On 6/30/06, Reynolds, Joseph R <[EMAIL PROTECTED]> wrote:
Question for everyone on the board? I have been reading the posts over the past few weeks, and am wondering how the heck you guy discover these vulnerabilities. Granted, I am still very new to the IS world, but I cannot begin to understand how you discover weaknesses. After reading these posts, the explanation always makes since, but are you guys actively seeking weaknesses, or just happen to come across them? Also, are there any good "Hacking" books that I could read? I have had a Hackers Tool and Techniques class at school, but all of the programs are very outdated, like l0phtcrack, JTR, ethereal or wireshark, and such. I am looking to actually enter systems or find ways to enter systems and understand the weakness that allows it so I can avoid it later. Thanks everyone. Joseph K. Reynolds Systems Support Analyst - Intermediate Enterprise Rent-A-Car Email JR Reynolds 314-512-2370 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Two kinds of hackers: 1. Homemade hackers, typically loners with social problems who spend their time infront of computers to feed their social stimulation via the international wide area network. They have so much free time that they've learned how to hack on their own steam. Because of the lack of social background, advanced users in this group, have the time to discover and research ground breaking security and penetration techniques of major vendors, with a real threat to the single mom and retired couple commmity, as well as a threat to corporate and government interests. 2. The guy who went to high school past grades, have friends, socail circles, go out and live a great life. They all of a sudden decide they want to goto university, they goto a computer science course dedicated to ethical hacking, where they learn the in's and out's of hacking corporate infrastructure. They often post to the internet on college computers, showing off skills they've just recently learnt by the lecturer, (Matthew Murphy, *cough*) and get full media coverage by all the major security outlets (*cough* Robert Lemos). This is of course a great mis justice to the real people who dedicate their entire social and educational life to the subject as noted in example 1. Additionally - Theres always going to be a balance between home made hackers (example 1) and manufactured hackers (example 2). Finally - The very fact you've asked the question you've stated leads me to believe you fall into example 2, as someone who falls into example 2 would never post this kind of message to the international WAN security community, respectively. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
