The Good And Evil: Hackers, Crackers and Wardrivers, oh my

[Scnd]

So heres the basic feeling I get when I open any book. Hackers are having fun and Crackers are assholes. But what of Wardrivers? Wardrivers are enabling Hackers and Crackers by exploreing new networks and mapping that which has never been mapped before.

I also wanted to know, if your a Network Administrator, its your job to keep Crackers out. Wouldn't knowing how to crack into other peoples, and haveing experience in hacking and cracking be useful in this situation. You have to know how they think and act right? Just wondering.

By the way, I'm new here and I'm going through a CCNA program in highschool, it might help answer my question if you know my situation first.

thanks

 

[Malk-a-mite]

Wouldn't knowing how to crack into other peoples

This is the one thing you'll need to understand. The line above should be "knowing how to crack into your own network".

Practice on things you either own, or have permission to work on. And before you do it, attempting to crack into your friends computer from your cable modem connection to his DSL modem is most often a breech of both of your Terms Of Service with your hosting companies.

If you want to learn to hack find a couple of the "fun" websites that have hacking games on them (normally level/password style), read a lot, and practice on your own test systems (computer or network). Don't learn by breaking other peoples stuff.

 

[Ockie]

You get white hat and black hat hacking.

 

[jpmkm]

Consider everyone to be your enemy. Go in with the mindset that everyone is trying to break into your network. Now you put yourself in their place. You try every means possible to break into your network. Nothing is sacred. Remember, they are always a step ahead. If the blackhats discover something first, they are going to exploit it first.

 

[Boscoh]

Yes, knowing how to practice the techniques that your enemy is using will give you a better understanding of how to protect against them.

Securing an infrastructure is a lot of risk management. Chances are you wont have the resources, or be able to make changes to eradicate every threat. And again, knowing how to practice the techniques will help you to better analyze potential threats and assign priority levels to them.

 

[BollWeevil]

There's a fine difference between wardriving enthusiasts who map the presence of wireless networks based on passive methods and those who actively associate with foreign access points, log traffic and crack encryption keys.

As Paul Graham describes in his book Hackers and Painters, 'hacker' describes the mentality of a person who finds new and innovative uses existing technology, whereas a cracker is someone who breaks into unauthorized networks and protection mechanisms. 'Hacking' is more like a form of art, a work that others may find of particular beauty--in code, hardware, style, or methodology. Whereas 'cracking' is more of a tangible act of intrusion.

 

[Cataclysmcow]

Please don't equate hacking and wardriving with cracking. It's insulting. It's bad enought that the accepted definition of cracking has changed over the years to encompass any type of criminal activity, but do you really have to play into the media's hands on this one?

Hacking is a hobby. Wardriving is a hobby. They aren't illegal and they aren't harmfull.

Cracking used to be the act of circumventing copy-protection. Now it's been evolved into a term used by people who think there's different levels of legality with "hacking". Stop being a media panzy and just stick with terms like "criminal" or "enthusiast".

 

[YeOldeStonecat]

This is the one thing you'll need to understand. The line above should be "knowing how to crack into your own network"..

Agreed...stay out of other peoples networks. That's THEIR property, not public. Just because many don't know enough to secure it....doesn't give others the right to break in.

Just because someone leaves their home unlocked...does that give some thief the right to go into the home, raid the guys fridge, drink his beer, take his stuff?

Is trying to break into someone elses home a good method to learn how to lockup your home?

 

[Kaos]

thats why i highly suggest trying to recreate your own network on a separate network for pen testing alone. Its something youd want to do just so you dont break your production network.

if youre just getting into the security arena its daunting to get started but you cant learn it all in one day or even one week or one month, its an ongoing process it took me a long time to straighten that out in my head. A large side of security that often gets neglected is the use of social engineering you may want to read up on that. While you are at it read up on tools like nessus, ethereal..alot of them are linux based so youll get some experience with that if you havnt already. Its just an agressive area of networking to be in right now because its kind of like kung fu. Everyone knows its badass but not too many actually go out and do it. Ideally youre going to have worked with in some sense every kind of technology and all your really looking to do is find creative ways to do things you shouldnt be able to, and then restrict that access and try again.

some good books to get started:
security+ study book
hacking exposed: (pick your poison theres a few in the series)
the art of deception/intrusion (great look on social engineering)
the oreilly books (i think thats who) on ethereal and nessus were very detailed

pickup some "live cd" with a collection of security tools to mess with
my two favorite are
knoppix std
remote exploit's auditor linux (*my favorite* one, try running driftnet on your schools network*if your sa would allow you to do so*)