Network Security Professionals

CCheck out these killer threads!
2-sep-13 18:28

Principles of Attacking

"A victorious army first obtains conditions for victory, then seeks to do battle." - Sun Tzu
First and foremost, have a goal!  What do you want to hack and why?  Defacing web pages is for little minds and serves no purpose but to piss people off. Let's face it though, it is really about figuring out how a system works and behaves under certain conditions.  Why?  To learn more!  Not to be destructive, or to steal information (like credit card numbers), or to gain notoriety.  In fact, the best hackers (even just good hackers) do not leave any sort of calling card...that is no foot print whatsoever.  They quietly, methodically enter, look for what they need, and quietly slip out.  Sun Tzu said of war, and it is certainly applicable to hacking, "Never to be undertaken thoughtlessly or recklessly, war [or hacking] is to be preceded by measures designed to make it easy to win."  Following, I give you a few of those measures:

A foot print??? 

What the hell is that?  I'll tell you, initially, it was simply a log entry; something easily deleted from a syslog file with VI.  Intelligent SysAds would have logs written to non-standard places, or duplicated on other boxes.   Believe it or not, some green SysAds still do not do this, or they don't even look at their logs.  Moving right along....  Intrusion detection/prevention has maturing quite rapidly.  It started with simply looking at the system logs, then tools such as file hashers came out., which looked for changes in files (like hosts and /etc/passwd).   Now, they have specialized software/hardware that can sit on a gateway pipe and examine every packet...inbound AND outbound.  This stuff looks at packets and compares their contents or services (like TCP/IP port) or source/destination address to a database of known vulnerabilities or sore spots (like known bad-guy IP addresses).   This could be similar to how a virus checker works, using "heuristics" (look it up).  Anyway, use caution when mapping out a network to attack. SSL is a great way to slip around. Also, a concept borrowed from botnet owners is the stand-off attack.


The military seems to think it is a good idea, so should you.   They don't just walk up to the enemy and open fire, they look at the surroundings (what other systems are there), environment (can you easily access a system locally or will it have to be remotely),  counterintelligence (intrusion detection???),   Size of force (several IDSs, firewalls, etc.),  escape routes, and deception (honey pot systems) to name a few.  Remember the cartoon G.I. Joe?   "Knowing is half the battle."  Sun Tzu?  "Know your enemy."

Tools! <grunt grunt grunt>

There are two basic tools you need to attack: hardware and software <duh>.  Recommended:  Laptop (because no one with an IQ above 80 hacks from home) with a modem, a 10/100Mbps ethernet card, and/or wireless NIC.  Perhaps the only smart things in the movie hackers were they distributed their attack and went to public payphones, not their homes (acoustic couplers???).  Try to find one that you can change the MAC address if possible.  Linux and Windows are musts; have a dual boot system. VMware allows a great alternative.
NNice to have: A lab with servers (virtual helps).  What server software do you need?   Linux,  Windows Server, BSD, Mac-based OSs and Solaris.  At the very least, have Windows Server and Linux..  Run Apache, MS IIS, openSSL, sendmail, DNS Services; download free evaluations of firewalls, intrusion detection, and encryption software (like PGP).  Learn C (turbo, +, ++, ANSI, whatever), SQL, JAVA, & perl.   Start with C though.  Connect all these with a hub (switches that allow port mirroring work too, but are expensive).  If you master these, besides being a good hacker, you'll probably have a great paying job!

The Bottom Line

Teach yourself to administer and secure the above boxes.   Then you can start attempting to "test" them with scripts from the links in tools, or, if you learn the languages above (a feat alone) scripts you wrote.  Look for how your software reacts.  See if you can detect the attack.  See if you can evade your own detection.  Be slow, patient, and methodical.  If you can't figure something out, ask someone you trust.  Always assume that you are being watched.

Who Hacks?

KKids, college students, corporations, employees, private investigators, criminals, the government (military and civilian), foreign governments, and terrorists.   Yes, it is an incomplete list, but those are some of the most significant participants.   The next question is why/em> they hack.  Their motives are as diverse as they are.  Kids: boredom and notoriety.  Students: as many reasons as there are college majors.  Companies: corporate espionage and guerrilla marketing.  Employees: fraud and misuse. You can guess the rest.