View previous topic :: View next topic |
Author |
Message |
chipmunktised Just Arrived
Joined: 14 Feb 2003 Posts: 0
|
Posted: Tue Feb 18, 2003 8:50 pm Post subject: LAN security |
|
|
Hey All,
Was wondering if you can suggest any links that I can play around with. Wanted to try to test the integrity of my LAN. Try to compromise a low-security box on it. Just something so I can go into the theory of how to protect it better and see how to prevent problems pre and post hacks. Thank you very much. Take care all.
|
|
Back to top |
|
|
flw Forum Fanatic
Joined: 27 May 2002 Posts: 16777215 Location: U.S.A.
|
Posted: Tue Feb 18, 2003 9:05 pm Post subject: |
|
|
If you could request something more specific?
|
|
Back to top |
|
|
myhatisred Just Arrived
Joined: 11 Jan 2003 Posts: 0
|
Posted: Tue Feb 18, 2003 9:05 pm Post subject: |
|
|
if you want a hacking challenge try www.try2hack.nl
|
|
Back to top |
|
|
chipmunktised Just Arrived
Joined: 14 Feb 2003 Posts: 0
|
Posted: Tue Feb 18, 2003 9:23 pm Post subject: |
|
|
Just something that I can launch random attacks on the computer and look at records to see what was "battle injured" and how I can patch/prevent it. I tried out that website and it's pretty much ok. Have to read more on how to do certain things. Just don't know where to start as of yet. Thanks again.
|
|
Back to top |
|
|
myhatisred Just Arrived
Joined: 11 Jan 2003 Posts: 0
|
Posted: Tue Feb 18, 2003 9:24 pm Post subject: |
|
|
set up something on your own lan and have someone else set the password on it, and you try to break it
|
|
Back to top |
|
|
chipmunktised Just Arrived
Joined: 14 Feb 2003 Posts: 0
|
Posted: Tue Feb 18, 2003 9:28 pm Post subject: |
|
|
Any pointers on where to go abouts cracking/hacking it? I feel stupid asking but I guess it comes with the beginner level status.
|
|
Back to top |
|
|
ip9 Just Arrived
Joined: 02 Feb 2003 Posts: 0
|
Posted: Tue Feb 18, 2003 9:45 pm Post subject: |
|
|
If you just want to see what is vulnerable and don't want to spend any cash have a look at Nessus.
|
|
Back to top |
|
|
flw Forum Fanatic
Joined: 27 May 2002 Posts: 16777215 Location: U.S.A.
|
Posted: Tue Feb 18, 2003 10:23 pm Post subject: |
|
|
Also good and cheap place to go is the local library. They may not have the latest but even a 10 year old book will give you a place to start for free :> Then move up as you get the basics down. O'Reily had a computer security book (old) I bought for $6 plus shipping.
You don't have to spend alot or any just to start.
|
|
Back to top |
|
|
ThePsyko SF Mod
Joined: 17 Oct 2002 Posts: 16777178 Location: California
|
Posted: Wed Feb 19, 2003 4:11 am Post subject: |
|
|
Start by fingerprinting every system accessible externally (the one thing I've found MS Excel is good for lol), then have a look at my site for some of the more common ways to access NT/2k systems... if your webserver uses forms / accepts user input, have a look at http://www.technicalinfo.net/papers/CSS.html
|
|
Back to top |
|
|
delete852 Just Arrived
Joined: 19 Nov 2002 Posts: 4 Location: Washington DC
|
Posted: Wed Feb 19, 2003 4:20 am Post subject: |
|
|
there is another good website, it is called
www.2000trainers.com
check it out, it has a special section on network security, it might be what you are looking for.
|
|
Back to top |
|
|
chipmunktised Just Arrived
Joined: 14 Feb 2003 Posts: 0
|
Posted: Wed Feb 19, 2003 10:22 pm Post subject: |
|
|
Awesome suggestions all. I've been at 2000trainers.com alot lately looking at different things. One thing that catches my eye to learn alot about is IDS. Since I'm going to be running a *nix box soon once I get these files, I plan on goofing around with it. Seen alot of nice apps @ apps.kde-look.com *Not sure if that is the right URL* but maybe I'll get myself involved with that on a schedule. Some of these apps show which type of attack at which protocol and so forth. Looks pretty interesting. If you were a n00b starting off, would you shoot for that? I know basic home networking/file sharing/print etc. Any other links you suggest for reading would be terrific. Thanks once again
|
|
Back to top |
|
|
ip9 Just Arrived
Joined: 02 Feb 2003 Posts: 0
|
Posted: Wed Feb 19, 2003 10:31 pm Post subject: |
|
|
If you're looking into IDS have a look at snort. If you set this up to log to a MySQL database and then install ACID (from the front ends or plugins section - i forget) you get a nice web-based front end to the logswith links to Bugtraq / CVE etc. There are plenty of papers on the snort site that talk you through installing. If you find that a little too much, have a look at PureSecure personal editon offering from demarc this will install and configure snort for you through a little wizard thingy.
Also, have a look through the excellent papers at the SANS ReadingRoom, a very good place to start.
|
|
Back to top |
|
|
|