as a newb hacker, I don't know much. but I have been craving the knowledge for years. if anyone could please point me in the proper direction for learning materials, I would greatly appreciate it.

Well, I recommend a Networking book, try amazon.com and half.ebay.com for good deals. You need to learn how hosts communicate over the wire, that's important basic knowlege. You'll need to learn your OS and other OS's. A good way to thoroughly learn a subject is to prepare for certification exams, use online practice tests to ensure that you know as much as you can.

You've got years of reading ahead of you before you can seriously think about compromising the security of a system.

Try "Hacking Exposed".

There are a series of books now, themed to Windows, Linux, and Web Systems. Good start :)

My advice is learn a programming language right off. Hacking without knowing how to code is not hacking, if you ask me. Using someone else's pre-made tools to do nefarious things is more the definition of being a script kiddie.

Once you learn what's actually going on with a program, or a piece of hardware, and you can figure out how to write the code to make it do what you want it to do, then you're no longer bound by the limitations of someone else's work.

So, start learning how to code. It doesn't matter really what languages you start with, you'll find once you learn one, the rest come easy. Hell, you don't even have to start with a high level programming language. If you have no coding experience, start with something really easy, like php. Then go from there.

Get a good hex editor, too. And start reading as much documentation as you can find on your target hacks.

Have fun. Don't pretend to be a badass. You're not gonna become a household name. Just think of hacking as... continued education ;)

You've got years of reading ahead of you before you can seriously think about compromising the security of a system.

Hacking doesn't have to be about compromising security. Unless you want to get into semantics, and call it cracking, the most noble cause for hacking is to extend the functionality of a particular device or application. To remove unnecessary restrictions. It's all about freedom, MAN!


(i'm only being half sarcastic)

i hate when people get hacking and cracking confused. hacking is cool cracking is lame except for when its for the good of the people and needs to be done ie drm

Get better at S.E. and learn to code c++

Get better at S.E.

Despite the wide range of opinions on the man himself, a good book on social engineering is, indeed, Kevin Mitnick's "The Art of Deception" (bn.com (http://search.barnesandnoble.com/booksearch/isbnInquiry.asp?z=y&EAN=9780764542800&itm=1)).

I haven't read his other book, "The Art of Intrusion" (bn.com (http://search.barnesandnoble.com/booksearch/isbnInquiry.asp?z=y&EAN=9780471782667&itm=2)), but it might be of interest as well.

personally i like the art of intrusion better but maybe that has to do with it being a real book and not me reading it in ebook form

thebroken is the most 31337 show you'll ever need! haha jk

I recommend reading the IBM Redbook on TCP/IP, which is close to 1000 pages. Then, pick up a book on C programming and a scripting language, like perl. Then, install a *nix. Then spend years researching and learning. Then start with premade tools on your OWN network (like nmap, nessus, etc...), then analyze packets with tcpdump or wireshark, and LEARN how packets work. Learn the three-way handshake. Learn about syn and ack numbers.

Hacking is not "ZOMG, I learnded how to haxX0r my school using a proggie I found on teh intarweb".

I have a BCompSc majoring in software engineering.
I learnt about networking (not generally a requirement for do loopers) because I wanted to write code that better used the network.

Sitting across from my desk I have TCP/IP Illustrated Vol 1, 2, 3, and Advanced Programming in the Unix Environment. All texts that are pushing 15-20 years old, and all still relevant. This is foundation knowledge that anyone who wants to know security needs to know (yeah - I have a lot of O'Reilly Unix stuff too)

Choice of language? C or Java (J2SE,EE, and ME). But it doesn't matter, because of understanding the fundamental concepts.

Hacking isn't some deep dark underground culture like its made out to be in movies. It is not Fast and the Furious for computer geeks. It has its grey areas (and its white and black depending what hat you wear), but it is not running a script to exploit a PHP bug. It is about finding the bug, and writing the script to exploit it, or writing the patch that closes the hole from the asshole in Russia running their zombie servers.

Use your powers for good. Don't go to the dark side.

Use your powers for good. Don't go to the dark side.

When I was about 16, my buddies and I put a lot of thought into cracking the copy protection on out C-64 games. That's about the extent of my extent of my hacking experience. Nevertheless, I think that if you want to be a good hacker, you should start with a deep understanding of programming and how different systems work. Hacking isn't a magic skill. It's just about knowing how stuff works.

Oh yes, learn machine language.

hacking is NOT worth it IMO....i used to want to learn how to hack, cuz it looks cool...but really....its way to much work to learn how to....well without having all these script kiddie programs. Just pirate stuff...tahts what i do :)

There's nothing wrong with hacking. Who gave you that silly idea?

Yeah, if you go around being an idiot and using premade scripts from the interweb to hack the pentagon, then you're f‏ucked up.

But if you use it for legit purposes, like learning the protocols behind networking, and to be able to test your own network against attacks, and to be able to write tools to demonstrate flaws, and to write tools to fix flaws, then that's true hacking.

There is a great career out there for hackers that can sit a CPA exam ...

Its called the SAS70 Series 2. Biggest piece of bs crap certification out there, but just about anyone in the financial services sector can you spot the CPA connection here) demands it from their suppliers ... and it costs $200-400K to get one completed.

And the kicker is - ther is no standard to it. Its all about procedures, and being seen to do the right thing. A proper ethical hacking/penetration exercise and code review (and ISO 9000 series standards) are a far better indicator of robustness.

BUT - if you can stomach going to school to become certified as a CPA, then its a great business to be in. I am studying for my MCATs so I can go get an MBA ... and you can be sure I will leverage that into becoming a CPA so I can charge those sort of $$$.

Despite the wide range of opinions on the man himself, a good book on social engineering is, indeed, Kevin Mitnick's "The Art of Deception" (bn.com (http://search.barnesandnoble.com/booksearch/isbnInquiry.asp?z=y&EAN=9780764542800&itm=1)).

I haven't read his other book, "The Art of Intrusion" (bn.com (http://search.barnesandnoble.com/booksearch/isbnInquiry.asp?z=y&EAN=9780471782667&itm=2)), but it might be of interest as well.

The Art of Deception is a great book. A personal favorite of mine. I haven't read The Art of Intrusion, either, but I'll probably check that out soon.

Anyway, The Art of Deception is a great book to start with understanding the idea and basics of Social Engineering. Reading this book isn't going to make you a hacker, but it will help you gain tools as far as the social aspect of hacking goes.

Just do what ramzi tells you and you should be fine...

Trying to copy the examples in The Art of Deception will get you in trouble.

The best advice given to you was to learn how to code - how can you exploit something if you don't know how it works? (learning c+asm is always a solid start)

Hack this site (http://www.hackthissite.org/) is probally site to learn form without doing anything illegeal.

Sup,
Check it;

http://www.mindview.net/Books/TIJ/

synack.

p.s - there is a 'thinking in C++' title... I think.

When I first started thinking about how to hack I didn't think it would be so hard to learn. It's takes time, and a lot of ready... Right now I started using FC5, plus learning wireless connection...

I started to learn security also too, plus also planed on getting my MCSE for now. I do want to get into the security field .... I like watching people...

-Malachai-

SUp,
It might be worth checking out 'The TCP/IP guide'. This is available online here;
http://www.tcpipguide.com/

it covers IPv6 and is thick enough in print form to stun an ox. The printed version is available from nostarch.com.

synack

i hate when people get hacking and cracking confused. hacking is cool cracking is lame except for when its for the good of the people and needs to be done ie drm

Some people actually crack just for fun though. They enjoy breaking the codes and getting past the system.

Learn how computers work at the most basic level. Learn networking. Learn how to think outside the box(overused cliche, but it fits).

Just keep learning about computers, and learning how to make them do what you want.

learnig to hack is tough, right now over the last year, i have been reading and learning linux to just be able to Break WEP encryption for using secured wireless networks. Lots of the posts people have been saying are true it is best to learn some sort of programming languages, like Awk or unix for instance, and have a knowledge of networking before even trying, but once you start to Linux has a great live cd called Auditor which has literally hundreds of tools for exploiting weaknesses in networks. Some of which you may have heard of from thebroken like network stumbler and airsnort but tons of great tools like a mac address changer. But even though having a tool like Auditor to aid you need to be very fluent in shell command. Hope this helps!

it also has many brute force and dictionary attacks as well and even a nice little list of default passwords for about all types of network devices too!

Is this considered hacking or being a script kiddie? I'm 17 years old and the administrator this year blocked pretty much all access to the start menu and most partitions with system files or important teacher documents on it. Also, the command prompt was disabled. So I wrote a little script using one of the programming languages we have access to known as "Turing", to make my own little dos prompt. Next I used a registry command which enables the REGEDIT and other registry tweaks, and the start menu's RUN. Then I modified many values and made my own little .reg file so I could easy change it back when I use a different computer. (after you reboot a computer Deep Freeze resets the changes I made, but I wouldn't wanna remove that)

The thing I'm trying to figure out is how to get around WEBSENSE, which blocks such sites as TUCOWS or proxy avoiding websites. I can also get access to the Administrator account but I dunno how to get rid of WEBSENSE...

The thing I'm trying to figure out is how to get around WEBSENSE, which blocks such sites as TUCOWS or proxy avoiding websites. I can also get access to the Administrator account but I dunno how to get rid of WEBSENSE...
Websense is run on a server that all connections go through. You cant have the connections not go through the server unless you dont want to connect to the internet. If you can gain access to websense control panel you might be able to unblock sites/exclude computers from filtering via mac address. Also, try setting up a poxy (Not a typo) on a webserver that you can access via https:// or just ssh to a server to filter connections through that computer instead. HTTP tunneling would probably work as well, but that's usually slower then it needs to be.

If ya do manage to get around Websense, let me know - i've been trying to do the same thing this year.