Security Basics mailing list archives
Re: Intro to Hacking
From: Jason Dusek <jason-dusek () uiowa edu>
Date: Tue, 19 Oct 2004 20:26:32 -0500
I have recieved a lot of emails like this. The IT Security office of my university has already contacted me, and they have informed me that I will suffer student sanctions if I am caught pen-testing the box. So that settles that.
_jason Edmund wrote: > Jason Dusek wrote: >>> I have built a web server and I would like to practice hacking it remotely. Are there any tutorials or a good introductory book that takes one step by step through the process of 'owning' an unsecured box? Here are the stats:
>> >> FreeBSD 4.10 (not updated for about a month) >> Default security profile >> Apache 2 >> PHP 4.3.8 >> No SSI >> No firewall >> On a university network > > > > > *WRONG* decision, Jason. This is one thing you should never do. Even if the > machine is yours, you are doing this under a University environment. If you have> permission from the university(I doubt it), then proceed with caution. But since
> you are just 'beginning', I would suggest you basically hook up two computers> where-ever you are and do a small network. Then from one, hack the other. Do not connect it to the university network.
> I like learning myself, but I wouldn't even dream of doing this in a university > network, unless I'm interested in getting in trouble. > Just my $0.02. > >
Current thread:
- Re: Intro To Hacking, (continued)
- Re: Intro To Hacking xyberpix (Oct 20)
- Re: Intro To Hacking Andrew Smith (Oct 18)
- Re: Intro To Hacking Jason Dusek (Oct 18)
- Re: Intro To Hacking Andrew Smith (Oct 18)
- Re[2]: Intro To Hacking Jeffrey S. Sims (Oct 20)
- Re: Intro To Hacking Jason Dusek (Oct 18)
- RE: Intro To Hacking David Gillett (Oct 18)
- Re: Intro To Hacking Edmund (Oct 19)
- Re: Intro To Hacking Radiant Matrix (Oct 20)
- RE: Intro To Hacking Young, Randy (Oct 20)
- Re: Intro To Hacking randori . (Oct 20)
- Re: Intro to Hacking Jason Dusek (Oct 20)