Backtrack 5 Tutorial

[strakar]

Hello to everyone, i'm writing a little tutorial about backtrack which i hope that could be useful to anyone who wants to learn more about network security and to my self which im learning it and i also want to do it so i dont forget about some important concepts.

So far i've made a brief explanation about WPA and WEP, showed some tutorials about how to get WEP (open sys and shared key) and WPA/WPA2 passwords using aircrack-ng and also with pyrit on WPA

I'm also writing now about TLS/SSL, what is it and SSL Striping.

I would like some one to tell me more things that i should search for and put it on my tutorial, like things they think its important.

What i want to do is to focus on types of attacks that could happen in your own network, would like to make tutorials about how to do that type of attack and the countermeasure against it.

Thats the idea, show to attacks but also show how to make harder someone to break your network, since there is no 100% safer network.

Hope i could post the tutorial here when im finished

Thanks

[ShadowMaster]

Add MITM attacks using arpspoof and ettercap. Also add SSlStrip and fake ssl stuff.

[M00kaw]

I think it's a really good idea to write some tutorials on how to use backtrack. You'll learn a lot by writing it - and you get to educate others...
Im kinda curious - do you plan on writing down the theory behind TLS/SSL and SSL-Stripping ? the same question goes for the wireless hacking as well..

What I often miss, when I read tutorials is some theory / explanation on WHY and HOW does ssl-strip actually work...

I hope you get my point...

Best regards

M00kaw

[shadowzero]

Good luck, that's a big undertaking considering there are hundreds of tools and different ways to accomplish the same thing. Some things to think about: Are you just covering tool use, or are you including a pentesting methodology of some sort? How will you decide which tool/technique to use when attacking a certain vulnerable service (ie: metasploit all the way, or some other included script, or both)? Are you going to talk about "why" and "how" a certain technique works or just the tool that exploits it (ie: why/how does SQL injection works, or just jump straight to using the sqlmap tool)?

[strakar]

Well as i'm a beginner i will write about what i learn. For example, i learned some ways of hacking wep and wpa by reading and watching how, and im writing my own tutorial with what i learn. As I'm learning I'll writing about it on my tutorial. It will take a while because i really want to make a good thing out of it.