Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Network Security, some questions

  1. #1
    Junior Member Polorboy's Avatar
    Join Date
    Mar 2010
    Posts
    25

    Default Network Security, some questions

    I just got the book, Hacking The Art of Exploitation Second Edition, by Jon Erickson. I was wondering if anyone else here has that book, what they think of it? I am finding it very informative, my only problem is that the live cd does not want to boot, it keeps saying it can't find the config file. I sent a email to nostarchpress and they sent me a link to the torrent for the iso but it is still doing the same thing. I noticed that it is trying to boot into a old version of Ubuntu, version 3 or 4 I think. I have been trying to do the examples from Ubuntu (9.04) and I downloaded the source code from the publishers website. I am just getting different "results" than he is in the book. I only just started it, so I am only on the first example, but he says that you have eax, pcx, edx, ebx, esp, ebp, esi, and edi as the first eight pointers in the register but when I run the same command in ubuntu I get completely different names for those registers. I get rax, rbx, rcx, rdx, rsi, rdi, rbp, and rsp as my first eight. I can pretty safely guess that they are the same as what he is referencing in the book. Have any of you guys who have this book run into that same issue? Is what I am seeing in Ubuntu the normal way to see that stuff or is what is in the book the normal way? Anyway, I am trying to really learn how all this works and hopefully someday I can apply it in a job, yes trying to prevent hacking or security testing. I have no plans of using this information in a "harmful" way. I guess you could say I want to be a white hat, not a black hat . What kind of got me really insterested is my professor apparently used to be a black hat a long time ago and he has really encouraged me to get into it.

    I have tons of questions about it actually. I am taking classes and working in the IT deptartment at my school, and a lot of the guys I work with keep telling me that network security is increadibly hard. They keep saying that essentially one screwup and your out of the business forever. I kind of find that hard to believe. First, you probably almost never work alone on something like that, and there is no such thing as perfect security. it is staying on top of things and making sure that you constantly check and update your security to stay ahead of the game. Anyway, what are your guys opinions on that stuff too?

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Dear goodness your whole life story in one post.
    Slow down mate you'll get there faster if you do.
    Yes we have heard of the book, but that means nothing. This forum is about the Backtrac distro, yes it is based on ubuntu but it is not ubuntu in that you do need to know something about linux in order to get anywhere. Yes security is hard, yes you may be alone. Yes you may work on a top-secret or difficult project and be all alone in the world. Sometimes things like that happens.
    Stick around and read the forums and then read some more. Read everything.
    And then re-read it.
    Also one thread per topic is generally the "norm" not as above.
    Also if you have other questions then you better learn google-fu'
    Not many people will spoon feed you.

    Good luck
    and
    RTFM
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  3. #3
    Junior Member
    Join Date
    Apr 2009
    Posts
    43

    Default

    What is your computer processor?
    That will determine what your registers are called

  4. #4
    Junior Member Polorboy's Avatar
    Join Date
    Mar 2010
    Posts
    25

    Default

    Well, thanks for the sarcastic response. Who ever said anyone wanted to be spoon feed? As far as I am concerned the only stupid question is the unasked one. If you don't like that I asked your guys opinion or that I even asked a question at all, then just ignore my thread. You still didn't answer my question though. I was not trying to through words around or look impressive. I got the book because i want to learn, I frankly could not care less if anyone else has heard of it. I was just wondering if anyone had, and what they thought of it. I feel that what I said could all fit under one general topic, I am reading the book, looking at the possibilities of getting into the field in the near future, so why not ask. I am also sorry if you can't handle more than one topic at a time. Also, my life story? Far from it, you want my life story you can buy the book when I publish it, it will be in several volumes. I also never said anything about sitting in a dark room working on top secret military security projects. I actually know some guys who do that, and no they do not work alone, that much I do know. So, more than one topic, I had about two, you brought up several. Honestly, if your not going to answer my question and try to help me out then don't bother posting anything. i am not an idiot and I don't treat other people like they are, so I do not expect to be treated like one.

    For Wolfbane:
    I have Intel Penryn T9300, so I am guessing that is why my registers are different. Is there any way I can find a list or document that tells me which are for what? Or will they be in the same order, just different names?

  5. #5
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by Polorboy View Post
    As far as I am concerned the only stupid question is the unasked one.
    You obviously havent spent very much time around Internet forums...

    Quote Originally Posted by Polorboy View Post
    If you don't like that I asked your guys opinion or that I even asked a question at all, then just ignore my thread.
    That doesn't work, if you don't visibly enforce forum standards then the forums quickly get flooded with rubbish messages and clueful participants leave.

    Quote Originally Posted by Polorboy View Post
    I am also sorry if you can't handle more than one topic at a time.
    If you cant keep your threads centered on one particular topic and free of extraneous information (like your hopes and dreams) it makes it seem as though you have problems focusing your attention and organising your thoughts.

    People who cant focus normally don't take on board suggestions very well. Whether this actually describes you or not I don't know, I can only go by what I read. And after I read your initial post, I lost interest in replying even though I could comment on all of what you were asking about. This is because it was just going to take too much time to respond to, and I wasn't sure you would appreciate the answers because the lack of focus displayed in the writing of your posts made me question the amount of effort you had put in to the problem. If you had asked the questions individually I would have responded differently.

    Sticking to one subject per thread is good advice, Ive given it myself a number of times. You should do it if you want to get good responses.

    Quote Originally Posted by Polorboy View Post
    Honestly, if your not going to answer my question and try to help me out then don't bother posting anything. i am not an idiot and I don't treat other people like they are, so I do not expect to be treated like one.
    Funny that you say that you don't treat people like idiots, because that's exactly how I interpreted your "handle more than one topic at a time" comment above.

    Anyway, I don't think you were actually treated like an idiot, others who have made mistakes here have been treated much worse. Really the worst thing you can do when a senior member of a forum points out (fairly politely) that you have made a faux pas is to complain about how you have been mistreated.

    Its a fair bet that archangel.amael knows better than you do what the normal standard of behavior is here, and if he mis-steps Im sure another senior member will take him to task about it. I dont think he has though, I think he has tried to help you (perhaps a little gruffly, but I cant say I would have been much nicer had I chosen to respond) and you've just been rude in response.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  6. #6
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by Polorboy View Post
    i am not an idiot and I don't treat other people like they are, so I do not expect to be treated like one.
    So far you haven't been. As for you machine not booting, did you check the md5? That sounds an awful lot like a borked download.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  7. #7
    Junior Member Polorboy's Avatar
    Join Date
    Mar 2010
    Posts
    25

    Default

    I really am kind of surprised at what has taken place here. I asked a simple question, add a little bit extra info, and people get annoyed by it?

    I was expecting to be dealing with people who are professionals and treat each other as such. Granted, I am new to this particular forum, I am not however new to forums in general. I am an active member in several dozen other forums and I have never ever treated someone like this. At least I can give lupin some credit for trying to clarify things for me. This is just down right rediculous. Who ever said I didn't have a system that would not boot, I am on this forum correct? That must mean I am using a computer, and by that logic I must have a computer that works? Anyway... I am guessing that I am not going to get any help whatsoever from anyone on these forums becuase a lot of you seem very impressed with yourselves and feel someone like me is "below" you and you therefore cannot help. My other post in the newbie forum, I have yet to get a reasonable response. All I got there was that my post didn't make sense and I was pretty much told to start from scratch. Well, I went ahead and tried to explain what I meant, included the tutorial I was following, and nothing. A lot of you guys probably think your some kind of "l33t hakzor" or what ever you want to call it. I have no delusions of grandure, I know for a fact that I know little to nothing about this and I want to learn. It seems though that every time I have tried to get a question answered here, it is either I didn't word it properly or someone just doesn't like my question. That is just to bad. I have no tolorance for people who think they are better than someone else, for what ever reason. If we are going to try to impress people here, how about this, I am ranked in the 88th percentile (top 13 percent if you don't know what that means) in the US for cognative ability, my IQ (last I tested it) was 145, I currently have a 4.0 GPA in college going for my second degree. That gets me nothing though, I know people who would make 99% of you guys here look like complete idiots, they make me feel like a complete moron. I am not impressed by someone's status on a web forum, if they are a senior member, or what ever they are anywhere. I am impressed by how people handle themselves interacting with others. How a person treats others. Ever heard the saying "Do to others as you would have them do to you" ? I am really annoyed and kind of shocked at the reaction I have gotten. This thread has gone completely in the wrong direction because people are more concerned with how I worded a question or that I had two somewhat similar questions, rather than trying to answer at least one of them. You know a better response could have gone something like, this is an answer to one of your questions, if you want to ask something else, put it in a new post, thanks. Would that have been so hard to write? Instead of trying to belittle me and make me feel stupid? Could a mod please close this thread and/or delete it, it is not going to go anywhere, and is completely pointless.

  8. #8
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by Polorboy View Post
    I really am kind of surprised at what has taken place here. I asked a simple question, add a little bit extra info, and people get annoyed by it?

    ... <blah, blah, blah> ...
    Every forum has their own etiquette, and the RE Forums rate about average for security forums. Frankly, your first post in this thread was ill-conceived, and the other two posts add up to "WMPH!" You may not be impressed with the others here, but consider the fact that neither are impressing anyone that you are worth responding to with any detail.

    May I suggest you read this: http://catb.org/esr/faqs/smart-questions.html It may help you in the future. Good luck.
    Thorn
    Stop the TSA now! Boycott the airlines.

  9. #9
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    @Polorboy

    I think you're overreacting to this a little. No one was trying to belittle you or treat you like an idiot, and responding like this is not exactly going to win anyone over to your cause. You need to learn to take constructive criticism a little better, and not go off the handle at every perceived slight .

    In addition, the multiple insults towards other forum members are not appreciated. You know - that we think we are "l33t hakzor", that we are very impressed with ourselves, that we would look like complete idiots compared to some of your other acquaintances, and that we think we are better than others.

    You claim that you want to act professionally, and that you believe in treating others the way you want to be treated. Insults don't fit well with either philosophy Im afraid.

    And the thing about not respecting senior members? Well this is kind of a like a "respect your elders" type of thing. Different communities have different standards, and those standards are often best understood by those who have spent the most time. It shows respect towards the others in the community to follow their standards when you join them. Coming in to a community, rejecting any advice given about how to properly conduct yourself, complaining about how you are misunderstood and then telling others how it should be and how they should behave does not respect the standards of that community. Its rude.

    You also should understand that Internet based forums are meritocracies. We don't care how smart you are, how many degrees you have, or what you have done in the world. We care about how you conduct yourself, and we determine this by the way you post. If you ask intelligent thoughtful questions you will get intelligent thoughtful responses. And if you insult people, complain and generally act up, you'll get treated like an immature teenager who needs a lesson in etiquette.

    The link provided by Thorn is a good one which I have also referred people to, and I suggest that you read it.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  10. #10
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by Polorboy View Post
    I just got the book, Hacking The Art of Exploitation Second Edition, by Jon Erickson. I was wondering if anyone else here has that book, what they think of it? I am finding it very informative, my only problem is that the live cd does not want to boot, it keeps saying it can't find the config file. I sent a email to nostarchpress and they sent me a link to the torrent for the iso but it is still doing the same thing. I noticed that it is trying to boot into a old version of Ubuntu, version 3 or 4 I think. I have been trying to do the examples from Ubuntu (9.04) and I downloaded the source code from the publishers website. I am just getting different "results" than he is in the book. I only just started it, so I am only on the first example, but he says that you have eax, pcx, edx, ebx, esp, ebp, esi, and edi as the first eight pointers in the register but when I run the same command in ubuntu I get completely different names for those registers. I get rax, rbx, rcx, rdx, rsi, rdi, rbp, and rsp as my first eight. I can pretty safely guess that they are the same as what he is referencing in the book. Have any of you guys who have this book run into that same issue? Is what I am seeing in Ubuntu the normal way to see that stuff or is what is in the book the normal way? Anyway, I am trying to really learn how all this works and hopefully someday I can apply it in a job, yes trying to prevent hacking or security testing. I have no plans of using this information in a "harmful" way. I guess you could say I want to be a white hat, not a black hat . What kind of got me really insterested is my professor apparently used to be a black hat a long time ago and he has really encouraged me to get into it.

    I have tons of questions about it actually. I am taking classes and working in the IT deptartment at my school, and a lot of the guys I work with keep telling me that network security is increadibly hard. They keep saying that essentially one screwup and your out of the business forever. I kind of find that hard to believe. First, you probably almost never work alone on something like that, and there is no such thing as perfect security. it is staying on top of things and making sure that you constantly check and update your security to stay ahead of the game. Anyway, what are your guys opinions on that stuff too?
    Quote Originally Posted by Polorboy View Post
    Well, thanks for the sarcastic response. Who ever said anyone wanted to be spoon feed? As far as I am concerned the only stupid question is the unasked one. If you don't like that I asked your guys opinion or that I even asked a question at all, then just ignore my thread. You still didn't answer my question though. I was not trying to through words around or look impressive. I got the book because i want to learn, I frankly could not care less if anyone else has heard of it. I was just wondering if anyone had, and what they thought of it. I feel that what I said could all fit under one general topic, I am reading the book, looking at the possibilities of getting into the field in the near future, so why not ask. I am also sorry if you can't handle more than one topic at a time. Also, my life story? Far from it, you want my life story you can buy the book when I publish it, it will be in several volumes. I also never said anything about sitting in a dark room working on top secret military security projects. I actually know some guys who do that, and no they do not work alone, that much I do know. So, more than one topic, I had about two, you brought up several. Honestly, if your not going to answer my question and try to help me out then don't bother posting anything. i am not an idiot and I don't treat other people like they are, so I do not expect to be treated like one.

    For Wolfbane:
    I have Intel Penryn T9300, so I am guessing that is why my registers are different. Is there any way I can find a list or document that tells me which are for what? Or will they be in the same order, just different names?
    Quote Originally Posted by Polorboy View Post
    I really am kind of surprised at what has taken place here. I asked a simple question, add a little bit extra info, and people get annoyed by it?

    I was expecting to be dealing with people who are professionals and treat each other as such. Granted, I am new to this particular forum, I am not however new to forums in general. I am an active member in several dozen other forums and I have never ever treated someone like this. At least I can give lupin some credit for trying to clarify things for me. This is just down right rediculous. Who ever said I didn't have a system that would not boot, I am on this forum correct? That must mean I am using a computer, and by that logic I must have a computer that works? Anyway... I am guessing that I am not going to get any help whatsoever from anyone on these forums becuase a lot of you seem very impressed with yourselves and feel someone like me is "below" you and you therefore cannot help. My other post in the newbie forum, I have yet to get a reasonable response. All I got there was that my post didn't make sense and I was pretty much told to start from scratch. Well, I went ahead and tried to explain what I meant, included the tutorial I was following, and nothing. A lot of you guys probably think your some kind of "l33t hakzor" or what ever you want to call it. I have no delusions of grandure, I know for a fact that I know little to nothing about this and I want to learn. It seems though that every time I have tried to get a question answered here, it is either I didn't word it properly or someone just doesn't like my question. That is just to bad. I have no tolorance for people who think they are better than someone else, for what ever reason. If we are going to try to impress people here, how about this, I am ranked in the 88th percentile (top 13 percent if you don't know what that means) in the US for cognative ability, my IQ (last I tested it) was 145, I currently have a 4.0 GPA in college going for my second degree. That gets me nothing though, I know people who would make 99% of you guys here look like complete idiots, they make me feel like a complete moron. I am not impressed by someone's status on a web forum, if they are a senior member, or what ever they are anywhere. I am impressed by how people handle themselves interacting with others. How a person treats others. Ever heard the saying "Do to others as you would have them do to you" ? I am really annoyed and kind of shocked at the reaction I have gotten. This thread has gone completely in the wrong direction because people are more concerned with how I worded a question or that I had two somewhat similar questions, rather than trying to answer at least one of them. You know a better response could have gone something like, this is an answer to one of your questions, if you want to ask something else, put it in a new post, thanks. Would that have been so hard to write? Instead of trying to belittle me and make me feel stupid? Could a mod please close this thread and/or delete it, it is not going to go anywhere, and is completely pointless.
    I got through about the first 0.3% of the first paragraph.

    ($Free$) advice: invest in <p></p>'s or <br />'s -- people will be more inclined to read your posts that way.
    dd if=/dev/swc666 of=/dev/wyze

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •