I do code in KORN, BASH, and PERL and automation is where I excel. Thank you everyone There is a lot of good information here.
Adam Flaig "Its never too late to become what you might have been" On Tue, Feb 22, 2011 at 5:15 AM, Paul Saenz <forensicneoph...@gmail.com>wrote: > It seems to me that ethical hacker would also be know as white hat > hacker, as opposed to black hat hacker. Forensics would, I believe > refer to data recovery, often in cases where the hardware, hardware > abstraction layer or software becomes defunct, (Highly Technical Term) > or has been hacked. I think forensics can also refer to finding out > who the hacker is. Which was the purpose of Satan: > > http://en.wikipedia.org/wiki/Security_Administrator_Tool_for_Analyzing_Networks > > Steve Gibson, author of spinRite has an audio collection of security > issues. Although much of it you will already be familiar with, some of > it, I'm sure, you will find very informative. Steve often explains, in > general terms, how hackers access control of a computer through > various types vulnerabilities. Also he discusses in general many of > the vulnerabilities that have been discovered over time, currently and > many solutions. Also he often discusses windows vulnerabilities which > you may or may not be interested in understanding, but often linux > SysAdmins have to deal with windows problems. > > http://www.grc.com/securitynow.htm > > Keep in mind that all security vulnerabilities are based on about 50 > to 60 basic types of vulnerabilities that exist in computer > architecture. Attempts have been made by hardware developers to > address some of these problems, such as buffer overruns, but I don't > know how successful they have been. What happens is that when > programmers write Operating systems or Application programs, the > vulnerabilities get written into the code. > > Go to the hacker sites, you know the ones from Russia and such, and > get the hacker tools that they sell the second Tuesday of the month. > (because that is when Microsoft releases their security patches) You > can then test out their hacker tools, (on your own personal box and > you may be able to discover what they are doing. Or read on their > websites about what they claim to be selling. That may seem extremely > difficult, but that's how the hacker in Russia, and/or other eastern > European countries do it. They get the binary code from the Microsoft > patches, and they have their hacker packages ready to sell the same > day. > > Also you can look at the patches which Microsoft is releasing on the > second Tuesday of the month (And I don't mean the code, because do not > believe it is open source, it will just be binary I think) but if you > look at what programs the patches are for, and see what Microsoft > publishes about the vulnerability they are addressing (that is if > Microsoft does publish release notes on the patches) then that will > help you understand current real world vulnerabilities. If you open it > in an assembler, you can see the hexadecimal. > > You can compare the hexadecimal of the Microsoft patch with the > hexadecimal of the hacker tool, and you may be able to find some clues > about what they are doing. > > Here is a website that may be able to help you decipher the > hexadecimal to some point: > > http://mirror.href.com/thestarman/asm/mbr/Win2kmbr.htm > > There are other sites like it, and this page probably has some good > links that if you follow, you will be able to learn a lot. I'm pretty > sure that reading the hex is one of the techniques that the Eastern > Europeans use to find vulnerabilities. I'm also pretty sure that when > those 50 to 60 types of basic computer vulnerabilities are written > into the code, hackers are able to identify them in the hexadecimal. > > Just a little insight from my own personal research on "ethical hacking." > Paul > > > > > > On Tue, Feb 22, 2011 at 12:00 AM, Mark Holmquist <marktrac...@gmail.com> > wrote: > >> Any advice on resources and reading materials videos or applications on > >> ethical hacking? I am trying to avoid a $4,000.00 class in some other > city > >> to learn. > > > > http://www.catb.org/~esr/faqs/hacker-howto.html#what_is > > > > Start by knowing your terminology--you mean "cracking," probably. > Practically all hacking is ethical. > > > > -- > > Mark Holmquist > > Student, Computer Science > > University of Redlands > > marktrac...@gmail.com > > _______________________________________________ > > LinuxUsers mailing list > > LinuxUsers@socallinux.org > > http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers > > > _______________________________________________ > LinuxUsers mailing list > LinuxUsers@socallinux.org > http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers >
_______________________________________________ LinuxUsers mailing list LinuxUsers@socallinux.org http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers
