Ethical Hacking and Penetration Testing

Discussion on ethical hacking and penetration testing subjects.

InfoSec Institute's most popular information security and hacking training goes in-depth into the techniques used by malicious, black hat hackers with attention getting lectures and hands-on lab exercises . While these hacking skills can be used for malicious purposes, this class teaches you how to use the same hacking techniques to perform a white-hat, ethical hack, on your organization. You leave with the ability to quantitatively assess and measure threats to information assets; and discover where your organization is most vulnerable to hacking in this network security training course.

Some of the instructor-led hands-on hacking lab exercises in this security training experience:

* Capture the Flag hacking exercises every night
* Abusing DNS for host identification
* Leaking system information from Unix and Windows
* Stealthy Recon
* Unix, Windows and Cisco password cracking
* Remote buffer overflow exploit lab I - Smashing the Stack
* Remote buffer overflow exploit lab II - Integer Overflows
* Remote heap overflow exploit lab III - Beyond the Stack
* Desktop exploitation
* Remote keylogging
* Data mining authentication information from clear-text protocols
* Remote sniffing
* Breaking wireless security
* Malicious event log editing
* Transferring files through firewalls
* Hacking into Cisco routers
* Harvesting web application data
* Data retrieval with SQL Injection Hacking
* Calculating the Return on Investment (ROI) for an ethical hack


Click here to learn more about the most hands-on Ethical Hacking course ever!

Monday, July 23, 2007

Bemoaning the death of Hacker Culture

Do you get the feeling that the information security industry has really changed the last 3-5 years? Remove the obvious: the industry is much larger, of higher public profile, and much better funded across the board. I would venture to guess, that way back when, say, in the dark ages of 1999, the primary reason people chose to get into the field of information security was to "live the Hacker Culture 24x7". To better define what I am talking about, let's venture over to linkspamopedia for a definition:

"In academia, a hacker is a person who follows a spirit of playful cleverness and enjoys programming. The context of academic hackers forms a voluntary subculture termed the academic hacking culture."

This is why I got into the security industry. I like to take things apart to see how they work, break things, and try to put them back together. After college, I could have easily gone the route (which was much higher paid and more high profile at the time) of a full time programmer. I chose to take a route where I would make less, but do much more interesting things on the job.

In 2007, I get the feeling that professionals are entering the information security field to become some sort of a "digital security guard". Let's check the definition again:

"A security guard or security officer, is usually a privately and formally employed person who is paid to protect property, and/or assets, and/or people. Often, security officers are uniformed and act to protect property by maintaining a high visibility presence to deter illegal and/or inappropriate actions."

I think there are too many InfoSec professionals looking at their job duties as sort of an IT rent-a-cop. Don't mistake what I am driving at here, I am by no means saying we do not need a monitoring function as part of a wholistic information security practice! Let's take an example to further illustrate my point, take the job of an IDS/IPS analyst.

As a subscriber to the Hacker Culture School of Information Security, if I get an IDS/IPS analyst job, the first thing I am going to do is take my IDS/IPS equipment apart. Blast it with all sorts of horrendously mangled traffic, see what gets by it. I'll try to understand what types of shellcode can defeat its monitoring capabilities, perhaps it can detect covert channels by looking at the randomness in the distribution of character sets. Perhaps it can't detect a simple shell that is XORed with a predetermined value. You get the idea. I can then apply what I have learned about the chinks in the armor of my primary defensive weapon, so I know know which attackers are going to be able to defeat my tools.

A subscriber the Rent-a-cop School of Information Security will likely spend his first month implementing signatures to catch employee's playing fatasy football. He'll push for even more draconian policies to restrict something that is actually useful to the business and poses little to no threat, such as not allowing employees to use a non-standard file compression. All the while, the 21st century digital security guard quietly plays fantasy football and runs winrar on his corporate laptop. Meanwhile, the Canadian Mafia (Yes, there is a Canadian Mafia, No it's not always the Russian Mafia) snags 21 million credit cards through his IDS/IPS he hasn't bothered to understand.

Well, enough ranting for one year.

Thoughts?

2 Comments:

  • At 9:15 PM, Anonymous said…

    Amen! You rock Jack!

     
  • At 5:05 AM, Anonymous said…

    Well said. Too bad those kinds of people will never read your blog. There too busy reading the latest elite edition of ISSA magazine thinking their $90.00 a year payment makes them experts.

     

Post a Comment

<< Home