Home Blog Forum St Neots Local Visiting Music Songs Guitar SanNeo Band Extreme Surfing Cycling Exploring Computers Security Code Webdesign Food n Drink Recipes Wine Beer Computer Security Why would anyone be interested in computer security? At the deep end of computer security it can be a hell of a mental workout. After fuzzing a program and then bouncing exploit code around all over the place your head can feel like you've woken up with Mike Tysons Tiger in your bathroom. Getting started - Really it's all about reading, the more you learn the more you'll acomplish in any field but particuarly with computers. There really is no limit to the amount of information you can take in and process. So much in internet security goes full circle. Exploits are discvoered which are caused by the same bad code that people were exploiting ten years ago. A classic white paper is 'smashing the stack for fun and profit'. Probably not for the absolute beginer but the sooner you can get your head around this the sooner you'll be writing your own remote roots. Fuzzing - fuzzing is the art of blowing up computer programs by throwing all sorts of malformed and oversized data at them. If you are going to get into fuzzing you really need to be writing your own programs to fully understand how they work. Exploit Development - I use metasploit because it's just so simple and meterpreter is great. Look at the source for one of the exploit modules and it'll read like a book. New methods such as the SMB2 jump technique are well documented and it's under constant development. With metasploit being written in Ruby it's easy to integrate scans and fuzzing techniques using the framework as a... framework I guess. Wireless security - WEP is dead, burried and should only be talked about in history books. WPA2 PSK seems to be the standard at present and I've read that it should be unpenetratable for the next 20 years. Um. Challenge. There's already well documented dictionary attacks on the protocol. This relies on the password being in a dictionary/hash file. Research continues... Backtrack - If this was about when I was 16 I would have learned at four or five times the rate I did. It's a phenomenal collection of tools all built into a bootable operating system that has taken the security world by storm. Roll on backtrack 4 stable.

Copyright 2009