Location: los angeles
|
|
|
Aug-28-2009 22:32
|
|
|
 |
 |
Dj Nacht
Supreme tranceaddict
Registered: Feb 2003
Location:
|
|
|
| quote: | Originally posted by R.j.
Another question: if I wanted to read up on the fundamentals/basics of what the hacker's knowledge consists, which book would I be looking for? |
Humm depends how much you know about networking and computers already. If you know what an IP address and all that is already, go for this book.
http://www.amazon.ca/CompTIA-Securi...51498808&sr=8-5
Once i'm done my A+ im going for the security+ and buying that book
That author is the king of making books for computers, he explains everything in detail from the beginning.
|
|
Aug-28-2009 22:36
|
|
|
 |
 |
itsamemario
Divine Angel

Registered: Jun 2001
Location: Mushroom Kingdom
|
|
|
Aug-28-2009 23:47
|
|
|
 |
 |
Zoso
Banging Gangs!

Registered: Mar 2006
Location: Dirty South, United States
|
|
|
As others have indicated, there is no shortage on ways to “hack” a computer or a network of computers. From buffer overflow exploits to social engineering, if you want into a given computer or network, there are many, many ways to get in.
Let’s say, for example, I want to get into a specific company’s network. The first thing I am going to do is research them using search engines. I’m going to look up their IP addresses (WHOIS queries, etc.) and then see what, if any, servers allow me to do a zone transfer of their DNS records, for example. I’m going to see if I can find Autonomous System Numbers (ASN) to determine routing protocols in use and routes data might take. I’m going to find out their mail servers’ IP addresses and see what ports are open and what software they are using to host their mail (POP3, SMTP, RPC over HTTPS, e.g.).
I might then use a scanning tool like nmap to conduct stealth port scans to see what ports and services the company’s public facing server(s) have open and running. Then I might use Google to search for know vulnerabilities in those services and applications. I might use the Metasploit framework to then exploit those publicly known vulnerabilities. Assuming I successfully exploit a public facing server, I will execute code to install some sort of back door that will give me root/admin access to that server. I’ll upload any additional tools I might need. Then I’ll start scanning the network’s internal IP scheme to look for additional nodes to exploit. Assuming they’re not filtering outbound traffic, I’m going to open an IRC port. I would probably also delete/modify any logs on the server and see if I can modify IDS/Syslog files as well to mask my presence.
Basically all computers communicate using the OSI model. The OSI model has seven layers which data flow through. There are vulnerabilities at each of these layers. From the seventh, or application layer, right down to the first, or physical layer, (you can snag data right off the physical copper lines if they are unshielded, as the data is just a series of electrical pulses at this point) there are vulnerabilities to exploit. It’s just a matter of how bad you want in!
A lot of people’s personal/home computers get owned like this: they are running unpatched versions of Windows directly connected to the Internet with a cable/DSL modem with no hardware based firewall. So all those handy dandy Windows ports/protocols are facing the public Internet naked (NetBIOS, etc.)! You can own a Windows XP SP1 box in mere minutes of it touching the public Internet without a firewall. Phishing is another good way to steal a person’s credentials for various sites. “Free” screensavers used to work pretty well, too. Really, there is no shortage of ways.
You get the idea...
|
|
Aug-29-2009 00:37
|
|
|
 |
All times are GMT. The time now is 14:30.
Forum Rules:
You may not post new threads
You may not post replies
You may not edit your posts
|
HTML code is ON
vB code is ON
[IMG] code is ON
|
|
|
|
|
|
Contact Us - return to tranceaddict
Powered by: Trance Music & vBulletin Forums
Copyright ©2000-2026, Jelsoft Enterprises Ltd.
Privacy Statement / DMCA
|