Full Disclosure mailing list archives
Re: Hacking Boot camps!
From: "wilder_jeff Wilder" <wilder_jeff () msn com>
Date: Wed, 23 Nov 2005 08:04:25 -0700
I went to a " Hacking Class".. it was put on by the infosec institute... The class was written and delivered by a Jack Koziol, one of the authors of The Shellcoder's Handbook: Discovering and Exploiting Security Holes. The class I took was Advanced Ethical Hacking... it was AWESOME!
It was a great class... but by no means did I get edumacated to bill myself as a hacker. I went at it from the perspective of .. what are tje script kiddies using, so I can secure my network.
ANyway... my story is this...the night before I flew out to Washington for the week class... I bought a black ball cap, I thought I kinda knew what I was doing.. and thought :D its my own little joke. I showed up in class wearing my " Black Hat"... and at the 10:00 break I went back to my room and never brought it back. I came to realize... I was really not that good.. and really knew very little. Be skared... be very skared!
-Jeff Wilder
CISSP,CCE,C/EH
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT/CM/CS/O d- s:+ a C+++ UH++ P L++ E- w-- N+++ o-- K- w O- M--
V-- PS+ PE- Y++ PGP++ t+ 5- X-- R* tv b++ DI++ D++
G e* h--- r- y+++*
------END GEEK CODE BLOCK------
From: Barrie Dempster <barrie () reboot-robot net> To: Valdis.Kletnieks () vt edu CC: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Hacking Boot camps! Date: Wed, 23 Nov 2005 09:19:23 +0000 MIME-Version: 1.0Received: from lists.grok.org.uk ([195.184.125.51]) by mc9-f2.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 23 Nov 2005 02:02:44 -0800 Received: from lists.grok.org.uk (localhost [127.0.0.1])by lists.grok.org.uk (Postfix) with ESMTP id CC760BAD;Wed, 23 Nov 2005 10:02:14 +0000 (GMT) Received: from reboot-robot.net (unknown [80.68.92.188])by lists.grok.org.uk (Postfix) with ESMTP id D4690B60for <full-disclosure () lists grok org uk>;Wed, 23 Nov 2005 10:02:04 +0000 (GMT) Received: from reboot-robot.net ([80.68.89.187] helo=localhost.localdomain)by reboot-robot.net with esmtp (Exim 4.50)id 1EetBc-0007aJ-G0; Wed, 23 Nov 2005 11:53:16 +0000X-Message-Info: JGTYoYF78jGaN2BY8SXhJWMEN2U+YSgHaU7eR/nE9vs= X-Original-To: full-disclosure () lists grok org uk Delivered-To: full-disclosure () lists grok org ukReferences: <42ae3eb60511221329r7ecdde64hb21a87b25c42f242 () mail gmail com><2be58a30511222036o6a7dcef0gec82a49936ffbedf () mail gmail com><200511230457.jAN4vQcf017606 () turing-police cc vt edu>X-Mailer: Evolution 2.4.1 X-BeenThere: full-disclosure () lists grok org uk X-Mailman-Version: 2.1.5 Precedence: listList-Id: An unmoderated mailing list for the discussion of security issues<full-disclosure.lists.grok.org.uk> List-Unsubscribe: <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists grok org uk?subject=unsubscribe>List-Archive: <http://lists.grok.org.uk/pipermail/full-disclosure> List-Post: <mailto:full-disclosure () lists grok org uk> List-Help: <mailto:full-disclosure-request () lists grok org uk?subject=help>List-Subscribe: <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists grok org uk?subject=subscribe>Errors-To: full-disclosure-bounces () lists grok org uk Return-Path: full-disclosure-bounces () lists grok org ukX-OriginalArrivalTime: 23 Nov 2005 10:02:45.0026 (UTC) FILETIME=[0CD60820:01C5F015]On Tue, 2005-11-22 at 23:57 -0500, Valdis.Kletnieks () vt edu wrote: > Keep in mind that 98% of systems are nailed by either automated worms or> people running canned stuff. Just because it's not "real hacking" doesn't> mean it doesn't actually work in practice. Quite right, the majority of security incidents dealt with by administrators (the guys that have a use for these courses) are the automated/canned/known attacks, so for people in that position an understanding of these attacks is extremely important for their own network defense. These courses usually market themselves to the guy looking to understand how systems are compromised. They are most useful for pen-testers that rely on vulnerability scanners and the sysadmin looking after his network. For the guys writing the exploit code and figuring out to work around things like ProPolice and DEP these courses won't help - no matter how in depth they are, because figuring these sort of details out doesn't require any knowledge you can be taught in a classroom, it requires dedication and in most cases addiction to the task. There definitely is a market and a value in these courses as they raise the general security awareness of network administrators. A common question among guys working in these sort of roles is "How do I get to do that cool security stuff", the sad thing is the fact that they don't already know the answer means they probably will never be any good, as the most important part of it is ingenuity and initiative as well as the dedication/addiction mentioned above. The common mantra used within this sort of training is "think like an attacker". My opinion is if you have to be taught that, you can never think like an attacker, because the attacker doesn't have to focus his thoughts he is always, automatically, looking for a way around/over/under/through. The guy trying to think like an attacker is focusing on his adversary when the real focus should be his systems, because that's where the attackers focus is. -- With Regards.. Barrie Dempster (zeedo) - Fortiter et Strenue "He who hingeth aboot, geteth hee-haw" Victor - Still Game blog: http://reboot-robot.net sites: http://www.bsrf.org.uk - http://www.security-forums.com ca: https://www.cacert.org/index.php?id=3
<< smime.p7s >>
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Hacking Boot camps!, (continued)
- Re: Hacking Boot camps! InfoSecBOFH (Nov 23)
- Re: Hacking Boot camps! Dude VanWinkle (Nov 23)
- RE: Hacking Boot camps! Edward W. Ray (Nov 23)
- RE: [inbox] Re: Hacking Boot camps! Exibar (Nov 25)
- Re: [inbox] Re: Hacking Boot camps! InfoSecBOFH (Nov 25)
- Re: Hacking Boot camps! InfoSecBOFH (Nov 22)
- Re: Hacking Boot camps! Valdis . Kletnieks (Nov 22)
- Re: Hacking Boot camps! Barrie Dempster (Nov 23)
- Message not available
- Re: Hacking Boot camps! pagvac (Nov 23)
- Re: Hacking Boot camps! wilder_jeff Wilder (Nov 23)
- Re: Hacking Boot camps! coderman (Nov 23)
- Re: Hacking Boot camps! InfoSecBOFH (Nov 23)
- Re: Hacking Boot camps! InfoSecBOFH (Nov 24)
- Re: Hacking Boot camps! Marco Ermini (Nov 25)
- RE: [inbox] Re: Hacking Boot camps! Exibar (Nov 25)
- Re: [inbox] Re: Hacking Boot camps! Disco Jonny (Nov 26)
- RE: [inbox] Re: Hacking Boot camps! Exibar (Nov 28)