hi all i need some advice i want learn to be a hacker i dont mean the sort that hack computer i want learn how they do this tho so i can become a security expert what the best way to go about doing this is there course that show u all this is tehre anywhere online i can learn i want learn as much as i can about hacking and security any help be very nice many thanks

I went through that phase once

Astalavista.com

what did u do

Hehe all geeks probably go through this phase

Just read as much as you can if you are really interested in this. Having a good understanding of computers and how they work is what you're after. You need to know how networks work (protocols etc), how computers work (memory management, permissions etc) and such. To be an expert in this field means you must have a knowledge in a large spectrum of topics.

Just don't think that you can read a book and think "Today I'm going to hack my friends computer and I'll be really cool!", because it won't happen.

Read Chris's post twice, that's exactly what I wanted to say but couldn't be bothered to write it!

Just geek out as much as you can buying programming & hardware magazines and, yeah, learn how software works. There are loads of tutorials around - not just a single one.

Enjoy

Yeah I Get That I Try Read As Much As I Can But I Dont Know If Wht Im Leanring Is Any Good To Me I Also Brought Alot Hacking Ebook Off Eaby Some The Stuff Makes Sense Some Dont Is There Any Sort Course U Can Do To Learn This Sort Stuff How Do Security Experts Become Experts There Must Be Certain Stuff You Got Know. How Do I Know What This Stuff Is

I also agree with Chroder.

Computer security is a huge topic and you won't learn it overnight. You need to know a lot of things, like Chroder said, things like low level programming, protocols on all layers of the OSI model, all sorts of bits of software, networking, routing, etc...

The university of Edimborough (I think it's that one - it's a Uni in Scotland anyway) has recently become the first to offer a degree in hacking. I'm not sure of the details of it though.

The other thing you might be interested in if you want to know about hacking is 'Social Engineering' - it's the other, non-technical side of hacking which usually plays a major part in most big hacks - it's the art of tricking people into doing things they wouldn't normally do, usually by getting them to beleive you're someone you're not. I've just finnished reading a book by Kevin Mitnick called 'The art of deception' - I highly reccomend it if you're into that sort of thing, some of the stories in it are jaw dropping.

Ahh, the art of deception, I remember it well. Some of the stories are a little outdated, but it's a great read!

My advice is stop looking for the perfect, single tutorial that'll teach you everything and just get on with it and learn. And no, I'm not recommending that book.

And before anybody else mentions it, stop capitalising every word you strange person!!!

I think Mitnick is over-rated. most of his "hacks" were just him getting away with lying. phones someone up and says "hi, Im like, some guy from your work place, What is your password?", He was a clever guy, But comparing social engineering and hacking is like comparing mugging with safe cracking.

Hackers don't become hackers, They just realise it one day. That means people don't set out to be a hacker, They just eventually learn enough about something to make it do things beyond what is in the instruction manual. So it's not going to happpen unless you first become an expert at firewalls, operating systems, programming and protocols... And by then the idea of getting into your friends XP box and making his computer beep or print porn everytime he turns it on will be the last thing on your mind.

I don't like really like making hackers sound like ninjas or monks, I always cringe when people say things like "Hacking is a state of mind" as if you can develope expertise by meditating.

It's about knowing a lot about computers, That's all really.

I've read both of Mitnick's books (not sure if you were aware, he also has the Art of Intrusion), interesting enough.

I wouldn't really agree that hackers are made by mistake. I'm sure there are many that are, but I think lots of 'em out there consciously made the choice to seek knowledge about computer security. There is knowledge that comes as a consequence of knowing other things. For example, I've been a web developer for years and this in turn has gained me knowledge about servers, which in turn has gained be knowledge about *nix, which has taught me some security issues and tricks etc etc. But this doesn't mean that if I wanted to become a security analyst that I could only learn these things by mistake.

If you honestly want to go into this field, then you have to start somewhere. Perhaps I am a little bias, but I'd suggest learning how to program C on *nix machines and get a general idea about how the Internet works (read into TCP/IP, routing etc).

Of course, we're all using the term 'hacker' very loosely here (so please no one spout that garbage about hackers/crackers terminology ).

yeah ive always been intresed in learning how hackers do what they so mainly to protect my self from them there is alot to learn i know im not goona learn it all in one night but it sumthink i really want learn the main problem i have got is where to start with so much information out there it hard to pick a starting point i got some course of ebay that meant to teach u the basic i think of security and it explain how to they do a bios attact also explain how trojans work and how to get ip address from msn and so on but i dont really know where to go from there i want learn as much as i can and i find the main probley is trying find a security expert who can guide me does anyone know any big companies in the uk that are good at computer security maybe i can email them ask them how u go about it

Something you could do is buy an old pc , install an outdated version of linux on it, Install a bunch of mail servers,ftp servers and apache, Set it up on your lan and try to get into it.
Learn some perl too and write your self an SSH brute force script.

It can be fun.

You could even enter it into one of the legal hacking competitions (when it's back up) and try to root some boxes yourself, It's perfectlly legal, or set up a honeypot. There are also sites with Hacking Challenges that will help you learn how to secure your websites and write secure scripts.

Quote:

I've read both of Mitnick's books (not sure if you were aware, he also has the Art of Intrusion), interesting enough.

Yeah, I'm in the middle od that one.

stOx - Social Engineering isn't as easy as it seems compared to actually doing a physical hack. Usually they go hand in hand, it's not as easy as calling someone up and asking someone for their password just like that. Comparing it to mugging/safe cracking is apples & oranges. When you're hacking, you have an objective, and you use all the tools available to you to acheive that objective.

I was in an interview last night, and the subject of computer security came up - I mentioned Social Engineering and that user education was a big part of computer security, and they were well impressed - apparently all the previous interviewees had only talked about tech stuff when asked about security.

It wouldn't really be considered hacking, Even though it is a big part of raising awareness of network security. Social engineering is more appropriate if the OP was looking to get into corporate espionage and credit card fraud.

A security audit was done on a companies network recently. All of thier software was upto date, No traffic was allowed in unless authenticated, Everything seemed fine.
Then one of the security guys doing the audit scattered 100 keyring USB drives around outside the office which had a bunch of photos on it and a backdoor/keylogger. At the end of the day he had controll of 30 computers in this network, Each one was emailing him with a log of that days activity and the passwords for every account that was logged into from them computers.

So if you are educating the ignorant about network security social engineering is something that should be explained to them, But it's hardlly soemthing the hacker would need to spend very long learning. He would spend his time learning how to elevate user accounts once hes in, learning how to write buffer overflows and most importantly learning how to navigate in a linux enviroment using command line.

yeah i think teaching people about what to look for is a good idear i mean i knwo laods people who jsut accept images and everyhtink over msn could easily send them a trogan and they would not have a clue i think alot people dont understnd how much information a hacker can get once he is in your system and to make it as safe as possible that mainly one the reason i want lean to teach others and show people or have not got a very good idear about computer what they doing as i think big companys have the moeny to pay for security experts but people at home dont and have no idear what they could be letting there self in for

One of the main problems with home users... I must of heard this a MILLION times in the past.

"I don't need to worry about computer security. There's nothing on my computer worth hacking into."

If you have a processor and an internet connection, your computer is worth hacking.

Last week down the pub my mate come out with that exact phrase.
People don't realise that hackers aren't going to be looking through their computer for holiday snaps or secret government documents. They are looking to install an SMTP server, proxy server or a DDoS bot.

Then when it happens, they complain that their computer is full of crap and running incredibly slow...