November 11, 2008 at 9:09 pm #2995CrunchtimeParticipant
Not sure where else to put my questions…’Other’ sounds about right, sorry if it’s not. I’m currently taking a Computer Programming technology course and I’m in my first year. Both our Business and Networking instructors are covering Security in the last week and It’s given me interest in Network Security. I’ve decided to do some more research on the subject.
With a copy of Backtrack 3 in hand, I cracked my own routers WEP key last night and I’m astonished how easy it was. Having logged into the router, I’m curious now what a dedicated hacker could do. so i have a few questions:
1. Once a Black Hat gets inside a wireless router, what would they do next to compromise the systems attached to it? IP searches? Port scans? What would be the next step?
2. Is WPA more secure than WEP?
3. What are the main tools in BackTrack 3 that are the more useful ones?
4. Where can I go to do more research? I’m still very novice but do have some limited knowledge of packets, MAC addresses and Hex.
It seems very difficult to find any information on ‘What they do after they get into your system’, and understably so. In order to understand the threat, I want to see how they get inside, and how to protect against it.
Any info you can give would be much appreciated. Thanks.
November 11, 2008 at 9:51 pm #20517Don DonzalKeymaster
Welcome to EH-Net. Glad you found us. All it takes is that one spark, and the rest of your life is now consumed with security. Sorry… that’s just the way it goes. 😉
As for a good place to put this post, you touch on several subjects, so I guess here is as good as any.
1. You are correct on what is next if what the attacker wants to do is compromise the system. If he wants to lock you out, then there’s a different answer. Then again, he would be caught pretty quickly that way. But yes, the logical next step is to see what else is out there, so ping sweeps, port scans, fingerprinting… all this can be done with nmap.
2. Yes. And WPA2 more than WPA. Read the post here about a tool to crack WPA.
3. Too open of a question. There are a lot of tools. So figure out what area interests you, then go tool by tool to learn them.
4. Try the sticky topics here.
Hope this gives you a running start.
November 12, 2008 at 12:47 pm #20518shednikParticipant
Just to add to Don’s post he covered most of the bases, I would suggest going on amazon and buying a few good books covering security. I’ve picked up some good used books for $5 with shipping, they were just a little older but with a wealth of information that will make you continue running. Here are a few I recommend:
November 13, 2008 at 9:11 am #20519RoleReversalParticipant
I’ll just add to Shednik’s reading wishlist I’d add Counter Hack Reloaded. It is the only book I’ve read that manages to succinctly explain buffer overflows without making it sound like black voodoo magic.
The chapter in question can be found on EH-Net here. It makes excellent reading and is the reason I bought the full book.
All it takes is that one spark, and the rest of your life is now consumed with security. Sorry… that’s just the way it goes. 😉
Just fell off my chair, too true…
November 13, 2008 at 12:28 pm #20520CrunchtimeParticipant
Thanks for the info. I’m lucky in that I have a Networking instructor that has had some dabblings and hands on, and is very enthusiastic about security in general. He had a lab where he broke out Wireshark for us and showed the packets going across the network as a demo.
I’m doing my research and figuring out how I’m gonna get those books (I’m a student…broke. Bah.)
Are there any online resources that you could recommend? Best thing I’ve seen so far is a show called Hak5, saw a couple episodes on YouTube, one had a section on Man-in-the-middle attacks which was pretty good.
November 18, 2008 at 4:23 am #20521jasonParticipant
Check on amazon for used copies of the books, you can generally find them quite a bit cheaper. You may also see if there are student chapters of IEEE or ACM for your school. These groups often have arrangements with book publishers to get books at a discount (or free!).
- You must be logged in to reply to this topic.