Penetration Testing mailing list archives
RE: Aspiring Pen-Tester Seeking Advice
From: "ep" <captgoodnight () hotmail com>
Date: Thu, 9 Aug 2007 14:55:29 -0800
For hardware, lets not forget about routing and switching :) Invest in a cisco lab, say a couple 2950 switches, couple routers 2620s and a couple pixs. Grab a copy of yersinia, cain, ettercap, hydra, goto http://www.phenoelit-us.org/. Learn to beat the hell out of the protocols. Poking routers and switches is so key to a proper pentest. Dare I say, gain a deep knowledge of routing and switching, go study for a ccna, ccsp, ccnp. Wall paper is nice, but if the motivation is education, and not decoration, then this wall paper is honest and there's much to learn from it. It's been more than a few that the egg didn't crack until we whacked a router or hopped a vlan. You'll find, more times than not, all it takes is one nugget and the network just unravels in your hands :) Uber important, breathe routing and switching. It makes everything else clearer. (flame suit on) Majority of workstation/server testing is mundane and circus trickery; of course there's exceptions... Application and infrastructure testing is truly a art. My 2 cents, good luck. CG -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Ryan Sent: Wednesday, August 08, 2007 4:04 PM To: pen-test () securityfocus com Subject: Aspiring Pen-Tester Seeking Advice Hello all - long-time lurker, first-time poster, I'm about 2 quarters away from finishing my education (majoring in network security and systems administration), and I'm currently interning at a company, doing monitoring IDS and SOX compliance. I've always been interested in security, and now that I've got some spare time I would really like to start getting prepared for a potential position doing penetration testing. My school offers a few courses in security, however I've always been of the mind-set that it's better to explore it yourself than try to have someone teach it to you. That being said, I was wondering if anyone would be kind enough to give a novice some helpful pointers on how to get started. I've downloaded VMware and I've got a Windows XP, Ubuntu, and shortly a Fedora Core 7 VM - I also plan on downloaded Windows Server 2003 with my MSDNAA license. I've downloaded a copy of BackTrack2 and I'm in the process of trying to turn that into a VM as well. I installed nmap on both systems, as well as nessus, and soon metasploit. I've played around with the former a little bit at work (I must say, it's the most amazing tool I've used - not that I have much experience). I'm really interested in getting into the 'hacker' mindset and walking through the steps they use to find, conduct, and cover-up their attacks. Surely, it's not all point and chick, and I'm having a little difficulty getting into the groove. I was also hoping the more experienced users might suggest a few tools to check out first (I've already bookmarked the sectools.org list but there is just so many). Additionally, can anyone suggest a bunch of good books to read pertaining to penetration testing? Someone recommended Counter-Hack, and another person said Hacking Exposed, as well as a few others. All that being said, are there some limitations of VM that I should be aware of when conducting my research? I would be very interested in seeing if there's a way to get router and network-like functionality from a VM since it would seem like currently VMware is essentially acting like a hub and a lot of the attacks (ARP spoofing, etc) don't seem possible the way I've currently got it implemented. I know there is a "Basics" mailing list, however since I am interested specifically in pen testing, I figured it was probably more appropriate to post to this list. If I am incorrect, then I apologize. If not, then thanks in advance for tolerating my noobiness and for helping out an aspiring pen-tester! Best Regards, Ryan ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Aspiring Pen-Tester Seeking Advice Ryan (Aug 08)
- Re: Aspiring Pen-Tester Seeking Advice Security Guy (Aug 10)
- RE: Aspiring Pen-Tester Seeking Advice Serge Vondandamo (Aug 11)
- RE: Aspiring Pen-Tester Seeking Advice ep (Aug 10)
- Re: Aspiring Pen-Tester Seeking Advice rajat swarup (Aug 10)
- Re: Aspiring Pen-Tester Seeking Advice Joel Jose (Aug 11)
- <Possible follow-ups>
- Re: Aspiring Pen-Tester Seeking Advice krymson (Aug 11)
- Re: Aspiring Pen-Tester Seeking Advice Peter Manis (Aug 11)
- Re: Aspiring Pen-Tester Seeking Advice Security Guy (Aug 10)