I think there's a problem with your approach - could you give us a bit more information as to your technical ability and background - how experienced are you with computers?

I hope you realise that Linux is an operating system not a program?  could you run us through the specific steps you took after you downloaded it?  I hope you didn't just doubleclick on the iso?   better yet - you may want to try ubuntu forums for installation troubleshooting.

I'm also curious as to what you want to learn - computing is a very wide field and even in computer security there are a number of paths you can go down.  there are a number of "get me started" threads on these forums if you'd like to have a read of them and come back with some more specific quetstions.....

have a good read of this thread also - perhaps may clarify some things for you:
http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,2902

looks like there was a slashdot article about adeona also with some interesting comments from people.

I also found this thread just looking through this site.

http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,1796.msg7055/topicseen,1/#msg7055

I think I'll investigate it anyway - if they steal a computer and re-image then it's no different from them not re-imaging and not having a piece of tracking software installed.

hmmm.... 

A while ago, my house was broken into and my laptop got stolen, there was 5 years worth of personal projects, photos and just stuff that was worth more to me than the thief probably got from the ancient laptop itself.  As far as security goes - generally you're advised to take photos of your electronic goods, make note of the serial number and perhaps paint some identifying mark in UV paint.  On the non-physical side, it's recommended that you encrypt your hard drive to protect your information, but I've been thinking recently:

I'm not satisfied with just knowing that my data is safely encrypted and I'll get my insurance money back.  I want my damn laptop back, or at least I want to see the thief get prosecuted. 

So my thought is this:  Why should I not install a rootkit that mails me every X time-period that the computer is connected to the net with its IP address?  I'd encrypt anything valuable on my hd and I'd leave a guest account with limited privileges open so the thief would have a greater chance of logging in with it.  This way it would be comparatively trivial to track the thief physically if not be able to identify them directly through an ISP accout.

At this point in my line of reasoning though, I had this sinking feeling as I had a vision of the only conclusion of this line of thought: Security Companies that supply rootkits which dial home to their servers with identifying information.  They would sell this as a guaranteed way to ensure that either your computer hardware is recovered or the criminal prosecuted or both.  "get kitted" the slogans would scream, and it would be the latest thing to have a security rootkit addon installed.  Worse yet, what if the government encouraged this scheme and/or provided these tools to everyone for the same reason... Not that I'm anti-authoritarian, but I'm slightly paranoid about this sort of thing. 

Anyway: Thoughts?  Rootkits are not something I'm at all familiar with yet. Would a "white hat" root kit like this be feasible option? 

Thoughts, comments?

Nick.

This is really great!  it needs a lot of work still, but it's great as just a brain dump like you've mentioned.

I havn't gone through every tool linked religiously, but have you included everything mentioned in Fyodor's top 100 tools list here?


there also appears to be a spelling mistake here:
"pentest mokney.net"  should be monkey...... I know, it's a stupidly trivial thing and I'm ashamed for even pointing it out. 

I'd highly recommend subscribing to the bugtraq mailing list - this is where a lot of new vulnerabilities get posted, and you'll see vulnerabilities that you may not understand - you can then go off and try to understand them by downloading a copy of the software in question and experimenting yourself.

But seeing as you're new, I'd strongly recommend following a tutorial or finding a program with an existing vulnerability and using it to understand what's going.

try this example of a buffer overflow vulnerability using a similar setup to what you have (I think I've linked to this one before in your previous thread - yes, I am Madirish.net fanboy).

It's a very easy to read tutorial for exploiting a known bug in an old version of an FTP server. 

You shouldn't be worried about attacking your own virtual machine - to start with you should be choosing your exploits for the sole purpose of understanding the process and the vulnerability - knowledge and discovery is the goal, not trashing your box.  and even if you do end up trashing it, just rebuild the VMware image.

If you want a learning path, try what I'm doing:  I've taken the course outline for the offensive security 101 course found here and am working through each module teaching myself as much as I can about different vulnerabilities and attack vectors. 

Don't forget, there's also non-network related attacks such as XSS and SQL injection that you can play arround with also - download a copy of SQL server and build yourself a simple ASP or php website and hack it!

I just had a quick look at the exam FAQ's for those that you mentioned and found here: http://www.securitycertified.net/exam_faq.htm

the following:


I would highly recommend that for any exam you don't rely solely on practice exams to give you the knowledge that you need to pass exams.  if this was possible, the certification would be essentially worthless as people with no experience could easily pass the test just by memorising things.  from the description above there will be quite a few practical examples that you will need to have more than just a learned-by-rote knowledge to complete.

in addition, you'll notice the section that I bolded in the above quote.  if you're going to buy any practice exam, I'd recommend buying the one they authorise - there is a better chance that it will reflect the style of the actual one.

Your enthusiasm is really great, but your question is very much like asking: "Hi all - I want to learn how to drive, what does everyone use?  SUV's or hybrids, and what type of fuel?"

And the answer that has already been given is akin to: "What you drive and the type of fuel you use is entirely irrelevant to the task of getting somewhere in a vehicle"

What operating system you use is particularly irrelevant when you're trying to find or exploit a vulnerability in a remote system (which most of the time is what you would try to do), because it only matters what is running on that system and so long as the tool that you're using to do it works, then it doesn't matter what operating system you're running. And besides, due to VM tools you can essentially pick whatever you prefer anyway.

Take this article on writing windows buffer overflows in this particular case, the author used a windows box running VMware, but it could just have easily been done from a linux box running VMware or a separate physical machine could have been used just as easily. 

Another analogy would be: "Hi, I'm trying to learn how to make wooden things, does everyone use hammers or screwdrivers?"  you use the tool that is best suited for the job.

In addition to this, there are a number of Live CD linux distributions that come preconfigured with a number of useful tools.  So this makes it even more irrelevant what operating system you're running.  Some tools run equally well on windows and linux and so it doesn't matter which you have. 

Sorry if this post sounded like a rant.  You'll find that if you want a more specific answer, you'll need to ask more specific questions. 

Keep reading!

I'd highly recommend learning a flexible scripting language like Perl or Python.  I've not learned python myself, but I've found knowledge of Perl to be invaluable at times when you want to do some quick automated task, (such as taking the tedium out of blind SQL injection for example).

seeing as maybe you're wanting to write your own tools, you should also learn C - it's not hard to pick up and is quite powerful as it is a low level language and will teach you quite a lot about the intimate details of how a machine runs. 

if you give us a bit more detail about where you're comming from and how much experience you have and in what areas we may be able to direct you more specifically.

I'm also in a similar situation as the op, about to embark on retraining for a potential pen-tester/information assurance job, with the difference that I've been a developer for quite a while now and want to move into the infosec side of things. 

I obviously can't speak from experience, but the way I'm going about it is to learn Assembly language and reversing software first, then moving onto other aspects.  I havn't really got a plan for it past learning to reverse at this stage, but I chose this way because it teaches the fundamentals of how computers work at a very low level.  it is also foundational for finding and executing buffer overflows for example and understanding exactly how malware works.

Thoughts?

I had looked at the SANS course, and although it looks good I'd heard they were fairly expensive, there's also a time limit on the availability of the online content which I think is not the case for the infosec institute course (although I'll check). 

I'm not in it for the certification and my company is not paying for it so I'm hoping I've made a good decision - will find out within the next month or so I guess.

I guess not many people have done this or are interested..... this thread is now the second result in a google search of the entire interwebs for "Certified Reverse Engineering Analyst"   

Hi All,

I was just wondering if anyone here has completed the Reverse Engineering Course offered by the InfoSec Institute and/or completed the certification?

I'm just curious becuase I have searched these forums a bit but can't seem to find any reviews on it.  I'm about to take the course myself as they're releasing it in an online format so I don't have to travel to the US to do it.

I'll definately post a review myself when I finish it.

oh, by the way - this is my first post - this looks like a good set of forums, I hope to be able to contribute to it in the near future.  :-)

Cheers,
Nick