Security Basics mailing list archives
Re: Pen-Testing New Server - Where to start?
From: "Serg B" <sergeslists () gmail com>
Date: Wed, 14 Nov 2007 13:03:58 +1100
Unless you want to start reading source code (recommended) and hunting for some 0-days I suggest thinking a little higher than the underlying server infrastructure. For example, you can enumerate services (name, version number, etc) and search for some exploits that could work on those ports. Also try some default usernames and passwords, etc. Common configuration errors are always fun. Brute forcing is not going to teach you much so in my opinion you could skip that all together. In regards to "thinking higher" (most of the time this is how an attacker gets access) you could smoke a joint (thinking higher, get it, get it, ha-ha) and enumerate user-land applications (i.e. those running on the HTTP port) and try to exploit them. Remember that gaining access does not necessarily mean you are going to execute an exploit and you're in. XSS and session hi-jacking could very well get you an account, as well as phishing, etc. So look for all vulnerabilities, not just those that you saw in Hackers (movie). Great starting points in my opinion are: Learn to program (strongly recommended if you don't know already). C (at a minimum) Java/C# (pick one, same shit) Python/Perl/PHP (pick one, depending on what you want to do). Read www.owasp.org (reference section). Cheers, Serg On Nov 14, 2007 7:56 AM, Security <security () gridrunners com> wrote:
Hi, I'm new to the InfoSec industry and would like to try my hand at penetration-testing (and securing) a new server I've set up at home. Seeing as I've set up the system, I know all the usernames/passwords used on the box, as well as how everything is set up, but I'd like to approach this as an outside user, pretending that I have none of this information. I want to try to gather information, form an attack plan, and attempt to crack the system from scratch, so that I can later on go back and secure the system against those attacks. Here's the information I can assume I'd know, from basic enumeration: The server is running Ubuntu v6.06, with the following services: ftp http (apache) smtp pop3 irc (hybrid) ssh When setting up the system, I followed the following tutorial (almost to a T... though I did a few things different): http://www.howtoforge.com/perfect_setup_ubuntu_6.06 Since the system is on my local network, I know there's only one IP I've got to worry about, and this is the only target machine. Any ideas where I should start? What information might help? Thanks. ~Xor
Current thread:
- Pen-Testing New Server - Where to start? Security (Nov 13)
- Re: Pen-Testing New Server - Where to start? Serg B (Nov 14)
- Re: Pen-Testing New Server - Where to start? Security (Nov 14)
- Re: Pen-Testing New Server - Where to start? Serg B (Nov 14)
- Re: Pen-Testing New Server - Where to start? Security (Nov 14)
- Re: Pen-Testing New Server - Where to start? crazy frog crazy frog (Nov 14)
- <Possible follow-ups>
- Re: Pen-Testing New Server - Where to start? theosdguy (Nov 14)
- Re: Pen-Testing New Server - Where to start? none (Nov 14)
- Re: Pen-Testing New Server - Where to start? rohnskii (Nov 14)
- Re: Re: Pen-Testing New Server - Where to start? adrian-lazar (Nov 14)
- Re: Pen-Testing New Server - Where to start? krymson (Nov 16)
- Re: Pen-Testing New Server - Where to start? Serg B (Nov 14)