Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Nov 20th, 2008, 7:05am
   Mischel Internet Security Forum
   Internet Security
   General (Moderators: Helena, Gavin_Coe, Magnus)
   'Breaking in isn't hard to do...'		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: 'Breaking in isn't hard to do...'  (Read 854 times)
Ian
Stole All the Forum Stars
********



Good things come to those who wait ...

   


Posts: 2913
'Breaking in isn't hard to do...'
« on: Sep 25th, 2003, 9:37pm »		 Quote Quote  Modify Modify
http://www.informationweek.com/story/showArticle.jhtml?articleID=1440007 0
 
Very interesting article - I saw a one-page summary in this week's computing magazine.
IP Logged
... but crap arrives pretty much straight away.
MegaHertz
Senior Member
****




No one listens until you make a mistake.

   


Gender: male
 Posts: 302
Re: 'Breaking in isn't hard to do...'
« Reply #1 on: Sep 25th, 2003, 11:00pm »		 Quote Quote  Modify Modify
An excellent read Ian thanks for the link. Smiley
IP Logged
"It IS As Bad As You Think, and They ARE Out to Get You."
Ian
Stole All the Forum Stars
********



Good things come to those who wait ...

   


Posts: 2913
Re: 'Breaking in isn't hard to do...'
« Reply #2 on: Sep 25th, 2003, 11:12pm »		 Quote Quote  Modify Modify
Thanks. I was particularly interested in his list of tools - several of which I already use to keep tabs on what my users are up to. For example, I used Ethereal last Friday to prove my network was clear of ICMP flooding, which saved a journey by one of the city's WAN engineers (handy since it's not easy to arrange all workstations to be on together at the drop of a hat if the guy had arrived unannounced - again).
 
And it's not the kids I'm worried about - the other day I found a rogue WiFi card that had been set to ad-hoc by mistake (my tech's had let it slip through the config stage a bit too quick). Roll on when some of the more geeky staff start bringing their own access points in!
IP Logged
... but crap arrives pretty much straight away.
MegaHertz
Senior Member
****




No one listens until you make a mistake.

   


Gender: male
 Posts: 302
Re: 'Breaking in isn't hard to do...'
« Reply #3 on: Sep 25th, 2003, 11:21pm »		 Quote Quote  Modify Modify
Yep all very useful tools. Smiley Wouldn't be caught without them.
IP Logged
"It IS As Bad As You Think, and They ARE Out to Get You."
MadAxe
Senior Member
****





   


Gender: male
 Posts: 319
Re: 'Breaking in isn't hard to do...'
« Reply #4 on: Oct 22nd, 2003, 4:26pm »		 Quote Quote  Modify Modify

TOOLS OF THE TRADE
 
What the ethical hacker has on hand:
 
Ethereal: Free network-protocol analyzer that runs on Unix and Windows. It can analyze network traffic in real time or from a saved file.
 
NetStumbler: Free tool that can find wireless networks.
 
Nmap: Network Mapper, a tool to analyze a network for the operating systems, servers, types of services and ports, and packet filters and firewalls in place.
 
Netcat: Free network-analysis tool.
 
Nikto: Web-server scanner that tests servers for potential vulnerabilities that could allow a hacker easy entry.
 
Nessus: Free remote security scanner. It attempts to examine a network for vulnerabilities that could let bad guys in.
 
Data: InformationWeek
 
They all look good and I would love to have those tools, but what about the risk of downloading a "hacking" tool from someone. Aren't you worried about the risk of getting more than you bargained for?
IP Logged
Jamming
Stole All the Forum Stars
********




Remember when a Trojan was just for protection.

   


Gender: male
 Posts: 2039
Re: 'Breaking in isn't hard to do...'
« Reply #5 on: Oct 23rd, 2003, 10:03am »		 Quote Quote  Modify Modify
Yes, MadAxe you are. Sometimes you download them and then look at them with a hex editor and their threads.  Ethereal is a packet sniffer from a rather reputible source and I recognize a couple of the others. Most of the time you need to find out what you can about the people who make them, what are their goals and aspirations. Never ever download them from anyone other than the original source, otherwise you are asking for more than the standard package.
IP Logged
Team Z Member

Servare cives, major est virtus patriae patri.
- Lucius Annaeus Seneca
I was born an American; I live an American; I shall die an American!
- Daniel Webster
acheton
Original Gangster
******





   


Gender: male
 Posts: 1162
Re: 'Breaking in isn't hard to do...'
« Reply #6 on: Oct 23rd, 2003, 11:25am »		 Quote Quote  Modify Modify
on Oct 23rd, 2003, 10:03am, Jamming wrote:
Never ever download them from anyone other than the original source, otherwise you are asking for more than the standard package.

 
Thanks Jamming, this is wise advice.
IP Logged
"What success a man builds from his gifting can be destoyed in a moment because of his character."
claire
Stole All the Forum Stars
********



carpe diem

   


Gender: female
 Posts: 3479
Re: 'Breaking in isn't hard to do...'
« Reply #7 on: Oct 23rd, 2003, 7:18pm »		 Quote Quote  Modify Modify
Many thanks for the link Ian Smiley
IP Logged
Claire
GoodGollyMolly
Newbie
*



And a good day to you all!

   


Gender: male
 Posts: 41
Re: 'Breaking in isn't hard to do...'
« Reply #8 on: Dec 22nd, 2003, 1:51am »		 Quote Quote  Modify Modify
A real good wakeup on downloading tools! What not to do, we get a great deal of information from these little instant courses.
IP Logged
Yes Doctor, I will loose weight, I promise, yes I know I said that 15 years ago but I am serious now!
Walter
Veteran
*****





   


Gender: male
 Posts: 573
what a job!
« Reply #9 on: Dec 22nd, 2003, 11:56pm »		 Quote Quote  Modify Modify
Thanks Ian,
 
An interesting read. I can see why Mr. Ryan Breed, the security consultant doing the "hacking," seems to enjoy his work so much (noted by the writer).
 
What a job! Working with top-notch everything, it sounds like. I wonder how much he gets paid?
« Last Edit: Dec 23rd, 2003, 12:00am by Walter » IP Logged
Strange as it may seem, no amount of learning can cure stupidity, and formal education positively fortifies it. S Vizinczey
Ian
Stole All the Forum Stars
********



Good things come to those who wait ...

   


Posts: 2913
Re: 'Breaking in isn't hard to do...'
« Reply #10 on: Dec 24th, 2003, 1:48pm »		 Quote Quote  Modify Modify
Ah, the $64,000 question! Only he probably clears more than than in a year...
 
Re some of the other tools that MadAxe quoted: most are GPL licensed, and come from the 'white-hat' side of things. The warning's valid, though, since it's never a good idea to trust blind tools like these. I'd say you're safe with Ethereal (for sure) and NetStumbler (it does a good job of finding wifi stuff). The rest are all by reputation only - I haven't used them, but they are similar to tools provided by network consultants (asset tracking, bandwidth analysis, even the MS load-balancing stuff on their servers, could all be viewed suspiciously). So long as they don't try to get out and report their findings... so block them all at the gateway off-site.
IP Logged
... but crap arrives pretty much straight away.
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register