an interesting arguement raised to support hackers.
http://www.iainpb.co.uk/forums/uploa...hp?threadid=53
Printable View
an interesting arguement raised to support hackers.
http://www.iainpb.co.uk/forums/uploa...hp?threadid=53
I wish I knew how to hack :(
Spose I'd need linux and a f(ph)at book on networking if I wanted to get anywhere.
:(
youd need Unix (preferably with Root access), an intimate knowledge of Win 2000, Win NT , Unix, tcp/ip...
LoL, as much as some hackers would say you need it, you really don't. Just a telnet program, and maybe a good port/ip scanner. Then you can go on the net and read tutorials, and you can hack really easy. It's not as hard as some hackers would say it is.Quote:
Originally posted by Brian
I wish I knew how to hack :(
Spose I'd need linux and a f(ph)at book on networking if I wanted to get anywhere.
:(
Yeah but:
I don't have a clue how to hide/spoof my IP address
I only have a small idea how TCP/IP works
and if I get caught I'll be very ........ed off.
are there any servers up atm for legal hacking for me to practice on?
ur absolutely right
most hackers (try talking to them on yahoo or irc) would have you belive they are super intelligent beings, this is a massive cover up. The truth is with a few tools anyone can hack.
my standard discussion about hackers can be found on the security forum on www.iainpb.com
Just point me to some tutorials on hacking. Most I've seen have been so-called hackers babbling on about how good they are. Do you know any good tutorials?
I want to hack because:
*I'm curious.
*I want to know how it's done.
*I want to know how it's done to me.
*Sounds like fun.
Alright, Brian, people aren't BORN hackers. They have to learn. Just go on to www.google.com, and search for hacker tutorials.
>>I don't have a clue how to hide/spoof my IP address
I only have a small idea how TCP/IP works
and if I get caught I'll be very ........ed off.<<
LoL, I didn't even know what these were when I started to learn how to hack. Most hacking isn't done illegally. Just go on to a wargames server. People set them up, and you are suppose to try to hack them. Hacking is so simple, all you REALLY need is telnet, which comes with every Windows release. You don't even need a port/IP scanner, although it makes things easier.
Generally, hackers usually don't identify with Virii and Trojan Horse writers, nor do most do anything illegal. You probably won't get caught if you just stay within the bounds of the law.
Hmm I don't know about wargames servers...I'm on a my win2k laptop, directly plugged into the phone line, no firewall (not even zonealarm). It is fully patched though :D
well actually...with tools you basically become a tool yourself...stay away from tools except for the occasional portscan....
Brian, you're making me laugh: "If I get caught...", "I don't know how to spoof..."
Really, I don't know how to spoof my IP either, and as long as I don't do something illegal what am I gonna get caught for? And most admins won't bug you so long as you don't portscan their computers.
Yes, there are servers for you to test your stuff on. Do a search or something. Go to http://happyhacker.org I remember there were some links to servers there somewhere...
>>Hmm I don't know about wargames servers...I'm on a my win2k laptop, directly plugged into the phone line, no firewall (not even zonealarm). It is fully patched though<<
YOU don't get hacked in wargame servers, but you try to hack the server.
Sorry if I sound like a script kiddie.
I guess I am in a way. But I'm pretty new to this, so give me a break please. I misread the bit about the wargames servers, again, sorry.
hooking up to a server run by hackers sounds like an invitation to disaster to me, especially if your not using a firewall.
I'm getting quite good at sockets now, so I see no need for pre-made SK tools. I'm not gonna sink that low :)Quote:
well actually...with tools you basically become a tool yourself...stay away from tools except for the occasional portscan....
no firewall!!!
thats like going freefalling without a parachute.
you should always be behind a firewall.
Wargames servers are great - they are basically set up as sacrificial servers to which you attempt to gain access(sometimes to complete a particular hacking task or sometimes just to get in)
I agree with ken - dont become a tool. learn how to get in with as few tools as possible - netstat and telnet are two of your best friends
If you start hacking remember the golden rules
*Always use a firewall
*only stay on the network or remote computer as long as you need to.
*dont destroy - its pointless
*report security problems to the admin when you leave
*use an ip anonymizer
*enjoy it
_
I am not a hacker, i am a network explorer.
:D That's what I was thinking, just finished downloading ZA Personal now. Or I could connect through my redhat box...Quote:
Originally posted by Edge
hooking up to a server run by hackers sounds like an invitation to disaster to me, especially if your not using a firewall.
Tell me something, what is so "cool" about hacking or that other thing: making a virus or a trojan horse.
I just don't get it. (I'm not talking about wargames server here).
I would use my knowledge about tcp/ip and sockets for constructive reasons, keeping hackers out.
An other thing. You're all programers here, did any of you ever make any spyware and released it on the web? if so, why?
So you have to be on the bad site first?Quote:
From a post (by Atepfmh)on iain's website
they do not realise that most hackers develop into being security professionals and are the furture of computer protection against hackers.
Lets all create some virii and start hacking-> No more uninploymentQuote:
From a post (by Atepfmh)on iain's website
they provide millions of jobs globally for virus scanner authors, firewall authors
Am I the only one here that doesn't like hackers?
It makes you wonder if most virus's are actually released by companys making virus protection software.Quote:
they provide millions of jobs globally for virus scanner authors, firewall authors
firstly - i would like to distance myself form those quotes above - they were made by a guest on my site not myself.
I dont mind hackers - hackers dont do damage - they look around networks and report problems.
However i do have problems with crackers (people who hack and then cause damage), virus writers, trojan writers and the like. Most of these are kids who have a few tools.
Maes, I think you have the wrong view on hackers. Although there are many(MAY I REPEAT MANY) hackers that just do totally bad stuff, there are also many that do good. I agree with the fact that virii and trojan horse writers all are stupid, but they should not be representing hackers.
>>firstly - i would like to distance myself form those quotes above - they were made by a guest on my site not myself.
Yes, I know that. I just wanted to say wher I got it from. Otherwise people would say:"huh ... where did that came from
(I'll edit my post)
Heh, maes you have hacker and cracker switched around in your head somewhere...
hackers don't do the damage...crackers and kiddies do...
actually, programmers are also considered hackers...
Hey, I'm going to be strictly white-hat.Quote:
Originally posted by maes
>>firstly - i would like to distance myself form those quotes above - they were made by a guest on my site not myself.
Yes, I know that. I just wanted to say wher I got it from. Otherwise people would say:"huh ... where did that came from
(I'll edit my post)
i support white-hat hackers completely - it is harmless fun and benefits the administrator.
though some sysads still dont like it and will mail you abuse for informing them of security problems.
hehehehe.
Those silly overpaid admins.
>>Maes, I think you have the wrong view on hackers
If you break in to a system that isn't yours or you don't belong there, why is that a good thing. But like I said, I don't mean the wargame servers. If you're allowed to try and get in that is fine, if the admin says you can try, go a head and have fun. But if the admin doesn't want that: stay out, don't try.
Hackers get in secured networks but don't do any damage right?
What if this hacker looks at some confidential data like creditcard numbers.
We had a 'hacker' in Belgium and he called himself RedAttack. He got in to a bank(I think it was a bank, not sure) and he published some accounts to let the admins know that it wasn't safe, what if you were an owner of such an account?
If I was an admin, I wouldn't want any one on my network that doesn't have to be there.
Then you're screwed :DQuote:
Originally posted by maes
We had a 'hacker' in Belgium and he called himself RedAttack. He got in to a bank(I think it was a bank, not sure) and he published some accounts to let the admins know that it wasn't safe, what if you were an owner of such an account?
White-hat = good, helpful hacker.
Black-hat = evil, illegal, malicious hacker (as seen in the movies).
Quote:
Originally posted by maes
>>Maes, I think you have the wrong view on hackers
If you break in to a system that isn't yours or you don't belong there, why is that a good thing. But like I said, I don't mean the wargame servers. If you're allowed to try and get in that is fine, if the admin says you can try, go a head and have fun. But if the admin doesn't want that: stay out, don't try.
Hackers get in secured networks but don't do any damage right?
What if this hacker looks at some confidential data like creditcard numbers.
We had a 'hacker' in Belgium and he called himself RedAttack. He got in to a bank(I think it was a bank, not sure) and he published some accounts to let the admins know that it wasn't safe, what if you were an owner of such an account?
If I was an admin, I wouldn't want any one on my network that doesn't have to be there.
Still, a whitehat wouldn't do that...
Just about every true whitehat hacker will tell you a cardinal rule is to NEVER, EVER, EVERRRR break into a system without permission. With that bank account guy, he violated that. He broke in.
As a hacker I've never broken in without permission. Ok, so I've played around with a port or two, but nothing hairy and nothing that can get you in trouble. There's absolutely nothing wrong with portsurfing to find something interesting, and if you see a potential flaw, you get a major urge to check it out...first you'll probably want to send an email to the admin of the system warning him of the flaw. If he gives you the go-ahead to check it out, then delve on. If you get the email back saying "thank you, I can take care of it from here" then beat it.
Pretty simple stuff. Also, who's so stupid as to even attempt cracking into a bank and then publish, to the admin, from your own email address, what you've done...Even if he was just helping out what he did was wrong. It's the equivalent of someone staging a fake robbery to check out the physichal security.
Maes, I completely agree. No hacker should hack into a server that does not explicitly allow access to that person, no matter what they intend to do. What if they accidently find some credit card accounts, and they find that they can easily edit them to give themselves a LOT of money, and they can't be traced. Well, I doubt that it's very easy to overcome this temptation.
Also, what if you come over some classified company information? Then you realize that it will affect your best friend negatively. Are you going to tell your friend? If you do, you will be breaking ethical codes, by revealing confidential information, that wasn't even yours.
Hackers should only hack servers that they have explicit permission to hack into.
>>you're all wrong, how about that? (yes iain...you're wrong!
hmm, it was me who posted that ;)
>>Just about every true whitehat hacker will tell you a cardinal rule is to NEVER, EVER, EVERRRR break into a system without permission
like I said before: If you're allowed to try and get in that is fine, if the admin says you can try, go a head and have fun. But if the admin doesn't want that: stay out, don't try.
>>first you'll probably want to send an email to the admin of the system warning him of the flaw. If he gives you the go-ahead to check it out, then delve on.
How many times will that happen. What kind of admin will let an unknow person on the internet check out an fault in his security
>>Pretty simple stuff. Also, who's so stupid as to even attempt cracking into a bank and then publish, to the admin, from your own email address, what you've done
He didn't mailed it with his own address. If I remember correctly, it lasted a few weeks before they could catch him
>>Black-hat = evil, illegal, malicious hacker (as seen in the movies).
I liked hackers.
...
...
No sorry, I liked Angelina Jolie in Hackers:p
fair enough, i just dont see the harm of someone just looking and not touching.
>>>>you're all wrong, how about that? (yes iain...you're wrong!
Actiualy that was not me who posted that sentence, it was KEN, but I think what he ment was:
you're all wrong, how about that? (yes maes...you're wrong!
Right:confused: ?
the reason why I think that is because he quoted me and have put that sentence under it, so I think it was ment(sp?) for me
But he has deleted it know so it doesn't matter any more. So iain, it wasn't me who said that and I doubt it was ment for you;) because you and Ken seems to having the same points of view
hmm, an interesting, intelligent and refreshing view expressed by "da-l33t-won". read it, its well worth it.
security forum at www.forums.iainpb.com
I can kinda understand not being mad about being hacked non-destructively, but - wouldn't you be a little mad if you found someone poking around on your computer, even if they didn't hurt anything?
My computer is like my house. You try to come in without my permission and I will use all my ability to keep you out, or track you down and go crazy ape s*** bonkers at your ISP.
Hackers don't only go where allowed. The whole point is to be able to go where others can't.
If you have a DSL/cable look at you firewall report. Bet you have been sniffed in the last hour.
>>youd need Unix (preferably with Root access),
Or XP, both have raw sockets with root access. Both can launch SYN attacks without third party drivers. (unfilterable high speed floods attacks)
Ok, I don't really know what you're talking about but, you said something about XP, and I just got that myself, so is XP easier to hack or easier to hack from than any other Windows before it?
Yes.
To keep it backward compatible M$ decided to include raw sockets (without Win2000 priveliges to stop all apps gettting root access). In other words an system where the Admin is not present to restrict a programs ability to manipulate data or the OS.
Raw sockets can use the IP layer bypassing the TCP shell.
When your computer wants to establish a connection thru a port, you send a SYN packet, the server responds with an ACK+SYN and you return them to finalise the connection.
Now you can send the smaller SYN packet, spoof the IP and at the other end the computer is sending both SYN and ACK packets that it will have to wait for them to run out of TTL (time to live). As it has to send more than you, and wait for your response to its ACK, you can easily flood it off the net. Not possible as far as I know to filter them out as you would a DDoS / DoS, especially as you can easily change the spoofed IP.
IP spoofing is possible but harder under Win2000 (though there are skripts available).