The Ethical Hacker Network

bkevin

Newbie

Offline

Posts: 4

Fresh meat

« on: August 17, 2007, 12:55:16 PM »

Hello,

First of all my name is Kevin, aged 19 and living in Belgium - Europe.
I've studied and graduated in network management this year, yet I feel like I don't know enough yet. I'd like to specialize in security as it's in my eyes the most fascinating subject in a computer network.
Now after googling and browsing a lot to find a decent community, I found this website.
It looks like my thoughts were right, and I do have a lot to learn about this all.
Some of you (if not most of you) think 'oh no, another guy who wants to become a hacker', well you're right, I do want to become a security expert and hopefully build a career with it.

Since one has to begin somewhere, here are some first questions, if someone would want to answer them, that would be great!
1) I am currently using windows xp, I will get myself a new machine and install Ubuntu on it, is Ubuntu any good or are all distributions basically the same except the way they work?
2) Currently I have no programming skills whatsoever. I don't want to go off and start using tools that do everything for me, giving myself the idea that I'm doing great, so what language should I start with?
3) Are there any tutorials for complete beginners such as myself to start with on this website? I've been browsing in the tutorial forum earlier, but by the looks of it, it's directed to those that are already skilled in the world of hacking.

Hopefully I'll learn a lot in this community, as I'm eager to get started.

Regards,
Kevin


	Logged

BillV

Hero Member

Offline

Posts: 862

Re: Fresh meat

« Reply #1 on: August 17, 2007, 01:22:42 PM »

Hi Kevin,

Welcome to EH-Net! We're glad you decided to register and join our community and we all look forward to your continued participation

Congrats on graduating in network management, sounds like you're off to a very good start! Can I ask what sort of studies were included in your network management courses?

Security is not really something that would be considered 'entry-level' and you can't just jump into it as you can with other computer aspects. To become a security expert, you'll need a very well rounded and in-depth computer background. Keep in mind, there are different paths within computer security as well, but I'll keep this reply pretty general. I also am still new to the field and you'll probably get some other great advice from some of the other members that have been working in the field for some time.

Anyway, onto your questions...

1) Windows XP is perfectly fine. If you have enough RAM, or have the finances to purchase some, I would highly suggest getting a copy of VMware (or MS Virtual Server). With a Virtual Machine, you will be able to run multiple computers within a single machine. This is great for people learning security! That way you don't have to worry about having multiple physical computers, or partitioning hard drives. Ubuntu is a great place to start on Linux. The reason being is that the support community for Ubuntu is incredible. I would also recommend Fedora for beginners as well. Both of those OS's have good community and hardware support.

2) Heh.. this is just asking for an argument

Keep in mind, it's not required to know how to program to be in security (although it can tremendously helpful). Again, this somewhat depends on what type of security you're looking towards. If you don't know it already, I would suggest starting with something easy like (X)HTML. At least knowing that, you'll be able to understand what's going on with websites. From there, you could either go further into web, such as PHP or ASP which will give you a better understanding of how dynamic sites communicate and work with a backend database, or you could go into C which will allow you to understand most exploit code and also allow you to write your own (as many exploits are written in C). C will also give you a good base for going to other programming languages.

3) I'm not sure if we have anything like what you're looking for in a tutorial form. I'm not sure you'll really find that anywhere. What I would suggest is checking out a couple of books.. Counter Hack Reloaded, Gray Hat Hackers Handbook, and the CEH Review Guide by Michael Gregg. Each of those provides clear samples/examples of tool usage. The Hacking Exposed books are normally good references also. In addition, this entire community can provide a lot of support on specific questions you have, and most of the time will provide you with an answer. All you have to do is ask

I hope that helps answer your questions at least a little bit, and I'm sure others will reply soon too.

Best of luck to you


« Last Edit: August 17, 2007, 10:59:02 PM by BillV »	Logged

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 2347

Editor-In-Chief

Re: Fresh meat

« Reply #2 on: August 17, 2007, 01:26:30 PM »

Welcome to our growing community. There are plenty of resources on the site for the beginner. I'll try my hand at recommending what will work for you and answering your questions:

1. Any Linux distro has the same core, so, for a beginner, it's more important to get your feet wet with any distro than to stick with Windows only. After you get comfortable, then you can branch out and find the distro that works for you. As for a great distro with hacking tools, try BackTrack.

2. Go to the /root section and read the intro to programming articles by Craig Heffner. You won't be sorry. As for what language to start with, try these threads:

Steps for The Ethical Hacker to learn programming

Do you need to know programming to hack?

There are also lots of great resources on this site if you type in "programming language" into the search box at the top of the page next to the menus.

3. As for beginning tutorials, maybe a good place to start is the Book Reviews Section.

I think if you utilize these resources, you'll find more along the way. Also, don't be shy. Ask as many simple questions as possible. You'll find that this community is unlike any other in acceptance of newbies. We all started aomewhere, and we're all willing to help. Plus, the more you ask in a public forum, the more others after you will learn and advance their careers as well. That's why we're here.

Hope this helps,
Don


	Logged

CISSP, MCSE, CEH, Security+ SME

jimbob

Sr. Member

Offline

Posts: 307

Re: Fresh meat

« Reply #3 on: August 17, 2007, 01:52:16 PM »

Welcome! I'll not repeat the sound advice of other, just wish you a welcome stay here. Sounds like you are ready to see just how deep the rabbit hole goes

Jimbob


	Logged

oneeyedcarmen

Full Member

Offline

Posts: 205

Klaatu, Borada,Necktie?

Re: Fresh meat

« Reply #4 on: August 17, 2007, 02:10:09 PM »

For your third question, I'll have to recommend Learn Security Online. I'm a regular visitor to their site, and it's run by EH Net's own Chris Gates. (there's my obligatory plug, Chris).

Chris and Joe McCray have put together some nice references for the beginner along with some hands-on tutorials. You'll find that quite a few of us are members of both forums.


	Logged

MCP, Security+, Associate (ISC)2

ChrisG

EH-Net Columnist
Hero Member

Offline

Posts: 1037

Re: Fresh meat

« Reply #5 on: August 17, 2007, 06:31:19 PM »

hey thanks for the shout out!

we're trying :-)


	Logged

...tests i took go here...

http://carnal0wnage.blogspot.com/

bkevin

Newbie

Offline

Posts: 4

Re: Fresh meat

« Reply #6 on: August 18, 2007, 07:14:22 AM »

Thank you all for the warm welcome

Quote from: BillV on August 17, 2007, 01:22:42 PM

Congrats on graduating in network management, sounds like you're off to a very good start! Can I ask what sort of studies were included in your network management courses?

Well we've seen quite a lot, but not that in depth. We've made our first steps into Linux with Ubuntu, later with SUSE 10. Our teacher wasn't any good himself, so it came down to self study, just to be bollocked by that teacher. This took away a lot of our courage to continue with Linux. But I'm sure this can't be a problem

What we've seen in linux was DNS, mySQL, apache, vmware, ipcop, but because of the teacher we didn't see it decently. So I know what they do, and I remember some of it, but I wouldn't be able to set it up without a guide or so (which I will look up later).

On Windows platform we had an excellent teacher who taught us a lot, more than he had to. We've seen W2003 server, its functions & some applications (ISA, exchange), how to let them communicate with other computers, VPN, ...

Other than that, we've seen very basic stuff such as making network cables (not impressing but hey, it needs to be done Cheesy

), (manual) subnetting, network architectures, ...

In order to succeed, we had to make a project of our own choice, ofcourse it had to be related to networking. I did mine around DMZ's and devices in DMZ's (IDS, honeypots, ..).

Hope this answered your question.

Thank you to all the rest for the useful links, I will read the articles from Craig Heffner as soon as possible.
Learn Security Online has been added to my favourites, together with EH-Net.

Something that will make it easier for me to see the bigger picture might be making a list of things to read and to do. I'll get into that today & tomorrow.

About vmware, the cpu power isn't any problem, harddisk space will be.
Question is, do ubuntu and backtrack support dualcore cpu's trough vmware?
If not, I'll set up a pc with a singlecore cpu.

Now, on to the planning!


« Last Edit: August 18, 2007, 07:21:27 AM by bkevin »	Logged

BillV

Hero Member

Offline

Posts: 862

Re: Fresh meat

« Reply #7 on: August 18, 2007, 09:32:10 AM »

Quote

About vmware, the cpu power isn't any problem, harddisk space will be.
Question is, do ubuntu and backtrack support dualcore cpu's trough vmware?
If not, I'll set up a pc with a singlecore cpu.

Good question. I'm not too sure. I just recently got my main computer back in working order and haven't gotten around to re-installing any Linux OS'es yet. I would imagine that you'd still be able to run them on a computer with a dual core whether they support it or not.


	Logged

Manu Zacharia (-M-)

Full Member

Offline

Posts: 193

Re: Fresh meat

« Reply #8 on: August 18, 2007, 08:53:06 PM »

Hi bkevin,

Welcome to EH-Net.

Adding to what Bill and Don stated here, I suggest you to get into the core of TCP/IP and its associated protocol suite. Also under the programming list, you can add Perl which will always give you an upper hand.

Most distributions of Linux ship with kernels that have Symmetric Multi-Processing (SMP) support built in. The following command will tell you how many CPUs your kernel is recognizing, both physical and virtual.

Code:

cat /proc/cpuinfo | grep '^processor' | wc -l

If it is not displaying your dual core, you can compile and install your own kernel with SMP support enabled. Google for kernel compilation documents. This is a good link:

http://www.linuxfocus.org/English/July2002/article252.shtml

Backtrack and Dual Core

Backtrack2 does support Dual Core. (Refer - http://remote-exploit.blogspot.com/2007/01/backtrack-2-new-base-design.html) However, older versions of BT has issues booting on Dual Core machines. By default, BackTrack will use a single CPU. To attempt to use both CPU's on a dual core system, add the letter “d” to any boot parameter. For example:

Quote

bt load=server|pxe|test1 (for single CPU)

would change into:

Quote

dbt load=server|pxe|test1 (for Dual Core)

Wishing you all the best. Happy Learning.


	Logged

Manu Zacharia
Certified ISO 27001:2005 (Information Security Management System) Lead Auditor
Promote the Information Security Day
Visit - http://www.informationsecurityday.com

bkevin

Newbie

Offline

Posts: 4

Re: Fresh meat

« Reply #9 on: August 19, 2007, 11:17:36 AM »

Thanks for the guide Manu Zacharia.
Now I downloaded the latest version of Backtrack, tried to install it with VMWare server. After hassling with the resolution (which was in 640x...), I finally managed to let it install. I followed this guide: http://www.offensive-security.com/documentation/backtrack-hd-install.pdf
When it finished installing, i rebooted the virtual machine and put boot from HDD as first in the BIOS. After saving & exit, I couldn't wait to start exploring backtrack. Problem is: Backtrack won't boot at all, not from the harddisk that is.
I couldn't find any solutions trough google, so here I am, asking for advice Huh

Thanks in advance


	Logged

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 2347

Editor-In-Chief

Re: Fresh meat

« Reply #10 on: August 19, 2007, 12:03:37 PM »

We're testing the final version of EH-Net's version of BackTrack 2. Our version not only has Metasploit 3 and some other enhancements not found in the current version of BT2, but it is also a stand-alone VMware Virtual Appliance. This means that you can download VMware Player, point it to our version and your running BT!!

This is a fully sanctioned version from Offensive Security put together by Mati himself.

Should be available any day now.

Hope this helps,
Don


	Logged

CISSP, MCSE, CEH, Security+ SME

themadhatter

Newbie

Offline

Posts: 25

Re: Fresh meat

« Reply #11 on: August 19, 2007, 12:19:18 PM »

Will there be an update on this site when this version of BT comes out, or should I be looking for it on the remote exploit site?


	Logged

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 2347

Editor-In-Chief

Re: Fresh meat

« Reply #12 on: August 19, 2007, 02:17:04 PM »

Let's not hijack this thread any more. I'll post some thoughts on the EH-Net - BT2 release in a new thread.

Don


	Logged

CISSP, MCSE, CEH, Security+ SME

BillV

Hero Member

Offline

Posts: 862

Re: Fresh meat

« Reply #13 on: August 20, 2007, 07:58:35 AM »

Quote from: bkevin on August 19, 2007, 11:17:36 AM

Thanks in advance

Kevin,

The guide is inaccurate due to the installer program not working correctly (last I checked anyway). If you want to install it to a HD, or a virtual HD, follow my notes below. The notes are for a dual-boot configuration, so adjust accordingly if installing to a single HD (no need to partition). When copying the directories, it will take some time so be patient.

Or, you could just wait until the EH-Net version is released as it sounds like it'll be a bit easier

Quote

root
toor
startx

mount (ntfs? /mnt/hda1)

umount /mnt/hda1/
clear

qtparted
select /dev/hda

click, resize, shrink

File > Commit > Ok > operations completed successfully > OK

fdisk /dev/hda
p
n
p
2
enter
+64M
n
p
3
enter
+1024M
n
p
enter
enter
p (display)
/hda2 boot
/hda3 swap
/hda4 main
t
3
82
p (display)
w
(no errors? reboot if needed)

mke2fs /dev/hda2
mkswap /dev/hda3
swapon /dev/hda3
mkreiserfs /dev/hda4
clear

mkdir /mnt/backtrack
mount /dev/hda4 /mnt/backtrack
mkdir /mnt/backtrack/boot
mount /dev/hda2 /mnt/backtrack/boot

cp --preserve -R /{bin,dev,home,pentest,root,usr,etc,lib,opt,sbin,var} /mnt/backtrack
mkdir /mnt/backtrack/{mnt,proc,sys,tmp}
mount --bind /dev/ /mnt/backtrack/dev/
mount -t proc proc /mnt/backtrack/proc/
cp /boot/vmlinuz /mnt/backtrack/boot/
chroot /mnt/backtrack/ /bin/bash
clear

nano /etc/lilo.conf
(remove all comments but keep vga=791 and remove 773)
change boot = /dev/hda
change root = /dev/hda3
comment out messages line near top
save
execute lilo -v

exit from chroot
reboot


	Logged

bkevin

Newbie

Offline

Posts: 4

Re: Fresh meat

« Reply #14 on: August 20, 2007, 04:25:31 PM »

Thanks a lot Bill!

I followed your guide as much as possible. In some scenario's it was impossible to do so though.
qtparted didn't do as you described, so I removed the partitions with fdisk, since new ones are made afterwards. Creating the new ones didn't give any problems so it should be ok.
Copying, mounting and chroot worked fine, but then:
when I tried lilo -v, it gave me this:

Quote

Reading boot sector from /dev/hda
Using MENU secondary loader
Calling map_insert_data

Boot other: /dev/hda1, on /dev/hda, loader CHAIN
Fatal: First sector of /dev/hda1 doesn't have a valid boot signature

I tried googling it but got back without any result.
Maybe I should wait for the EH-Net version of Backtrack. But then again, I will face problems in the future as well that won't be able to evade...
Dilemma Grin

Now I was thinking... is it ok to ask all these questions in an introduction thread? Cheesy


	Logged

Pages: [1] 2 Go Up

« previous next »

Support EH-Net by Buying all of your Amazon items using the search bar above. Try CBT Nuggets Free!

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.

Try CBT Nuggets Free!