Hi Guys

I would like to introduce myself. I am doing IT job as sys admin and i am almost in this field from last 6 yrs. Got my Masters in C.S, CCNA,MCP and Juniper Routers.

Currently working on MCSE and also i am willing to learn abt Hacking from a long time but Just i am kind of lazy did not spend enough time on my study. Everyday work,work work. I am already 27 but still i don't have enough knowledge like you guys.

Today i was looking for CentosOS training but finally i end up with this Site.

This site seems to be good and i already seen alot of things abt Hacking tool like BT3 and BT2, Netmap and alot more,


I need your help If you guys will share knowledge on this topic with me i would really appreciate it.

Definitely my dream is to be a White Hat Hacker not a black one. I don't believe on Certifications but its good to have ..kind of first step to get a job.

I truly want to learn abt.it.


I want to create a lab at home ..So i can do some testing by myself and can learn about tools . My setup is : I have 1 Desktop computer and 1 laptop. On Laptop i have Winserver 2003 as Primary OS. and then i have VMWare server based and i already installed Linux, winxp, Win2000 Advanced Server.(Out of Date).  Going to install Vista soon.

what u guys would suggest me to do learn more abt Hacking and as well as for CEH exam and also i have CBT Nuggets for CEH.

Any Suggestion would be appreciated.

Welcome to the forum.  Yes setting up your attack lab is good. For me I like real boxes if I have a choice. But to get started, just use vmware. Time is always our big enemy in learning anything. With vmware on a decent lap top with at least 1 gig of memory, there are so many things you can do and at times that you might normally waste.  Waiting at the airport or even sitting watching TV, you can play with tools like Nmap, etc...  The important thing is you dont need a lot of cash to get going.  In fact, there are so many free tools there really is no excuse anymore other than a severe  lack of time or just being lazy. 

Read some free tutorials on TCP/IP and grab a copy of vmware. Download a free linux distro and install.  Get the free program of Nmap. Start scanning away and try to understand what you are doing from the TCP/IP tutorials your reading.  Get this under your belt and you have made a good first step into the world of hacking. Spend sometime on this one thing and dont rush into exploits,etc... until you have this really under your belt.  Everything I have mentioned is free so just try and be creative in finding the time to do it. You will find there is more time available than you might think if you really THINK about it.

PS~ who is the Ken you mentioned? 

I am in major agreement with Kev.  Before you go drop any level of cash pull down all of the free resources you can get.  BackTrack, Helix, Knoppix, etc for your tool sets.  Then grab VMWare Server (now free) and load up on different operating systems.  You can drop a full library on an external hard drive.  Don't forget to have different versions of the same OS so you can take shots at systems of different patch levels. One warning, don't expect to use the same setup for real testing.  It is well known that pen testing out of a virtual machine will result in slightly different results than testing "from the iron".  (ie.  you actually booted the OS and are using it live)  I got kicked in the pills over this just a short while ago.  One of the guys that worked for me forgot to bring our testing image (we boot off of external hard drives) to a client site so he used BT3 in a virtual machine to do some of his testing.  After we turned over our reports our client wanted to challenge one of the major findings. It turns out some of their admins followed behind us and used their own tools to validate our work, and they found one issue that they could not replicate.  It turns out that by using the VM the tester basically got a false positive on a fairly critical vulnerability.  This occurs because there is some level of abstraction occuring by your traffic having to pass our of a virtual network stack, into the real network stack, to the target, back to your real network stack, then back to your virtual stack.  It isn't common, but it can cause some odd behavior.  Morale of the story:  training with VMs is good, real world testing with VMs is not so good.

I'd suggest putting VMWare Server on your win 2003 server for the simple reason that it has the most heavy duty hardware.  Then start pulling down or building the virtual machines you plan to use.  For very simple training you couple simply have two VMs running on the same system, one with your target OS and one with your testing OS (BT3 or similar).  A better setup would be to run your target OS in a VM on your win 2003 machine, and then boot a live CD (or real install from another hard drive) on one of your laptops.  Make sure the VM is getting its own IP and is not being NAT'ed through the IP of the win 2003 machine.  Once you do that you should be able to hack from your laptop into the VM as if it were a real machine on the network.  Once you start getting your hands dirty you can also start setting up a virtual network.  Basically you will take the target OS, give it an extra virtual NIC, and link it to another VM running on that same system.  That way you have to hack the first VM to be able to see the second VM.  This is fairly realistic in what you'd see in real pen tests.  Often you need to pop an external system and then use that as a "hop" to attack systems further into the network.

Thanks for Info

I will try it as soon i can and will keep in touch with u guys here under this topic

Please dont waste your money on that.  There are no secrets. The nmap site has every thing you need and there are many good free tutorials on the net.

I'd really be interested in the technical details of this discrepancy, if you're able to elaborate further.  I plan to consolidate testing platforms to a single machine using virtualization, and I'd like to understand what you saw here.  About the only thing I can imagine would be some sort of TCP/IP vulnerability, but I can't think what specifically you encountered.

rance, I can try to get into specifics but it'll have to wait at least a week.  I'm leaving for my honeymoon tonight.  The short version of the story is that we consistently kept getting false positives on a type of DOS attack that used operating system response times as part of the signature, and we were getting random false positives on some windows xp/200/2003 buffer overflow attacks.  For the second set, this only happened when we tested servers that had the same 3 third party apps installed on them.  (an IBM app and two custom apps) The really shitty part is that we couldn't consistently replicate the problem.  We'd scan the same box 10 times in a row and it would come back clean 6 of the 10 times, and not clean the other 4.  This all happened after the customer challenged our findings so it was pretty embarrassing to have to backtrack and go through it again.  After I found out my staff was using a VM to do the testing I told them to boot from an image I'd burned onto a hard drive.  No more problems.  Systems were clean 10 out of 10 times, and we later got admin rights to the boxes and manually confirmed that the vulnerability wasn't present.  After we were done I reached out to some friends in other pen testing shops and got the same story.  "Testing from a VM will work just fine 95% of the time, but expect that last 5% to bite you in the ass."