Government Security
Network Security Resources

Jump to content

Newbie's Please Read.

port scan
  • Please log in to reply
95 replies to this topic

#1 Guest_Jay_*

Guest_Jay_*
  • Guests

Posted 01 August 2003 - 08:55 AM

If you reading this for the first time and i haven't said hi "HI and welcome to GSO."As we are growing in size i think alot of the same question's will keep coming up so i thought i would post a newbie resource to get you all started.

Why hack.

Because it's kool and your going to meet load's of birds,get laid,and then show of to your friend's.Well don't bother starting.We all have our personal reason's,maybe to get a better job to secure your our network's,exploration and beacuse it's brilliant fun and you will meet a good crowd from all over the world.

How to start.

If your new to all of this like i was i would take a few day's and read all the past post's specially in this forum.Also check out one of our affliate's Blackcode.com.Generally just read all the past post's in the newbie section so you can at least get a feel of what's it all about.
Reasearch your question.It's more than likely to have been answered somewhere on the net.YOU must learn to use Google to find the info and also rember to use our site's search facilty.There's ton's of it out there.Remember you will not make any friend's by posting a question which had just got answered in a previos thread.

Your Machine.

It's more than likely that you will be starting out with some kind of window's machine.You will often hear that Linux is the hacker's choice but as your only just starting don't worry you can still learn alot.

Hacker tool's

I recommend going to SecuirtyFocus.com and to the tool's section just to read up what's out there to get a general idea.

The first thing you will need is a portscanner.NMAP is the no1 but as it run's on Linux you will have to use some of the other's.

SuperScan by foundstone. A fast realiable port scanner.One i often use.

LanGuard Network scanner.This will detect share's,remote OS,exploit's and Dictionary attack agaisnt SQL server's. I liked the old model but since they have realeased this version i have found it doesn't always detect window's share's.

IPEYE is a command line port scanner (downside is that it only work's on XP and 2000)

FSCAN from FoundStone. Another command line port scanner which also doe's UDP scans

There are many more portscanners out there but the above are the one's i use.

The Law.

There are many Government agencies out there watching every move so remember the best way to learn is by securing your own computer and then possibly get together with your friend's and build a network or get them to try and hack your machine and vice versa.Check out the atricles section for how it's done.


I want to learn to programme which language is the best.

The most common one's out their are Visual Basic,C,C++,Java,Perl,Assembler,and Python.For the record i can't programme and i plan to start this autumn.I decided to start with Python beacuse the general opion say it's the easiest.

Good Luck.

Note to all member's.My finger's are hurting and come tomorrow going to lose my connection for a while.As i said before i would like this thread to be a good introduction for newbie's so if you have any good link's and basic articles re Telnet etc etc(rememer when you where new) can you post them.Many thank's.

#2 woutiir

woutiir

    Corporal

  • Sergeant Major
  • 161 posts

Posted 01 August 2003 - 09:14 AM

Hello Novice Becoming Hackers,

Allitle add-to-jay's-'article'..

You have hackers and you have hackers, i'm not gonna tell who's who since there alot of articles about that (script kid, hacker, blackhat, whitehat etc etc).
My point is, scripts kids act other then hackers.

From a hackers view you should learn a programming languages, alot of text files say you shouln't start with C but i think that is bullshit, you should start with C and put some effort in it, it's not a piece of cake, make some small programs, just hussel around a bit with loops, pointers etc, they are the most important parts of your coding life.

Then get into socket programming, if you really want to do something on writing port scanners hijacking ip spoofing etc, get into raw socket programming, tutorials can be find at the internet.

Then read all the articles on BOF's (Buffer Overflows) preferable read the first few articles in your maiden language, will easy things up since you need to change your way of thinking a bit. Then start to read more and more articles about them, and understand them all.

When you did that you can try and make your first exploit with the help of the tutorials, just find a advisory and download the version that is vulnerable with source, search for default functions like strcpy sprintf etc etc (will be talked over in the tutorials).
And be happy with your first exploit!

And ofcourse, when you have problems etc, just post 'm on this forum there will be ppl around that will help you, trust me :)


Hmmm , maybe this is a bit to indepth for this topic afterwards, but i didn't know at while i was typing this :)

Anyway, do with it what you like.

One footnote:
Try linux. If you're new and got probs with linux just do this:
Get VMWare, legal or illegal i don't care, just get it :) Then install Knoppix (can bet gain at www.knoppix.org and play around with it, if you like it just install it perm (YES ITs POSSIBLE TO RUN A DISTRO FROM ONLY A CD!! that's what knoppix makes so beautiful :)) plus it's debian, which i personally like best..

I'm still using VMware in windows and then running knoppix at the vmware, it rox :) It detects everything, i almost ensure you that you'll like it :) (Errr, i don't but hey i'm trying to make you enthousiastic :))

Ok i hope this all helped a bit and was a decent ADD to Jay's topic...

Cya guys around ;)

Greetings,
woutiir

#3 Travis

Travis

    Specialist

  • Sergeant Major
  • 2,101 posts

Posted 01 August 2003 - 09:19 AM

I'll follow up here with a few links currently I'm in a little bit of a rush so there will be more added.

Encryption:
http://www.cs.auckla...ut001/tutorial/
http://www.cacr.math.uwaterloo.ca/hac/
http://www.cryptogra...rg/freecryp.htm

Linux:
http://www.linuxiso.com
http://www.linuxexposed.com
Linux Security Quick Reference Guide: http://www.linuxsecu...uickRefCard.pdf

Programming:
-C:
http://server11.hype.../c/f8564334.htm

Hacking:
http://www.governmentsecurity.org :D :P
http://neworder.box.sk/
http://www.astalavista.com

Hacking Lexicon:
http://www.robertgra...cking-dict.html

#4 shaun2k2

shaun2k2

    Staff Sergeant

  • Sergeant Major
  • 348 posts

Posted 15 August 2003 - 09:36 AM

A good way to go is books. Books are often better than online resources, here's a few examples why:

1) You can read when you're not at the computer.

2) The author puts in more time and effort, since they are going to make money with the book, whereas a text file author doesn't.

3) You can physically keep the book as a resource.

The list goes on.

Books I recommend getting are:

Hacking Exposed.
Hacking Linux Exposed.
Maximum Linux Security.
Maximum Security - Availiable to read online: http://docs.rinet.ru:8083/LomamVse/

There are MANY other good ones, such as programming books (you DO need to learn programming to be a "hacker"):

C++ for dummies.
Perl in a Nutshell.
C for Dummies.
C in a Nutshell.
C++ in 24 hours.
C++ in 21 days.

The list goes on...

www.amazon.com
www.amazon.co.uk

It is a good idea to learn a lot about Networking aswell.


Thank you for your time.
Shaun.

#5 Dillinja

Dillinja

    Specialist

  • Sergeant Major
  • 1,014 posts

Posted 16 August 2003 - 07:48 AM

And to add to what Shaun has said, I would recommend getting a good book opn TCP/IP such as TCP/IP Illustrated(<---------------excellent book! ;) ) or even TCP/IP for Dummies..to get started!

#6 Travis

Travis

    Specialist

  • Sergeant Major
  • 2,101 posts

Posted 16 August 2003 - 07:55 AM

And to add to what Shaun has said, I would recommend getting a good book opn TCP/IP such as TCP/IP Illustrated(<---------------excellent book! ;) ) or even TCP/IP for Dummies..to get started!

ahh ha ha ha ha I just picked up TCP/IP for dummies for 5 dollars (NEW) at a bookfair lol. I dunno Tap Dancing around TCP/IP isn't as fun as plumetting straight into it.

TCP/IP Illustrated (Part 1?) is probably the best series I've read on TCP/IP Protocols.

#7 Dillinja

Dillinja

    Specialist

  • Sergeant Major
  • 1,014 posts

Posted 16 August 2003 - 10:16 AM

Tap Dancing around TCP/IP isn't as fun as plumetting straight into it.


For Dummies did kinda skirt around the fringes of TCP/IP, but found it a great foundation for the "Illustrated" series. Just started vol 2, Id highly highly recommend it!

#8 Travis

Travis

    Specialist

  • Sergeant Major
  • 2,101 posts

Posted 18 August 2003 - 10:51 AM

I had previously browsed through the Illutsrated series before it and learned through other sources of the TCP/IP structure prior to reading dummies so maybe it was an operational problem. did things backwards :P

#9 linuxwolf

linuxwolf

    Corporal

  • Members
  • 173 posts

Posted 21 August 2003 - 09:52 AM

this may come as a bit of a surprise as a post but i'd like to point out to woutir that he isn't all that.
Woutir, what you have to do is grab some code, learn how it works and make a similar one in another language, dont assume your an almighty lord of the heat because you can compile and use a program someone else has laboured over.

#10 Dillinja

Dillinja

    Specialist

  • Sergeant Major
  • 1,014 posts

Posted 21 August 2003 - 10:40 AM

this may come as a bit of a surprise as a post but i'd like to point out to woutir that he isn't all that.
Woutir, what you have to do is grab some code, learn how it works and make a similar one in another language, dont assume your an almighty lord of the heat because you can compile and use a program someone else has laboured over.


Woooooooo there! Im not sure this is warrented! Unless Im mistaken, Ive never seen woutir assume to be anything other than helpful.

If Im missing something, forgive me. If this is something personal, perhaps carry it on with PMs?

#11 silos

silos

    Corporal

  • Members
  • 180 posts

Posted 21 August 2003 - 10:49 PM

BTW NMAP is available for windows as well. It's called NMAPwin.

#12 Alex Trust

Alex Trust

    Private First Class

  • Members
  • 77 posts

Posted 22 August 2003 - 12:48 PM

wow thnx for the info (all of you) I will start today ;). hmm that's a sweet suprize I know python never expected you can use that for hacking purposes.... :blink:

VM ware is a gud program worked with it in the past :D Had a tv card that wasn't working under XP so I used it 2 run a other OS on it ;) l8ter I found a xp driver so I gave up on VM Ware maybe i'll try it again to install linux.

what version of linux should be gud to start with?

greetz Alex Trust

#13 Guest_Jay_*

Guest_Jay_*
  • Guests

Posted 31 August 2003 - 01:38 AM

what version of linux should be gud to start with?


There are alot of different opinion's out there but a while ago i was reading a review aimed at the new user and i think SuSe just edged out Redhat while Mandrake was in the running as well.There wasnt much in it so it's mainly down to personal choice.

#14 Bread

Bread

    Private

  • Members
  • 19 posts

Posted 31 August 2003 - 02:20 AM

Two comments from me.

On the first, and original post - Please may and admin/mod edit it and place a comment about the negativity of learning VB as a first language. Visual Basic, or VB, isn't a very good place to start your programming experience - basically due to it's orginality. It is very different to other, more widely used programming languages like C and Perl. If you learn a languge like VB, then learning more advanced and difficult languages like Perl and C will be more of a struggle. I reccomend starting off with a language like Python, as it's structure and usage is similar to that of the more widely used languages Perl and C. If you start with Python, then you will find learning more useful and more difficult languages like the ones mentioned, much, much easier.

As for the reccomended distro of Linux for the 'n00b', I would reccomend the distro 'Knoppix'. Basically dude to the fact that the user does not have to commit themselves into a full install - as this version runs straight of the CD. It may not be the fastest version of Linux out there, (and that is for obvious reasons), but will give the user invaluable experience in using Linux without the commitment of the full, and sometimes daunting, task of installing Linux. (Ex. No need to format and partion your HDD, nor mess with those tricky settings..)

Hope I have been of some use, and that I have helped a few people out.

#15 Chris

Chris

    Specialist

  • Sergeant Major
  • 1,203 posts

Posted 01 September 2003 - 04:17 AM

sounds a bit lame i know but i started of with batch scripts, they can be very handy at times and you can do more than you think with them, but if you do use them compile them using bat2exe, the best thing is all it takes is notepad!

A quick search with google can bring up many useful sites try "advanced batch scripts"

Another thing that not many people explore is the built in "stripped down" vb editor in microsoft word, simple learning "hello world" programs can be made easily as can macros and some simple games, first prgram i made was a gambling machine that ran as a macro inside ms word just using the rnd number command





Also tagged with one or more of these keywords: port scan