.

Fresh meat

<<

bkevin

Newbie
Newbie

Posts: 4

Joined: Fri Aug 17, 2007 12:21 pm

Post Fri Aug 17, 2007 12:55 pm

Fresh meat

Hello,

First of all my name is Kevin, aged 19 and living in Belgium - Europe.
I've studied and graduated in network management this year, yet I feel like I don't know enough yet. I'd like to specialize in security as it's in my eyes the most fascinating subject in a computer network.
Now after googling and browsing a lot to find a decent community, I found this website.
It looks like my thoughts were right, and I do have a lot to learn about this all.
Some of you (if not most of you) think 'oh no, another guy who wants to become a hacker', well you're right, I do want to become a security expert and hopefully build a career with it.

Since one has to begin somewhere, here are some first questions, if someone would want to answer them, that would be great!
1) I am currently using windows xp, I will get myself a new machine and install Ubuntu on it, is Ubuntu any good or are all distributions basically the same except the way they work?
2) Currently I have no programming skills whatsoever. I don't want to go off and start using tools that do everything for me, giving myself the idea that I'm doing great, so what language should I start with?
3) Are there any tutorials for complete beginners such as myself to start with on this website? I've been browsing in the tutorial forum earlier, but by the looks of it, it's directed to those that are already skilled in the world of hacking.

Hopefully I'll learn a lot in this community, as I'm eager to get started.

Regards,
Kevin
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Fri Aug 17, 2007 1:22 pm

Re: Fresh meat

Hi Kevin,

Welcome to EH-Net! We're glad you decided to register and join our community and we all look forward to your continued participation :)

Congrats on graduating in network management, sounds like you're off to a very good start! Can I ask what sort of studies were included in your network management courses?

Security is not really something that would be considered 'entry-level' and you can't just jump into it as you can with other computer aspects. To become a security expert, you'll need a very well rounded and in-depth computer background. Keep in mind, there are different paths within computer security as well, but I'll keep this reply pretty general. I also am still new to the field and you'll probably get some other great advice from some of the other members that have been working in the field for some time.

Anyway, onto your questions...

1) Windows XP is perfectly fine. If you have enough RAM, or have the finances to purchase some, I would highly suggest getting a copy of VMware (or MS Virtual Server). With a Virtual Machine, you will be able to run multiple computers within a single machine. This is great for people learning security! That way you don't have to worry about having multiple physical computers, or partitioning hard drives. Ubuntu is a great place to start on Linux. The reason being is that the support community for Ubuntu is incredible. I would also recommend Fedora for beginners as well. Both of those OS's have good community and hardware support.

2) Heh.. this is just asking for an argument :) Keep in mind, it's not required to know how to program to be in security (although it can tremendously helpful). Again, this somewhat depends on what type of security you're looking towards. If you don't know it already, I would suggest starting with something easy like (X)HTML. At least knowing that,  you'll be able to understand what's going on with websites. From there, you could either go further into web, such as PHP or ASP which will give you a better understanding of how dynamic sites communicate and work with a backend database, or you could go into C which will allow you to understand most exploit code and also allow you to write your own (as many exploits are written in C). C will also give you a good base for going to other programming languages.

3) I'm not sure if we have anything like what you're looking for in a tutorial form. I'm not sure you'll really find that anywhere. What I would suggest is checking out a couple of books.. Counter Hack Reloaded, Gray Hat Hackers Handbook, and the CEH Review Guide by Michael Gregg. Each of those provides clear samples/examples of tool usage. The Hacking Exposed books are normally good references also. In addition, this entire community can provide a lot of support on specific questions you have, and most of the time will provide you with an answer. All you have to do is ask :)

I hope that helps answer your questions at least a little bit, and I'm sure others will reply soon too.

Best of luck to you :)
Last edited by venom77 on Fri Aug 17, 2007 10:59 pm, edited 1 time in total.
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri Aug 17, 2007 1:26 pm

Re: Fresh meat

Welcome to our growing community. There are plenty of resources on the site for the beginner. I'll try my hand at recommending what will work for you and answering your questions:

1. Any Linux distro has the same core, so, for a beginner, it's more important to get your feet wet with any distro than to stick with Windows only. After you get comfortable, then you can branch out and find the distro that works for you. As for a great distro with hacking tools, try BackTrack.

2. Go to the /root section and read the intro to programming articles by Craig Heffner. You won't be sorry. As for what language to start with, try these threads:

Steps for The Ethical Hacker to learn programming

Do you need to know programming to hack?

There are also lots of great resources on this site if you type in "programming language" into the search box at the top of the page next to the menus.

3. As for beginning tutorials, maybe a good place to start is the Book Reviews Section.

I think if you utilize these resources, you'll find more along the way. Also, don't be shy. Ask as many simple questions as possible. You'll find that this community is unlike any other in acceptance of newbies. We all started aomewhere, and we're all willing to help. Plus, the more you ask in a public forum, the more others after you will learn and advance their careers as well. That's why we're here.

Hope this helps,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

jimbob

Post Fri Aug 17, 2007 1:52 pm

Re: Fresh meat

Welcome! I'll not repeat the sound advice of other, just wish you a welcome stay here. Sounds like you are ready to see just how deep the rabbit hole goes  :)

Jimbob
<<

oneeyedcarmen

User avatar

Full Member
Full Member

Posts: 233

Joined: Thu Jul 05, 2007 2:13 pm

Location: Baltimore, MD USA

Post Fri Aug 17, 2007 2:10 pm

Re: Fresh meat

For your third question, I'll have to recommend Learn Security Online.  I'm a regular visitor to their site, and it's run by EH Net's own Chris Gates.  (there's my obligatory plug, Chris).

Chris and Joe McCray have put together some nice references for the beginner along with some hands-on tutorials.  You'll find that quite a few of us are members of both forums.
Reluctant CISSP, Certified ASS
<<

LSOChris

Post Fri Aug 17, 2007 6:31 pm

Re: Fresh meat

hey thanks for the shout out!

we're trying :-)
<<

bkevin

Newbie
Newbie

Posts: 4

Joined: Fri Aug 17, 2007 12:21 pm

Post Sat Aug 18, 2007 7:14 am

Re: Fresh meat

Thank you all for the warm welcome

BillV wrote:Congrats on graduating in network management, sounds like you're off to a very good start! Can I ask what sort of studies were included in your network management courses?


Well we've seen quite a lot, but not that in depth. We've made our first steps into Linux with Ubuntu, later with SUSE 10. Our teacher wasn't any good himself, so it came down to self study, just to be bollocked by that teacher. This took away a lot of our courage to continue with Linux. But I'm sure this can't be a problem :)
What we've seen in linux was DNS, mySQL, apache, vmware, ipcop, but because of the teacher we didn't see it decently. So I know what they do, and I remember some of it, but I wouldn't be able to set it up without a guide or so (which I will look up later).

On Windows platform we had an excellent teacher who taught us a lot, more than he had to. We've seen W2003 server, its functions & some applications (ISA, exchange), how to let them communicate with other computers, VPN, ...

Other than that, we've seen very basic stuff such as making network cables (not impressing but hey, it needs to be done :D), (manual) subnetting, network architectures, ...

In order to succeed, we had to make a project of our own choice, ofcourse it had to be related to networking. I did mine around DMZ's and devices in DMZ's (IDS, honeypots, ..).

Hope this answered your question.

Thank you to all the rest for the useful links, I will read the articles from Craig Heffner as soon as possible.
Learn Security Online has been added to my favourites, together with EH-Net.

Something that will make it easier for me to see the bigger picture might be making a list of things to read and to do. I'll get into that today & tomorrow.

About vmware, the cpu power isn't any problem, harddisk space will be.
Question is, do ubuntu and backtrack support dualcore cpu's trough vmware?
If not, I'll set up a pc with a singlecore cpu.

Now, on to the planning!
Last edited by bkevin on Sat Aug 18, 2007 7:21 am, edited 1 time in total.
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Sat Aug 18, 2007 9:32 am

Re: Fresh meat

About vmware, the cpu power isn't any problem, harddisk space will be.
Question is, do ubuntu and backtrack support dualcore cpu's trough vmware?
If not, I'll set up a pc with a singlecore cpu.


Good question. I'm not too sure. I just recently got my main computer back in working order and haven't gotten around to re-installing any Linux OS'es yet. I would imagine that you'd still be able to run them on a computer with a dual core whether they support it or not.
<<

morpheus063

User avatar

Sr. Member
Sr. Member

Posts: 393

Joined: Sun Jun 25, 2006 10:08 am

Location: Cochin - India

Post Sat Aug 18, 2007 8:53 pm

Re: Fresh meat

Hi bkevin,

Welcome to EH-Net.

Adding to what Bill and Don stated here, I suggest you to get into the core of TCP/IP and its associated protocol suite. Also under the programming list, you can add Perl which will always give you an upper hand.

Most distributions of Linux ship with kernels that have Symmetric Multi-Processing (SMP) support built in. The following command will tell you how many CPUs your kernel is recognizing, both physical and virtual.

  Code:
cat /proc/cpuinfo | grep '^processor' | wc -l


If it is not displaying your dual core, you can compile and install your own kernel with SMP support enabled. Google for kernel compilation documents. This is a good link:

http://www.linuxfocus.org/English/July2002/article252.shtml


Backtrack and Dual Core

Backtrack2 does support Dual Core. (Refer - http://remote-exploit.blogspot.com/2007/01/backtrack-2-new-base-design.html) However, older versions of BT has issues booting on Dual Core machines. By default, BackTrack will use a single CPU. To attempt to use both CPU's on a dual core system, add the letter “d” to any boot parameter. For example:

bt load=server|pxe|test1 (for single CPU)


would change into:

dbt load=server|pxe|test1 (for Dual Core)



Wishing you all the best. Happy Learning.
Manu Zacharia
MVP (Enterprise Security), ISLA-2010 (ISC)², C|EH, C|HFI, CCNA, MCP,
Certified ISO 27001:2005 Lead Auditor

[b]There are 3 roads to spoil; women, gambling & hacking. The most pleasant with women, the quickest with gambling, but the surest is hacking - c0c0n
<<

bkevin

Newbie
Newbie

Posts: 4

Joined: Fri Aug 17, 2007 12:21 pm

Post Sun Aug 19, 2007 11:17 am

Re: Fresh meat

Thanks for the guide Manu Zacharia.
Now I downloaded the latest version of Backtrack, tried to install it with VMWare server. After hassling with the resolution (which was in 640x...), I finally managed to let it install. I followed this guide: http://www.offensive-security.com/docum ... nstall.pdf
When it finished installing, i rebooted the virtual machine and put boot from HDD as first in the BIOS. After saving & exit, I couldn't wait to start exploring backtrack. Problem is: Backtrack won't boot at all, not from the harddisk that is.
I couldn't find any solutions trough google, so here I am, asking for advice ???
Thanks in advance :)
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sun Aug 19, 2007 12:03 pm

Re: Fresh meat

We're testing the final version of EH-Net's version of BackTrack 2. Our version not only has Metasploit 3 and some other enhancements not found in the current version of BT2, but it is also a stand-alone VMware Virtual Appliance. This means that you can download VMware Player, point it to our version and your running BT!!

This is a fully sanctioned version from Offensive Security put together by Mati himself.

Should be available any day now.

Hope this helps,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

themadhatter

Newbie
Newbie

Posts: 30

Joined: Sat Aug 11, 2007 8:33 pm

Location: NJ

Post Sun Aug 19, 2007 12:19 pm

Re: Fresh meat

Will there be an update on this site when this version of BT comes out, or should I be looking for it on the remote exploit site?
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sun Aug 19, 2007 2:17 pm

Re: Fresh meat

Let's not hijack this thread any more. I'll post some thoughts on the EH-Net - BT2 release in a new thread.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Mon Aug 20, 2007 7:58 am

Re: Fresh meat

bkevin wrote:Thanks for the guide Manu Zacharia.
Now I downloaded the latest version of Backtrack, tried to install it with VMWare server. After hassling with the resolution (which was in 640x...), I finally managed to let it install. I followed this guide: http://www.offensive-security.com/docum ... nstall.pdf
When it finished installing, i rebooted the virtual machine and put boot from HDD as first in the BIOS. After saving & exit, I couldn't wait to start exploring backtrack. Problem is: Backtrack won't boot at all, not from the harddisk that is.
I couldn't find any solutions trough google, so here I am, asking for advice ???
Thanks in advance :)


Kevin,

The guide is inaccurate due to the installer program not working correctly (last I checked anyway). If you want to install it to a HD, or a virtual HD, follow my notes below. The notes are for a dual-boot configuration, so adjust accordingly if installing to a single HD (no need to partition). When copying the directories, it will take some time so be patient.

Or, you could just wait until the EH-Net version is released as it sounds like it'll be a bit easier :)

root
toor
startx

mount (ntfs? /mnt/hda1)

umount /mnt/hda1/
clear

qtparted
select /dev/hda

click, resize, shrink

File > Commit > Ok > operations completed successfully > OK

fdisk /dev/hda
p
n
p
2
enter
+64M
n
p
3
enter
+1024M
n
p
enter
enter
p (display)
/hda2 boot
/hda3 swap
/hda4 main
t
3
82
p (display)
w
(no errors? reboot if needed)

mke2fs /dev/hda2
mkswap /dev/hda3
swapon /dev/hda3
mkreiserfs /dev/hda4
clear

mkdir /mnt/backtrack
mount /dev/hda4 /mnt/backtrack
mkdir /mnt/backtrack/boot
mount /dev/hda2 /mnt/backtrack/boot

cp --preserve -R /{bin,dev,home,pentest,root,usr,etc,lib,opt,sbin,var} /mnt/backtrack
mkdir /mnt/backtrack/{mnt,proc,sys,tmp}
mount --bind /dev/ /mnt/backtrack/dev/
mount -t proc proc /mnt/backtrack/proc/
cp /boot/vmlinuz /mnt/backtrack/boot/
chroot /mnt/backtrack/ /bin/bash
clear

nano /etc/lilo.conf
(remove all comments but keep vga=791 and remove 773)
change boot = /dev/hda
change root = /dev/hda3
comment out messages line near top
save
execute lilo -v

exit from chroot
reboot :)
<<

bkevin

Newbie
Newbie

Posts: 4

Joined: Fri Aug 17, 2007 12:21 pm

Post Mon Aug 20, 2007 4:25 pm

Re: Fresh meat

Thanks a lot Bill!

I followed your guide as much as possible. In some scenario's it was impossible to do so though.
qtparted didn't do as you described, so I removed the partitions with fdisk, since new ones are made afterwards. Creating the new ones didn't give any problems so it should be ok.
Copying, mounting and chroot worked fine, but then:
when I tried lilo -v, it gave me this:

Reading boot sector from /dev/hda
Using MENU secondary loader
Calling map_insert_data

Boot other: /dev/hda1, on /dev/hda, loader CHAIN
Fatal: First sector of /dev/hda1 doesn't have a valid boot signature


I tried googling it but got back without any result.
Maybe I should wait for the EH-Net version of Backtrack. But then again, I will face problems in the future as well that won't be able to evade...
Dilemma ;D

Now I was thinking... is it ok to ask all these questions in an introduction thread? :D
Next

Return to News Items and General Discussion About EH-Net

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software