But at least knowing that sploit has to be run against OS x of patch level y shows some prior knowlegde and understanding.


and Cutaway: I always do good things

I guess I'll just have to study more in order to be one step above the rest.


I suppose some of this stems from a job I use to be in years ago, where people paid me good(ish) money to build bike wheels for them, as there's something of a black art to that. I was terrified that one day people would realise that anyone who could tell left from right and count up to three could do my job.

First off, I really really need to thank everyone here. Combined you've manage to get me off my backside and actually do something* - rather than just read (and read and read and...) about infosec, with the occational bit of playing. I've now got my self a lab set up, and set out to learn some thing practical.

Now a while back I had a little go with Metasploit when it was 2.x, and to be frank it was a little scary and confusing. I could tell there was a lot of power under the hood, as it were, but I didn't have the time to get to grips with it.

Now I've just set up a 2k server target and installed Metasploit 3 on my attack machine. Without reading any documentation, I started Metasploit for the first time and five clicks and two IPs added later I had owned the target.



Five clicks and a little common sense.



Is anyone nervous that this might be taking the edge off the skills of your profession? I've been unfortunate enough to work with "paper" MCSEs and CCNAs** who have NO idea about what they're doing, and I don't like the way they dilute the skills pool. I can foresee a rash of idiots with meta and a copy of nessus labeling themselves as security consultants (not to mention IRC channels worldwide filled with skiddies who think themselves uber-leet because they took a live CD into school and now have domain admin).

Now I'm not trying to put the metasploit team down, far from it, I can now use the "power" that was just outside my grasp and I can tell I'm going to have a lot of fun with it  and even after a few mins of use I can tell that some very very smart people have spent a long long time making this.

Nor am I trying to put pro-pentesters down, I know there's more to pentesting than just scanning and running exploits*** and the skilled professionals will survive much longer than the unskilled, but how easy is too easy? Wouldn't you like to keep it just a little bit black-art? or is it good that this tool makes it easier for poeple to aproach the topic and then progress to a higher understanding?





* this is no mean feat by any standards
** in the intrests of honesty  you should know I have neither of these qualifications
*** please tell me I'm right on this one

I think I found it easier moving from XP to the totally different OSX, than I'm finding it moving from XP to Vista (which I'm finding more annoying than 2k -> XP)

I use my PowerBook all the time. (and actually a G5 at work, amongst others). I only ocationally have issues with it.

I like it because it's a nice middle ground between a Lappy with windows or linux. It's still a *nix under the hood but I know that if I've got my not-geek hat on I can download an OSX app and *know* it'll run without any dependacy issues. (and yes, yes I'm a sucker for eyecandy)

As long as you get the developers tools from .Mac you can compile apps to your hearts content.

You can get the free MS virt machine for OSX too.

However, I'm the first to admit they're a little overpriced for what they are. The thing that swung me was i could get educational discount and a free iPod!

At retail prices I'd go with a non-apple. Infact there was a dell with almost the exact hardware as the Macbook Pro, for a lot less, that and the reatail OSx and you could have it all on one box!

It's got potential, but I would say the text needs a little bit of work. In my opinion "simple != bad" when it comes to desktop bg, don't want it too busy.


Can I smell a wallpaper compo coming on? (like I need another excuse to fire up gimp)

If so, don't forget us widescreen users when sizing!



Doh, just finished burning BT2 this morning. I am very intruged though.

If CentOs = Redhat then you could just download the RPMs, I know it's not as fun as compiling you own, but it is easier

Just grab the fedora pakage from: http://fluxbox.sourceforge.net/download.php

install as root with
it's only 0.9 but it should still work.

No it's not. there's some rev-eng stuff, some database stuff, some crypto stuff, etc. It's all hacking. Don't try and compartmentalise everything, just go with the flow and absorb everything you can.

I've complete all the challenges there, if you stick with it you'll learn a lot.

As far as I'm aware (I'm sure someone will correct me if I'm wrong) commands only appear in start > run if they've been run from there. So someone had access to his desktop.

There has been a large increase in scanning for VNC servers recently, so I would suspect that was point of entry.

Ace. Cons sound like a blast! Thanks for the coverage ChirsG it's been good reading it.

Now that I want to go to a con even more than before, does anyone know of any sec cons that happen in the UK?

I think that depends on which paper it for, looking at Guys page he's seems to do a lot for broadsheets (good) but one or two peices for tabloids (boooo!)

I'd be happy to talk to him, but I'm a "hobbyist", as Guy put it, not a pro  and there are many better candidates for interview here. (but at least  I'm in the right country)

Don't think that sounds stupid at all.

I think different languages suit different people.

And it depends on what you're using it for, are you using it just to learn how to program or you've got a x that need to do y to and you want to learn how?

Take a look at a few tutorials for different languages and go with the one you feel most comfortable with till you've got the basics, then look at a more specific/useful one if it doesn't meet your needs.

I would recommend looking at perl at some point as there's tons of tutorials and documentation out there and I find it very useful.

I would think hackers are much more likely to use a handle than crackers are to use their real name.

I don't try to hide my real name, it's just easier to type "plik". It means something to me but is unlikely to be registered on forums etc.

I pondered this too, but couldn't work out why you'd want to do the full handshake for services that aren't there. And why those ports?



If you can connect that's my NAT idea down the drain!

I've not heard of nmap having false positive issues with connect scans before. So I think we can assume you scanned *something* the lack of 1023 returning makes me think the scan never reached your box. Are you sure you scanned the right IP
Traceroute turn up anything interesting?

Can you actually reach ssh and webtool?

-stab in dark-
Because *something* has responded on those ports I'd say it was a routing/NAT issue. Do you have any windows boxes running IIS and mail on site?
-/stab in dark-

What version of nmap, on what OS?

and what type of scan were you running?