Re: Intro To Hacking

[Radiant Matrix <radiantmatrix () gmail com>]

On Fri, 15 Oct 2004 14:11:57 -0500, Jason Dusek <jason-dusek () uiowa edu> wrote:
> Hi,
>
> I have built a web server and I would like to practice hacking it remotely. Are
> there any tutorials or a good introductory book that takes one step by step
> through the process of 'owning' an unsecured box? Here are the stats:

You must realize that most security folks would be reluctant to trust
that you actually controll this machine legitimately.  Also, I would
set up a secure lab environment to practice your intrusion skills
(which, I will assume, are desired as a path to learning how to
prevent others from accomplishing them).

 -[snip]-
>    No firewall
>    On a university network

This combination is extremely dangerous both technically and legally. 
If you can compromise the machine, so can others.  And, if they use
this machine to further compromise the University network, you could
land yourself in serious trouble with the Uni and maybe with the law.

Since you suggest that you have University resources at your disposal,
I would approach the chair of your Comp Sci department and explain
what your goals are.  If this is appraoched as a research project, the
University is likely to help you set up what you need without risking
their network -- and without exposing you to liability.