The "Linux Server break in challange" posting has generate interest for newcomers and experienced security professional who read and post their finding and comments.

I'm consider myself a beginner in security and self learner (googling and readiing books) and downside it take longer period of time but still reach ur goals

Of course there are security courses which u can attend but there are not cheap (RM7,000.00 - 10,000.00 > for 1-2 weeks by SANs maybe exam fee incl) unless sponsor by ur company. Or attend conferences (RM400-800 for 1 or 2 days) get bits and pieces of IT security.

However, I would like share the things that I do as beginner who which to learn about IT security and hopefully experienced members posts their findings.

So where do a beginner start.....theory and concepts then OSS security tools such as nmap, tcpdump, dsniff,...etc.

I believe it begin with the theory aspect interconnecting computer why becos PC's today are on network either LAN or WAN connection.

OSI 7 Layers Model working mechnism and link hackers exploits to these 7 levers model.

SANs White Paper of OSI for Infomation Security

It will great just to post only the theory or concept of information security instead of the security tools used such as nmap, tcpdump, dnsiff, ethereal, hping2,....etc. which are next phase of this topic.

This post has been edited by debiankl: Mar 15 2005, 03:11 PM

tcp/ip is a must....learn how tcp and ip operates...the header structure...how is the structure....the weakeneses and the handshake method

tcp/ip protocal is an essential topic if any 1 wanna involve in the security field

Get Cisco Certified!!!

is it possible to get the company to pay for these course, these are really expensive stuff almost equal my annual salary

There this great book

The Protocols (TCP/IP Illustrated, Volume 1)
by W. Richard Stevens

highly rated by IT professional but cost ~ RM200

Anyone got a this books for sale (used)?

Here the link to TCP/IP protocol in relationship with ISO 7 Layers and TC/IP header structure.

TCP/IP Protocol (OSI / Header structure)

This post has been edited by debiankl: Mar 14 2005, 03:24 PM

Justify your cause of attending this course..given them a good reasons for human resource manager not to refused.

But want accepted company sponsor conditions, u may have sign a working contract 3 - 5 year with them and if resign within 3-5 yr then u either pay the company for purata sum of training fee or new employer pay for u.

Justification? how about infecting the human resource manager's pc with virus and them stage some "security incident" on the server?

anyway i am more interested in RHCT\RHCE, if i am not mistaken security will be part of the course.

This post has been edited by robertngo: Mar 14 2005, 09:48 PM

"There more than on ways to skin a cat" as common quote. I think financial loss to company can justify the cause though and sometime your superior support can counts.

RHCE does not specialised on security so it cover the surface of security if that u need then go for it.

n00b here.. what is the best method in using the theories learned ? I mean, how can we apply it ? Especially if I'm not living in a big networking environment, but got networking at home and hostel (between friends)

by working in the relevant environment.

Err.. that's the problem.. i'm not working yet.. Better start looking for networking job

I think there are many ways to go about it, but I could though of two at this moment.

1. Join the hacker challenge announced on certain web site and this website give the list hacker challenge Hacker Games

2. Run a virtual machine(VM) on your PC, such as Xen an Open Source of VMWare but does not support Windows only Linux Distro will be released on the next SUSE version.
Other Linux Distro may have download the source and compile it.

Both does not required a networking environment... just stand-alone PC with ADSL connection if u choose for join hacker challenge and Xen software for virtual machine (VM) with multiple Linux Distro.

Xen Virtual Machine

This post has been edited by debiankl: Mar 15 2005, 10:35 AM

Actually, just as Kevin Mitchnik says, Security is not all about just the technical stuff. Having an administrative facist as part of the security team may be a nightmare, but may do wonders when it comes to enforcement of policies.

Why is policy enforcement important? Well, I've personally walked right into the datacentre of a local bank just like that a few years back, with one joker there practically asking me which machine do I need him to provide me with admin access to! Best part was that he actually believed me when I told him where I'm from (I was telling the truth lar, but he didnt even bother to verify)

Biggest threat may not come from remote user but within an organisation. Social engineering method of getting information about password and access are much cheaper than using high technology equipments and tools. That the reasons why security audit is so important.

I have a experience in a goverment agency where i can freely into the server room and no one is there to monitor what i am doing. the server room is not lock when there is not body inside and the some of the computer is still logged in with root accout.

True attacker hides his identity...but then in yur scenario they know who yur are and company u work for. If there is any systems being hacked then first suspect is u then would u risk it by provide info about system passwd to third party.

Thanks for the url.. playing it now

Do let us know if have sucessfull complete the challenge.

wah... the hacker games so freaking hard... i think i'm not a hacker quality leh..... head ache now...

Frankly I tried some hacker challenge months ago but only to reach only to level 2 of 11 and realised I am sooo far behind. But never give up becos its good challenge

So you tried .... good attempt and it make sense that being a security professional (aka CyberCop) are very will respect in the IT Industry and well paid too..should you intended to be your next career advancement.