Good way to learn access lists if CISCO isn't readily handy is IPchains or IPTables (firewalling in Linux).
Knowing how to script is one thing; once you know how to program you just need the algorithm to make an exploit...
-----Original Message-----
From: Richard Jenniss [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 05, 2002 11:47 AM
To: [EMAIL PROTECTED]
Subject: Re: (clug-talk) IT Education
On Thu, 05 Dec 2002 08:01:27 -0700
Andrew Barnes <[EMAIL PROTECTED]> wrote:
> 1. TCPWrappers and access-lists
I get the concept, have yet to really sit down and define...
> 2. Some kind of scripting experience, to script brute force-type of scans
I know scripting a bit, not enough to write an exploit. I hope to do some programming in the near future.
> 3. IRC experience, get into the hacker-scene and find out as much as you can
> from black hats, as well as the white hats.
I use IRC, heh.
> 4. Learn about the OSI 7-layer model, as well as IPv4 addressing, netmasks,
> NAT/private addressing, etc. Buy the introductory book by Cisco for the CCNA
> (even take the CCNA test).
Taking CCNA. I know the OSI by heart. Spent 9 hours today learning the 2500's.
> 5. Learn about logs. They are boring, but Logsentry (see the Psionic link
> above) can help there. This is one of the best ways to find where/when a
> break-in occurs."
logsentry, portsentry, and tripwirte good idea's?
I have been concidering the idea of starting up a security / hacker group. Something similar to how lopht got started.
A sandbox of computers, discovering authentication methods, password security, buffer overflow exploitation and more.
Any idea's?
