inside the man

Friday, December 16, 2005

SANS Hacker Techniques - days 4 and 5

Other posts in this thread:Days 4 and 5 of the course were in many ways more of the same as Day 3 - great material, and lots of it, with only brief simple hands on exercises from time to time (between two and four exercises daily). Of the more interesting exercises was cracking password hashes with John the Ripper. Another was seeing how many anti-virus programs were fooled by simply getting a hex editor and changing the port at which tini listens. The Covert_TCP file transfer was also fascinating - essentially it transfers data one byte at a time within TCP/IP headers. I'd like to see your IDS pick that up!

Unfortunately, I missed a significant portion of the afternoon of Day 4 due to a combination of illness and client demands. Again, over these two days, the balance of lecture to hand-on seemed to be off although the content of the lectures continued to be detailed, wide ranging, well researched, and more than a little frightening.

Summary
  • Day: Days 4 and 5
  • Topics: Password cracking, getting a shell, worms, web app attacks, DoS, backdoors, app level trojans, backdoor wrappers, rootkits, hinding files, covering tracks in logs, covert networking, more stego
  • Tools: brutus, hydra, Cain and Abel, Rainbow Crack, SYSKEY, John the Ripper*, PAM, shred, netcat*, phatbot, SQL Slammer, OWASP suite of tools, Achilles, Paros, Windows at command, CpuHog, Ping of Death, Rose, Smurf, synflood, Tribe Flood Network 2000, tini*, VNC, WinVNC, Sub7, Back Orifice 2000, Setiri, wrappers, burneye, Ollydbg, LRK, AFX, Solaris kernel-mode rootkit, KIS, Adore, FU, Rootkit Revealer, LADS*, WinZapper, reverse www shell, Loki, Covert_TCP*, cd00r, s-tools, stegdetect, xsteg (In the appendix but not discussed: red button, campas, aglimpse, crack, lc5, GetAdmin, SecHole, NetMeeting Buffer Overflow, Tooltalk Buffer Overflow, IMAPd Buffer Overflow, WinNuke, land, redir, SMBRelay, TBA Palm OS War Dialer, QAZ, T0rnkit, RDS, jolt2, DumpSec, Tin00, knark)
  • Overall value: 3 out of 5
  • Coolness: 4 out of 5

* Starred items were part of hands on exercises.

1 comment:

Seo Oj said...

Sebelum dan sesudahnya saya ucapkan terima kasih untuk penulis blog ini karena telah membuka komentar publik untuk semua orang dan untuk berbagi pengalaman dengan setiap pengunjung blog ini....
penjelasan seterusnya
penjelasan selanjutnya
penjelasan lebih terpercaya
penjelasan lebih akurat
penjelasan lebih detail
penjelasan lebih lengkap

About Me

My photo
Edmonton, Alberta, Canada
Returned to working as a Management Consultant, specializing in risk, security, and regulatory compliance, with Fujitsu Canada after running the IT shop in the largest library in the South Pacific.

CC Developing Nations
This work is licensed under a Creative Commons Developing Nations license.

Site Meter