When I first mentioned that I wrote this, it was suggested that I publish it.  So... here it is:

http://www.industrial.mu/tools/php2relay.txt

Basically, it's a quick and dirty open SMTP relay tester that will work on a range of IP addresses.  Yes, it's written in PHP, and you'll need PHP5.  (I suck at teh Perl, so... deal )

Just copy it, save it, run it with> php php2relay.php (options)
Or make it executable, and drop the initial php.  Should process either way. 

Also, verify your php binary with "which php" and modify the first line as necessary.

Have fun, use responsibly, let me know if there are any questions.

If you've read my "I was bored" post, you kind of know where this is coming from.  Anyway, I'm curious what languages people like to code in.  Could just be for some small, quick thing, or for a huge project (one of the guys I work with writes major dynamic websites in Perl, I think he's coo coo). 

So, let's have it.  Favorite language(s), and why!

I may actually GPL it after I dink with it some more.  I just don't know if I want to be associated with authoring such a "tool"...

It really came about form my post a couple weeks back looking for an open relay server to use.  I started looking at scanners/testers, and they all seemed pretty lacking, so I figured I'd slap one together myself.  My goal was to do it in Perl though (since my perl-fu sucks)... but, I just find Perl to be... so... yuck.  So, after trying really hard to do it in Perl for a solid five minutes or so, I gave up and went to PHP, really just to see if it could be done.

All the other security people at my job (that can code) use Perl, and I'm always getting bashed because I script in PHP.  They keep saying how lacking it is, Perl's better, etc.  I actually gave my PHP code to one of the Perl guys and said "do this in Perl, so I can look at your code and relate."  It still looks like gibberish to me.

Which brings up another interesting topic to post... STAY TUNED!

When I took the exam a month ago, I was surprised by the number of questions dealing with:

-Snort Signatures (what does the following sig detect? which of the following sigs would you use to detect x? etc.)
-Packet Analysis
-What programs are used to do what (Loki is use for what?)
-Poor interpretation of the English language

G'luck!

Anyone get a chance to attend this?  I didn't make it in to the office early enough and missed it.  An overview would be swell!

...and wrote an SMTP open relay tester... in PHP... for no good reason.  (and it works pretty good, for only taking a couple hours to bang out.)

The moral of the story?  This post really has no relevant information.

Wow... a half million pictures of airhead teenage girls doing stupid poses in PhotoBooth from the Apple Stores.  Fun.

(Oh yeah, I work part time at an Apple store.  My comment probably isn't too off the mark.)

This probably teeters on the realm of ethical, but I have to do some testing for a scenario, and I need to detail what a spoofed email coming from an open relay looks like (headers and such).  Does anyone know of a repository of open relay servers?  Everything I've found so far is either outdataed or just leads to software to test for open relays.

If this crosses a line, feel free to delete.

Oh.  Really?  Errr... I  have to, uhh... leave the country for a while! 

Seriously though, even though InfoSec has become a "career path" and you can study at the university level for it, the classroom environment is so totally different from the real world environment.  Of course, maybe I'm biased, I barely squeaked through high school and never did the college thing, but I've worked with a lot of "just out of college" people (in many different IT areas), and when it came to real-world scenarios, they just seemed to be lost.  I even had one guy I was training get in my face and tell me, "that's not how they showed us in school!"  So, his lesson for the day was to try to fix it himself.

Now don't get me wrong, I'm not against the whole higher education thing, any knowledge is good knowledge (unless it's incorrect knowledge), but I still believe that there's no substitute for good `ol fashioned experience.  I think the fact that I started as a third shift button pusher and learned everything along the way is much more valuable that a degree that costs $120k or whatever college is going for these days.

Alright, done ranting... for now.

Step 0.1 in becoming a h4x0rzzz... practice your google-fu!   

I couldn't agree more.  I was going to post something similar to someone else's request of "how do I start?"  However, being new around here, I didn't want to come off as snobbish.  But now that someone else has said it first...

I don't think becoming a successful "hacker" or pen tester is just saying "I wanna be a hacker" and studying a few books on that subject.  To really be proficient at the art, you have to have a solid understanding of just about everything IT related.  Some 23 years ago, I wrote my first war dialer to snag... well, stuff.  Wrote it in basic on my Commodore 64.  While I did have a goal for that program, it was also a chance to learn how to interface my program with external devices and such.  Since then, I've tried to learn as much about everything as I can.

My professional career pretty much is as follows (the short, abbreviated list):  3rd Shift Button Pusher, Helpdesk/App Support, Desktop/Network Support, Server Support (Windows/Linux), LAN/WAN Administrator, WAN Manager, Security Person.

The list of technologies I've learned and studied are way too numerous to list (and surprisingly, one of the most enjoyable books I read (cover to cover) was a book on Frame Relay technology seven or eight years ago).  But you really do need an extremely well rounded skill set to do this kind of work. 

So, you kind of know about TCP/IP, and know how to use nmap.  Fantastic.  Now, go pen test this box running Linux, Apache, MySQL and PHP.  There are another handful of technologies you need to work with.

Anyway, I guess the short version of the story is, I don't believe there is a quick path to "being a hacker"...

That being said, the thing I would add to Kev's list of things to get started with would be, learn how to read packets.  Ethereal/Wireshark is also pretty indispensable for knowing what's going on under the hood.

From your description, you have a company that's using an ISP services for Web Hosting and Mail.  Their connectivity to the internet is also probably through the ISP as well, so in theory, there are two different types of targets.

Your first target is going to be the web/mail server.  This is the IP address you should receive when you whois their web server.  Most likely, their web server and mail server are on the same box (most likely in a shared hosting configuration).  Your legitimate pen testing on this box will most likely be in the app pen testing arena, but you won't be "in the company" if you can get any access.

The second target is going to be the company connection to the internet  itself.  If the company is using a standard ISP for connectivity, they probably have a DHCP assigned address, and they are just like any average home user connected to the internet.  Performing black box recon against a target like this is difficult at best.

If you are testing assets owned by an ISP, used by a 3rd party company, make sure your written agreement has verbage that addresses any concerns of the ISP in case they come hunting you down.

If you can manage read the TCP/IP Guide cover to cover, I'll be impressed!   

Hey Don!  Thank you as well for the welcome.  From what I gather, you're the keeper of this place.  Thanks for creating a nice site for ethical discussions of hacking and the like.

From what I can deduce, the ChicagoCon appears to be put on by EH-Net.  I'm actually really interested in that if there's going to be an `08 version.  I'm just next door in Iowa, so that's be a quick and easy one to get to, and I really like the event list that was posted for `07.  Do you have any news on an `08 C-Con?

Thanks for the warm welcome.  My un-desire to approach the CISSP basically comes from the fact that I looked over the material in a couple of books, and it all seemed very management/policy oriented.  Booooring!  I'm a techhead, so really digging in to policy and the like is incredibly uninteresting.  Considering the length of the exam, and the breadth of the material, it just seemed like I would have to memorize a bunch of stuff I really wouldn't use in the real everyday world.  Who knows, my company will probably require it at some point, then I'll just be screwed, I mean, urged in to taking it.