LOL.. took me a while to settle Ma's Reversing riddle (the first one).. it was fun when i got the answer.. going to settle the second one now..

just now found a security flaw in my server dns, the default setting of bind anyone to get zone for the server

the default setting look like this

zone "example.com" IN {
type master;
file "example.com.zone";
allow-update { none; };
};
a attacker can get all the machines in your dns record, if u use dhcp every machines in the network will be visible to the hacker.

# dig example.com axfr @10.1.1.1

; <<>> DiG 9.2.2-P3 <<>> example.com axfr @10.1.1.1
;; global options: printcmd
example.com. 86400 IN SOA example.com.
tom.yahoo.com.example.com. 2004011823 10800 900 604800 86400
example.com. 86400 IN A 10.1.1.1
example.com. 86400 IN NS ns.example.com.
example.com. 86400 IN NS ns2.example.com.
Ftp example.com. 86400 IN CNAME example.com.
mail.example.com. 86400 IN CNAME example.com.
ns.example.com. 86400 IN A 10.1.1.1
ns2.example.com. 86400 IN A 192.168.128.3
webdav.example.com. 86400 IN CNAME example.com.
www.example.com. 86400 IN CNAME example.com.
example.com. 86400 IN SOA example.com.
tom.yahoo.com.example.com. 2004011823 10800 900 604800 86400
;; Query time: 3 msec
;; SERVER: 10.1.1.1#53(10.1.1.1)
;; WHEN: Sun Jan 18 22:31:32 2004
;; XFR size: 12 records

it is easy to lock down this problem by specifying the ip that are allow to do zone transfer, u must set this on the all your master and slave dns server.

zone "example.com" IN {
type master;
file "example.com.Zone";
allow update { none; };
allow-transfer { 192.168.128.3; 127.0.0.1; 192.168.128.25; 10.1.1.1; } :
};

then the dig command will get no result

# dig example.com axfr @10.1.1.1

; <<>> DIG 9.2.2-P3 <<>> example.com axfr @10.1.1.1
;; global options:printcmd
; Transfer failed.

i use the dig command randamly on some website and found some of then does not have zone tranfer lock down, see if your server is protected.

Good info .... but there more exploits on BIND then zone transfers and the following are the list of exploits on BIND

BIND Exploits.

Should consider using DJB's DJBDNS instead i think much less security flaws.

DJB's DNS (from Guru of Qmail)

If pass second level, then u will lead this topic forum..

OMG, that means it is really2 hard.. damn, just when i'm starting to have some fun

if ya ask me, a hacker is different from a network specialist if ya look harder....a hacker is some programming guru that finds and exploits flaws in a program/software and a network specialist is one that knows how data transmission works and knows how to manipulate that transffering data and knows how to prevent them as well as able to indentify any of these activities happening in his vicinity of responsibility

a hacker can also be a great network specialist when ure toking bout hackers that hack from a remote site but then there is those that can still consider as a hacker even they're not good in networks...an example...pretty easy....those who hack legit software and distribute them as warez....a network specialist on the other hand doesn't relli need to be an expert programmer and some which has sucky programming skill

In summary a hacker has both skills, expert in programming (C,C++,Assembly...) and netwoking (protocols, ISO layer, sniffing, firewall, IDS, crytography....). They used their skill to find exploits in programs such as buffer overflow, stack-based overflows, and writing shellcode. And lots more I think.

While network specialist does best on network design, switches, and router but he don't find exploits on the programs and neither he could develop programs too.

As I put a hacker (aka Security professional) are high rated and respected individuals and well paid too.

Accept it as a setback and do not give up... research more, join their forum (may provide u with hints but not answers) and google more often

yeah.... i'm on the game for
http://www.daedlaus.com/cgi-bin/sk00l/

but i'm stuck at level 2 coz i donno where to learn to decipher the code.... damn

10:00pm today

OK, Just register myself to "Basic Challenge" games. Be right back ...

10:10pm today

Got through level 1 and 2 password for "Basic Challenge"

So, does playing wargames really helps you learning how security works ? Is it based from real hacking ?
The onlly wargames I played are hackerslab.org and fatetek.net. It taught me more about linux command but I dont see the point or anything that related to security. Anyway debiankl, thanks for the link although I dont quite understand it, but at least it gave me some brief idea bout layer .

My question is, what is Xen?

So here is the answer from the given link :-

Xen is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with unprecedented levels of performance and resource isolation.

Does it use for a box that has more than 1 OS ? Looking at the screenshot, it has FC, FC2,Knoppix and suse on the same desktop.
http://www.cl.cam.ac.uk/Research/SRG/netos...hots/index.html

Im interested,but not sure if I should try it

that is never a problem. there's plenty of avenue for you to prepare yourself. for example, you can take a part time job at your college to do technical support. some things are not that obvious, doing support this early can help you learn how to deal with users and understand their mindsets. hacking is the wrong way to become security professionals, at least at this stage of your academic life. you want to [blearn[/b] how to become professional, then find work in a professional environment. that's the only way. you cannot sit in front of your PC running nmap and metasploit and then claiming yourself to be somewhat good hacker or kitchen sink. it is way more than just the technicalities. and it is more than just being able to differentiate between business and security needs.

security-related cert is important, more important to your potential clients than yourself actually. CISSP and SANS GIAC are decent vendor-neutral certifications (they used to be two of the best). CEH and CNSA are imho practically useless certifications. having a good cert or two inspire confidence in part of your clients. small businesses don't really care actually.

books are extremely important. use them to supplement the internet resources. there's plenty of excellent security-related books out there. just go to fatbrain or amazon and check out the reviews. avoid e-books. e-books are just too cheap. no one read e-books to learn, only to gloat with your pda or mobile phone.

security mailing-lists such as security focus basics is good starting point and you can move on further on your own accord. i started subscribing to sf-basics about 3 years back and still day in day out till this very hour i keep learning new things and interests. don't have to start with so many lists, one or two are sufficient.

This post has been edited by ihsan: Mar 17 2005, 11:12 AM

The screenshot does give some idea of how Xen works, multiple OS on a single PC without having multiple partitions. It's not dual boot

An alternative to VMware (commercial) but will not create VM of Windows as only limitations. Or there another VM call UML (User Mode Linux)

Depends on ur Linux distro, on Debian (testing aka Sarge) I hve to apt-get it, but if u can wait for Novell SuSE next release with Xen. No much details provided though..

Always R&D on non-production system, Xen all developers to test programs on VM should anything happend to that VM it wouldn't hangs the system and just restart the hanged VM to recover.

Gameplay are form of challenges that simulate ur thinking becos each time a new games released comes with various exploits some are know to public and other created by game designer. So the more you play then more exploits knowledge gain and it not against any law. It another way to make friends to hacker gurus on the forum and learn a few tips and tricks. Most of the top hackers are scouted by security firms to assist and developed better programs.

Try hacking any website or server, u may landed into legal trouble despites u can request permission to do so but will they give it to you unless u are recognised or respected security consultancy firm.

The more I play the more than just linux commands, security tools and it about learning the weakness in programmers/web programmers to name a fews and there are more..

About OSI 7 Layers, I will get back to u later..

well all i know i had some exposure to cryptography lor... hehehe