Security Tools News & Tips

I came across an excellent series of papers in TAZ Forum that takes an in-depth look at hacking, it puts you in the shoes of an attacker and allows you to understand how the attacks work. Understanding the attacks and actual steps taken by an attacker is very helpful because it gives us the necessary insight to better protect our corporate networks effectively.

2007 A Hacking Odyssey: Part One – Reconnaissance

For this chapter we will take the mindset of the Attacker and the preliminary steps he may go through to attack your IT emporium.

How does an attacker decide which organisation to target? When he has decided on the organisation how does he set about attacking it, how does he know where to go on the internet to find the specific network he wants to attack, how does he find your geographical location if he wants to wardrive you, how does he find useful information to socially engineer you, how does he find your phone number range to war dial you, how does he find your mail server?

These are just some of the things the attacker will need to know before planning any attack against you and is generically referred to as reconnaissance.

2007 A Hacking Odessey Part 2 – Network Scanning & Nmap

The second phase can be generically summed up as ‘Scanning’. To even start this phase we need of an absolute minimum one thing; an IP address. If you have not been able to glean and IP address during your reconnaissance phase, then you will need to go back and persevere with it, because until you get one you will not be able to do anything else….you can’t scan something if you don’t know where it is.

Scanning typically involves all or some of the following:

Covered in this paper:
War Driving
War Dialling
Network Mapping
Port Scanning