Where to start?

Viewing 5 reply threads
  • Author
    Posts
    • #2995
      Crunchtime
      Participant

      Hey all,

      Not sure where else to put my questions…’Other’ sounds about right, sorry if it’s not. I’m currently taking a Computer Programming technology course and I’m in my first year. Both our Business and Networking instructors are covering Security in the last week and It’s given me interest in Network Security. I’ve decided to do some more research on the subject.

      With a copy of Backtrack 3 in hand, I cracked my own routers WEP key last night and I’m astonished how easy it was. Having logged into the router, I’m curious now what a dedicated hacker could do. so i have a few questions:

      1. Once a Black Hat gets inside a wireless router, what would they do next to compromise the systems attached to it? IP searches? Port scans? What would be the next step?

      2. Is WPA more secure than WEP?

      3. What are the main tools in BackTrack 3 that are the more useful ones?

      4. Where can I go to do more research? I’m still very novice but do have some limited knowledge of packets, MAC addresses and Hex.

      It seems very difficult to find any information on ‘What they do after they get into your system’, and understably so. In order to understand the threat, I want to see how they get inside, and how to protect against it.

      Any info you can give would be much appreciated. Thanks.

    • #20517
      Don Donzal
      Keymaster

      Hey Crunchtime,

      Welcome to EH-Net. Glad you found us. All it takes is that one spark, and the rest of your life is now consumed with security. Sorry… that’s just the way it goes.  😉

      As for a good place to put this post, you touch on several subjects, so I guess here is as good as any.

      1. You are correct on what is next if what the attacker wants to do is compromise the system. If he wants to lock you out, then there’s a different answer. Then again, he would be caught pretty quickly that way. But yes, the logical next step is to see what else is out there, so ping sweeps, port scans, fingerprinting… all this can be done with nmap.

      2. Yes. And WPA2 more than WPA. Read the post here about a tool to crack WPA.

      3. Too open of a question. There are a lot of tools. So figure out what area interests you, then go tool by tool to learn them.

      4. Try the sticky topics here.

      Hope this gives you a running start.

      Don

    • #20518
      shednik
      Participant

      Just to add to Don’s post he covered most of the bases, I would suggest going on amazon and buying a few good books covering security.  I’ve picked up some good used books for $5 with shipping, they were just a little older but with a wealth of information that will make you continue running.  Here are a few I recommend:

      Stealing the Network: How to Own the Box

      Hacking Exposed 5th Edition

      Network Security Assessment: Know Your Network

    • #20519
      RoleReversal
      Participant

      Crunchtime,

      I’ll just add to Shednik’s reading wishlist I’d add Counter Hack Reloaded. It is the only book I’ve read that manages to succinctly explain buffer overflows without making it sound like black voodoo magic.

      The chapter in question can be found on EH-Net here. It makes excellent reading and is the reason I bought the full book.

      @don wrote:

      All it takes is that one spark, and the rest of your life is now consumed with security. Sorry… that’s just the way it goes.  😉

      Just fell off my chair, too true…

    • #20520
      Crunchtime
      Participant

      Hey all,

      Thanks for the info. I’m lucky in that I have a Networking instructor that has had some dabblings and hands on, and is very enthusiastic about security in general. He had a lab where he broke out Wireshark for us and showed the packets going across the network as a demo.

      I’m doing my research and figuring out how I’m gonna get those books (I’m a student…broke. Bah.)

      Are there any online resources that you could recommend? Best thing I’ve seen so far is a show called Hak5, saw a couple episodes on YouTube, one had a section on Man-in-the-middle attacks which was pretty good.

      Thanks.

    • #20521
      jason
      Participant

      Check on amazon for used copies of the books, you can generally find them quite a bit cheaper. You may also see if there are student chapters of IEEE or ACM for your school. These groups often have arrangements with book publishers to get books at a discount (or free!).

Viewing 5 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?