Common Hacker Stratifications: Tier I - The best of the best - Ability to find new vulnerabilities - Ability to write exploit code and tools
Tier II - IT savvy - Ability to program or script - Understand wht the vulnerability is and how it works - Intelligent enough to use the exploit code and tools with precision Tier III - "Script Kiddies" - Inexpert - Ability to download exploit code and tools - Very little understanding of the actual vulnerability (launching Linux attacks against MS boxes) - Randomly fire off scripts until something works Joel R. Helgeson Director of Networking & Security Services SymetriQ Corporation "Give a man fire, and he'll be warm for a day; set a man on fire, and he'll be warm for the rest of his life." ----- Original Message ----- From: "Matt Carlson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, October 12, 2003 9:40 PM Subject: [Full-Disclosure] OT: An odd question that has arrisen within my household > These question is off topic, I realize this, but please bear with me. > > 1. What exactly defines a "script kiddie"? > > 2. Does using a port scanner make you a "script kiddie" since you > yourself did not write the code? > > 3. Does it make you a script kiddie because it is a means of exploitation? > > Matt Carlson > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
