I made a post earlier about my concerns about people assuming hacking is limited mostly to exploiting software.  The founder of the Metasploit project himself made it clear at the last Blackhat conference that “hacking is not about exploits. As many professional auditors know, only one or two real exploits may be used during a penetration test.”  He mentioned that most of the time you are cracking passwords, exploiting trust relationships, etc…

At that same conference, the opening speaker, Richard Clarke (former chief counter-terrorism adviser to the US National Security Council) seemed to think completely opposite of that perception. He seemed to feel if we could get coders to write more secure software all would be right in the world.

What concerns me is if someone new to security simply downloads a copy of Backtrack and runs autopwn on their network and doesn’t get a shell, now feels his network must be secure.  This couldn’t be further from the truth.

There is a site I have started to recommend to those new to security. Most of us know about it, but I am not sure how many have actually gone there and downloaded the live CDs and hacked them. I am referring to the DE-ICE.net live pentest cds.

This is such a great concept and I really support it for training those new to the field. Now I have only downloaded the first 2 and I will say any seasoned hacker can get through them quickly, but what I like is you can’t exploit them to get root with metasploit. You have to think like a hacker.

My understanding is the scenarios were created from “real life” pentests the author of these Cds Tom Wilhelm encountered in the field.  The entire concept of live pentest CDs has so much merit.  You can easily boot them up and hack away. If you screw things up, just reboot.  The very best thing about this project is there is a challenge involved. That has always been the weak part of a home lab. Now I am a big supporter of having a lab and have made a number of posts here about doing that. But the one weak aspect is you already know if it’s vulnerable or not when you set it up. Well, unless you are into exploit research, but most CEHs are not doing that and  are simply practicing with their tools.  Being great with tools is fine, but it doesn’t teach you how solve puzzles and that’s what hacking is all about. A live pentest CD on the other hand presents a puzzle for you try and figure out.  It teaches you how to “think” like a hacker and how to solve puzzles. This is in my opinion the most crucial quality to gain and I really don’t care how well you know all the switches of nmap or you know metasploit top to bottom, etc…

Yes, like anything there are some short coming and live cds are not perfect. They don’t give the feel of a networked environment. However you could rewrite them to be if you wished, but thats not really what they are all about any way.  There are not many available so far and of course they are all presented in linux so you wont be hacking server 2003, but once you have the concepts down you could easily apply the concepts to any OS. 

If you do decide to take a stab at the CDs , please resist the temptation to looks at the spoilers out there.  There are even full video spoilers available, but this would make as much sense as going to an answer page of a crossword puzzle before you even try and filling in all the blanks!   I doubt that will make you a better crossword player. Just to say again, the value is not that you are going to learn some new amazing hacking technique, but that you can learn to solve puzzles and think like a hacker. 

From what I gather, this is the same attribute that Muts is trying to instill in his course and if you are going after that certification, before you take the test it might benefit you to run through these Cds. I really can only say good things about the concept and I hope one day it will be expanded to include every level of challenge.

http://de-ice.net/index.php?name=News&file=article&sid=1

Kev,

great post, I've played with the De-ICE tools in the past have had some success and fun. From a learning perspective there are few things better than being thrown in at the deep-end to put the theory into practice.

Kev,

great post and I will have a look at this.
Are you aware of any other similar projects?

There used to be similar versions for forensic training, but due to the time required to build an image for testing forensic skills these have almost deminished, but anything like this for training purposes are excellent.

Thanks for the comments everyone. I am hoping when I have a little extra time to create a few live CDs to help contribute to the concept. Certainly one of these should be for forensic analysis as well some others for several levels of  penetration difficulty. Hopefully others out there will  also be inspired to help this project.

Bruha666v,

try google and '-- for starters.

I also saw a new web application testing book (can't remember the title) that contains example web pages that can be used as practice targets. Could be worth a look, it's on my reading list (as soon as I remember the name....)

bruha666v,

try this:


you might want to decode the hex before running it though.

Welcome Grendel,

Thanks for reaching out and giving Kev a pat on the back. He does good work and deserves recognition. Please let us know when the next one is ready, and we will be sure to plug it.

Looking forward to seeing more of you on EH-Net? 

All the best,
Don

so really we just need to randomly but de-ice into threads and we'll get you to show up...