|
EH-Net
|
|
May 22, 2012, 08:13:57 PM
|
 Show Posts
|
|
Pages: 1 ... 3 4 [5] 6 7 ... 58
|
|
62
|
Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: how do you create a home hack lab?
|
on: November 01, 2009, 08:24:46 AM
|
Hi and welcome to the site. Check out Wilhelm's book on creating a pentest lab, I reviewed the book for this site here which also includes a sample chapter, which could actually be the best place to start for what you are attempting. I've spent the last year+ building up a working environment and am starting to get to a point I feel the first version of my lab is 'complete'. I've documented a lot of my working on my blog, relevant posts are tagged with lab. Hope this helps point you in the right direction, happy hacking --Andrew Waite P.S. Just taken a look at securit.org as I hadn't come across the site, and that is some coinage they asking in membership fees. I'll mirror info_genius' question; Anyone have any experience with securite.org? |
|
|
|
|
63
|
Features / Book Reviews / Re: [Article]-Applied Security Visualization
|
on: October 28, 2009, 07:19:59 AM
|
Hi All, Has anyone read this book and been able to apply the information in real-world situations? I have recently been reading through the SecViz site and have always found the idea of visualising logs/events/etc. interesting, but given the current climate I can't afford making purchases that don't result in real world applications. Any/all advice would be appreciated. Andrew |
|
|
|
|
65
|
Ethical Hacking Discussions and Related Certifications / OSCP - Offensive Security Certified Professional / Re: issues with OSCP
|
on: October 21, 2009, 03:15:56 PM
|
|
Mambru,
I can understand your frustration, but like others I can understand why OffSec are taking the route that they are, given the nature of the material they teach they will need to protect themselves and be cautious.
From my experience communication from them can be sporadic and slow at times so depending on timescales I won't take it to heart yet. Assuming you are legit (no disrespect meant, don't know either way) try to catch one of their guys in the irc forum (#offsec), found it the quickest way to get an immediate response.
|
|
|
|
|
66
|
Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: Rapid7 Acquires Metasploit
|
on: October 21, 2009, 03:06:05 PM
|
I'm trying to see the positive side: - corporate backing means resources for testing and development
- Core people getting paid to work on MSF means that the project doesn't suffer when 'real' work gets in the way
- Corporate backing means MSF gets 'approved' for use by companies that don't 'do open source'
Until this point HD and team have done a great job of getting Metasploit off the ground and keeping it growing and evolving to meet changing times. I'll keep faith that this won't change. Regardless of the future of an unarguable great free tool, that I'm sure everyone on this forum has used to a greater or less extent, I'd like to thank hdm and team for the work that has gone into the project so far. I'm pleased to see the hard work is paying off. |
|
|
|
|
67
|
Features / Book Reviews / Re: Hackers' Handbook 3.0
|
on: October 21, 2009, 07:12:18 AM
|
|
I own the second edition.
Found it a good resource at the time as I was new to the game. Covers everything/most in sufficient detail to understand what is going on but possibly not enough to actually implement the material. But all sections generally have a several good quality links to research further if it piques your curiosity.
Overall is a decent book to start with, cheap enough and small enough for initial dive into security/hacking, but isn't in depth enough to entice me to upgrade to the latest version.
Andrew
|
|
|
|
|
69
|
Resources / News from the Outside World / Re: How dangerous are hacked robots?
|
on: October 16, 2009, 10:23:09 AM
|
Andrew, wasn't there an episode of The Simpsons where Bart switched a bunch of roomba to "evil" mode and they ended up attacking people?  Managed to miss that one, but we've got a guy here with a phd in Simponomics so I'll need to track it down to watch. Purely for research purposes obviously... No such thing as foolproof...
True, but if I'm reading that story right the incident in question was the result of a software/hardware fault, not someone maliciously utilising the fault to cause damage? I had a lecturer that started his career coding systems for the military. Stated that he quit as the stress was too much, suggesting that you'll look at an array out of bounds error differently when you've seen it kill people in a simulation rather than just mess up an HTML page. |
|
|
|
|
70
|
Resources / News from the Outside World / Re: How dangerous are hacked robots?
|
on: October 16, 2009, 04:47:47 AM
|
I haven't looked at robotics from a penetration testing perspective, but my degree course specialised in industrial systems so I have some knowledge of robotic design and coding. The design process for industrial type systems are some of the most in depth I have encountered within IT. From provable real-time mathematical proofs to fail-safe design logic. I don't want to suggest the systems are unhackable, especially as the designers/coders are only human, but coupled with the fact that the systems are often bespoke designs, from system requirements, hardware configuration and application software it is going to take some considerable skill and resources to pull off. I'm fairly comfortable that this sort of threat will remain science fiction for a while yet. As Ketchup suggests, the threat will be more apparent as robotics become more common place, but I'm not sure how much damage someone could inflict by taking control of a Roomba, potentially a couple of stubbed toes? just my £0.02... |
|
|
|
|
73
|
Ethical Hacking Discussions and Related Certifications / Other / Re: living amongst whore hackers
|
on: October 04, 2009, 08:05:38 AM
|
|
Becca,
based on the description of your findings it sounds like your system is part of a botnet. Unfortunately this is far from uncommon, and in most cases has nothing to with the legitimate owner of the system. Best advice is to run an anti-virus scan and handle the infection that way. If unsuccessful, rebuild the machine from the ground-up and proceed as normal.
If you have evidence of illegal activity from your investigations then I would advise passing the information to the relevant authorities, again proceeding as normal once the information is handed over.
Whilst I don't know the full extent of the information that you have, or believe you have, I would advise against hiring anyone; there are a lot of unscrupulous individuals willing to take advantage of those in a vulnerable position. Attempting to proceed further yourself may open you up to legal recriminations depending on the actions you take.
As for the remaining content of your posts I am not qualified to assist, I would suggest doing the same as you have done here, request the assistance of those more knowledgeable in the given field.
|
|
|
|
|
74
|
Ethical Hacking Discussions and Related Certifications / Other / Re: living amongst whore hackers
|
on: October 03, 2009, 07:00:10 AM
|
|
Welcome to the site...
What do you want to know?
What do you know?
Where have you looked?
Don't pay (at least initially) more than enough high quality information available free of charge.
Read through these forums, plenty of info to get you started and point you in the right direction, and if all else fails: Google is your friend.
|
|
|
|
|
Loading...
|
Forum 
Security : CISSP Boot Camp at Training Camp worth the extra $$ ???
Tools : Nmap 6 Released
Links to cool sites. : CODENAME: Samurai Skills Review at Darknet
