UGN Security Forums UGN Security: Underground General Absolute noobie looking to get started on white-hat. Suggestions?

I've been managing a home network for a while, and by now i know my way around quite well on a computer. I have dabbled a tiny bit with hacking, but more focus on customization... making my own PC, designing Litestep themes, etc. So basically what I'm saying is... I know what I'm doing on a computer quite well.

But now i want to take the next step and learn to really build security. I've heard from many people that the best way to do this is to first learn to how to break security... if you can pick a lock, you can make it.

So, I was wondering the opinion of you folks... on where exactly to start on security. I'd really rather not break into my neighbour's wireless network (not really breaking in cause he has no password or firewall... heh) and plant malware. Is there not some way or place I can learn to make walls without having to break them first?

the whole reason you'd want to learn to break the walls first is so you can succeed where others fail, horribly...

Unfortunatly there is no one document focused on security that is enough for someone that wants to build themselves up well. The best place to start as with anything else is to gain information on it. Find whitepapers about security. Try to get your hands on documentation about securing your network. There is of course the saying that the best way to have a secure network is to break security. However there is also more than one way to do everything. So if you close up one way that you found in, there is probably about 10 or 100 differnt ways of doing it that you never though of. This poses the problem of, as long as you have a connection to the internet if someone really wants to, you will be hacked. That is just the way about it, as long as you have an active connection to the internet there is NO way for it to be 100% secure. There is always a way.
Keeping that in mind you just have to put up the best security possible, which would involve find documents that have to deal with holes in your Operating system or in the software you are running and patch them, and for godsakes, use common sense!
So long story short go here:
http://www.cert.org/tech_tips/home_networks.html#IV
http://www.oreillynet.com/pub/a/network/2000/06/09/magazine/firewall.html
http://networking.earthweb.com/netsecur/article.php/624471
http://www.paktribune.com/news/index.php?id=52875

By all means they are not EVERYTHING you need, but they are a good place to start

The first two seem to just say "use a firewall use a firewall use a firewall use a firewall use a firewall..." which I already knew. The third link was pretty helpful tho shin. thanks

Another way would be to read RPC's on differant protocols; I believe that SilentRage has a few of them on http://serialcoders.sytes.net/

*biep* wrong

How can you "break" something if you know [censored] about it? It isn't like ooh i'll take that sledgehammer and start smashing it into pieces.

So as sais before, start learning about protocols, the basics about networking etc. Then you can start experimenting with that. Oh and if you want to start playing around and you're afraid on breaking some rules, i'd suggest you start collecting some computers so you can set up some nice lan you can play with all you want.

White hat, black hat... Yea right... More like Gray hat as most are not pure in any one side.

Predator, as said before, I run my own LAN, do have knowledge of networks, and understand perfectly well how to do the basics of networking.

I know I can, I just am not so sure on whether or not that's the way to get good at security. From the general consensus here, its a no.

i like Zone-H.com They have some really good articles on Hacking, Crypto, Network Security etc...

lol tretruhi, what does have creating some fancy themes for windows has to do with security and networking in general? Managing a network in windows aint that hard, a click here and a click there and voila you've got your network running, even withouth the knowledge how those basic things work.

So as i said before and i will keep on repeating that, learn the true basics of networking + security.
So first thing to do is getting a lot of books and start reading.

Now tell me how are you gonna get good at security without any expirience? yes thought so.
So basicly you do this: gain knowledge by reading. Then you're going to put the knowledge you just learned into some testing by setting it up. Then you'll try to work yourself around that (that'll require you to read about commenly tactics used to get into systems.)

I don't have much to add to others' advice on where to start, but I have to say I'm impressed that you're open to these suggestions. Most newbies come around asking stupid questions, expecting to run before they can crawl. Very refreshing post, tretruhi.

Keep it up!

Indeed thank you for pointing that out unreal. It IS very nice to see someone actully intersted in learning and willing to do it the correct way. Glad to have you here tretruhi!