Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Security Initiative 2008: Learn2Attack

karniv0re (746499) writes | about 6 years ago

Security 0

With half of the year gone, I feel it's time for an update on Security Initiative 2008. So far, I have:

  • Been religious about triple locking my doors.
  • Set up an encrypted 1TB external HDD.
  • Implemented a shredder for my mail.
  • Implemented a recycling scheme - Maybe not security related, but it makes me happy.
  • Learned about Wi-Fi hacking - Admittedly this is far overdue, but better late tha
With half of the year gone, I feel it's time for an update on Security Initiative 2008. So far, I have:
  • Been religious about triple locking my doors.
  • Set up an encrypted 1TB external HDD.
  • Implemented a shredder for my mail.
  • Implemented a recycling scheme - Maybe not security related, but it makes me happy.
  • Learned about Wi-Fi hacking - Admittedly this is far overdue, but better late than never
  • Learned about Bluetooth hacking - This is also far overdue.
  • Got back into reading Aggressive Network Self-Defense. This is an amazing book.
  • Started using Nessus and Metasploit, and nmap more effectively
  • Allowed open wireless connections onto my router.
    • This is security-oriented because it shows that my machines are secure in front of or behind my firewall
    • And it allows me to investigate those connecting to my network - If you connect, you assume the rist.
  • Gotten my laptop up and running with Wi-Fi.

Here's what I have left to do:

  • Wipe/format/encrypt unused external drives
  • Encrypt laptop partition
  • Implement an "Internet only" connection and a "work only" connection to secure my network and increase proficiency and work ethic.
  • Set up an OpenBSD firewall
  • Implement a Strike Back policy
  • Set up a Honeypot
  • Obtain a collection of pwnd boxes from people who have attacked me.
  • Become 1337 and untouchable.

I think this is a feasable goal to reach by the end of the year. So here's the story for today. I have a list of about 16 hosts that have attacked my machine. Basically, they just tried a bunch of brute force logins on SSH. Nice try, fuckwits. So my original assumption was that these motherfuckers must die. But after reading ANSD, I realized that they are probably just pawns used by another source. So I did some scans. Both nmap and Nessus, and Nessus reported that the ones that were up were indeed vulnerable to the infamous "FTP Bounce" attack. This basically allows you to proxy your scans through one machine to another.

So right now I have two main targets. One in China, and one in Egypt. They are both interesting boxes, both seemingly Linux with a ton of open ports just begging to be pwned. So I scanned the China box, being my preferred favorite. Those Chinese motherfuckers hack us all the goddamned time. Why not hack them back? BlackHat FTW!

So Nessus reported that the China box was open to the FTP Bounce. Unfortunately, other than some kind of lame db2 local exploits, there's not much else. So I am now bouncing scans off of China to scan Egypt. Will report in with more info. Here's the command:

$ sudo nmap -v -O -sS -P0 -b anonymous:anon@<FTP SERVER IP> <HOST TO SCAN>

cancel ×

0 comments

Sorry! There are no comments related to the filter you selected.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>