Learning to white-hat

[quantumnerd]

I'm a first year compsci student in the frozen land of Canadia. However, I rushed through high school so I don't have as much experience with computers as I would have liked. I have basic familiarity with command line file navigation and have astounded my neighbour's stepdad by opening the CONTROL PANEL in their computer. I put together my own computer, proved an existential proof with a quick script and played with Lua when I was in elementary school, but when people start talking about network hierarchy and Domain Name Servers and server software, I get lost and can't make sense of much.

One thing I'm wondering is about all the white-hats (and grey-hats and black-hats) that I see on the internet talking about how they screwed with their school's network when they were in school. I'm in university and I still don't have to chops to mess with anything. Where do you learn that kind of stuff? I don't know enough about practical networking to even figure out what's secure or not.

This occurred to me when I was reading the thread about the school compute hacking and I realized I wouldn't be able to set up my home network securely or make a webpage that wouldn't fall down like a sack of bricks after being hit by a script kiddie.

[hintss]

what do you want to mess with?

[++$_]

First of all, make your goal "learn about computer security" rather than "learn how to break into other people's computers." Even if you are really dead-set on the second goal, you should attempt to achieve the first goal, because then you will develop a deep understanding of what you are doing instead of becoming a script kiddie.

Anyway, here's the advice I would give about how to learn about computer security. (This is pretty much how I went about doing it, except that some steps have been changed in order from the way I actually did it to the way I should have done it.)

First, learn C really well.

Learn to use Unix. (The lessons you learn are applicable to other operating systems too, but Unix provides a better environment for learning this stuff.) Reading the man pages of common commands will teach you a fair amount about how the system works. The man pages are kind of like Wikipedia, in that by reading one page you will find references to other things that you need to know. Get a book on the design of the Unix operating system (e.g. The Design of the Unix Operating System), read it, and understand it.

Go through djb's "security holes" course slides, and understand them. Where details are missing (because they're just the slides from a course, not a complete course), fill them in. (Note: I thought that the first half of the course was significantly more difficult than the second half! So you might want to skim until you get to something you can understand, and go back later.) There may be an equivalent course at your university.

Take a class in network architecture or "computer systems", if your university offers it. This will hopefully introduce you to network protocols and such things, which you expressed interest in. I found that the unix man pages had poor coverage of these topics, so I needed to supplement my knowledge from some other source.

At this point, you'll probably know enough to figure out what bits of knowledge you still need.

[quantumnerd]

Sorry for phrasing my question wrong- I just want to learn the techniques. Not trying to break everything I touch (I do that well enough in the physical world by accident).

Thanks for the tips!

P.S. "(Warning: you need about 32MB of disk space free.)" LOL 32MB

[Kromix]

[quote="quantumnerd"] I just want to learn the techniques./quote]


what good are techniques if you can't understand what each technique does or why it does it...

i could write a long list on how to infiltrate a network and break into a computer, but that would only be into specific networks and computers with specific security holes. in order to "master" or be efficient into "hatting" you need the understand the what/when/why/and hows of computers and networking. else you are a script kiddie and therefore, loose all respect.

PS: no im not writing you a script or a list detailing break-ins. i only use them to test my networks and people that pay me to test their networks.


read the whole site and every link, its some of the basics but not enough to hat arround . http://learn-networking.com/

[_Axle_]

Don't rule out Social Engineering as well, for a way to compromise a system.

[hintss]

Don't rule out Social Engineering as well, for a way to compromise a system.

This is especially true. Get good at lying.

also, if you break everything IRL, are you sure you're not my clone/twin?

[quantumnerd]

Well for testing my own private network, a social engineering attack would be... erm... of interest to my psychologist.

And when I said I want to learn the techniques, I'm actually really interested in the fundamental principles because I can generalize them to other things I do. EG: if I'm coding a game, I know that the same things that would make any computer a target would also make a dedicated server a target and adjust the code accordingly. Thanks for the articles, I'll be sure to research them to death- like Gordon Freeman.

Edit: if I were your twin, you'd like sci-fi games where everything glows menacingly out of sharp hulls. Do ya?

[hintss]

Well for testing my own private network, a social engineering attack would be... erm... of interest to my psychologist.

And when I said I want to learn the techniques, I'm actually really interested in the fundamental principles because I can generalize them to other things I do. EG: if I'm coding a game, I know that the same things that would make any computer a target would also make a dedicated server a target and adjust the code accordingly. Thanks for the articles, I'll be sure to research them to death- like Gordon Freeman.

Edit: if I were your twin, you'd like sci-fi games where everything glows menacingly out of sharp hulls. Do ya?

yes, actually.

especially if it is glowing red, blue, or green

[quantumnerd]

Wow. So you must have a Steam account, right? Add me on steam: QuantumNerd

[yawningdog]

I recommend the book "The art of Intrusion". What I learned from that book is that hacking is a lot like Jeet Kune Do. The best hackers do not maintain a repertoire of techniques and use the ones that work. The best hackers seek to understand how the machine works and develop the technique that works for that particular situation.

My steam ID is "Captain Smollett"

[c0smic]

Don't rule out Social Engineering as well, for a way to compromise a system.

I really agree with this, social engineering is a very important skill that most people don't give a second thought about. If you get good at it, you can bypass all the technological filters and get right to the information with a few phone calls.

What I'd suggest is like what other's have suggested, is pick up a book on what you want to learn. "The Art of Intrusion" is a good one, or Kevin Mitnick has some books out on social engineering. Learning C and other languages is very important if you want to understand networks more as well.

http://www.2600.com/ This is a great magazine. 2600 comes every season packed with great articles and techniques and stories on things on the white & black hat side of things. Available in eBook and Paper format.

The HOPE Conference is a yearly event which has many great talks on all subjects in the hacking/computer community. Here's the complete list of talks from the last HOPE. - http://thenexthope.org/talks-list/

My Steam ID ^^: c0smic6

[spedione]

For Social Engineering, go read "The Art of Deception", by Kevin Mitnick (Also mentioned by c0smic).

[naschilling]

For years, I've been trying to convince my school that they need to add a new course to the CS curriculum: Defense Against the Dark Arts. While I may very well get sued by J.K. Rowling for stating that, the idea she put forth is solid. One can only properly defend against an enemy by knowing what an enemy may bring to fight with. This is an idea as ancient as Sun Tzu's "Art of War" and it is every bit as truthful today as it was then.

Social Engineering is a powerful tool for attacking a specific target, but it serves no educational purpose. You would be best served learning what telnet is and how to use telnet for basic web-based operations. For instance, use telnet to fetch a web page. Using C to write your own telnet clone would be educational as well.

Code: Select all

$ telnet google.com 80
GET / HTTP/1.1
Host: google.com



(Note: The the empty line at the end IS significant.)

Once you begin to understand simple cases, configure an Apache server locally and learn basic PHP code to demonstrate your knowledge with. Cookies, Post data, and Get variables are the heart of most web-based vulnerabilities. A simple web page like below would help you learn Cookies, Get variables, and Post data and how to manipulate them from telnet.

Code: Select all

<?php
echo 'GET Variables: ';
print_r($_GET);
echo PHP_EOL . 'POST Data: ';
print_r($_POST);
echo PHP_EOL . 'COOKIES: ';
print_r($_COOKIE);
?>