Day 3: Laying Out the Plan.

If you have never read The Art of War by Sun Tzu I would recommend picking up a copy of it.  You can apply the knowledge in that book to just about any type of adversarial environment and even some problem solving.  Cyber security is definitely and adversarial environment.

Operating Systems

Without understanding what an operating system is we can’t understand how to attack it.  An entire blog could be written about what operating systems are and the different versions in production.  Because of that I will just say that I like understanding as much as I possibly can so I did some research on operating systems.  There is a course on Udacity produced by Georgia Tech.  I prefer to read so I took the book recommendations from the course and started reading Tannenbaum’s Modern Operating Systems and Operating System Concepts Essentials.  Both books are good in different ways.  MOS is more theoretical.  OSCE is more hands on and concise.  I like the hands on approach, but I combine the two to get both.  One thing I find really good about OSCE is that it includes projects and code to get you started with some simple systems programming.  I would highly recommend that aspect.  MIT Opencourseware also has some classes available.

Attack Plans

With a solid grasp of what an operating system is we can move on to attacking them.  I will start with the exploitation chapter of Hacking The Art of Exploitation 2nd Edition.  That will give an introduction to buffer overflows and some shell code.  After the basic introduction we will move to a more in depth analysis of those attacks.  We will also deal with some updating that is necessary because countermeasures have been introduced to mitigate things like buffer overflows.  The world is also moving to 64-bit architecture which has some important differences with 32-bit architecture.  We will go over how to adjust attacks for that.  Depending on how much time is left after doing all that I will move on to rootkits.

Next Steps

The next series of posts will come from Hacking the Art of Exploitation 2nd edition.  If you are following along download a copy of a 32-bit Linux distro.  The author used a version of Ubuntu that was out in 2008, and I believe the copy that came with the book had some of the protections disabled to allow the attacks to work very closely to how the book is written.  If you want that specific os it is still available for download at No Starch Press.

I downloaded a copy of Debian 32-bit and installed it in a virtual machine.  It will only take some minor modifications to get the programs working as intended.  I chose to do this because learning about the modern protections in Debian teaches some of what has been done to mitigate the attacks.  I will also compare the how the programs run on the 32-bit version vs the 64-bit version.

Awesome Hacking Resources.

In conclusion I will list some websites that I find interesting and offer a wealth of information for learning about cyber security and hacking in general.

Hack This Site : The site has been around for years and has forums and a bunch of different hacking challenges.  Highly recommend it.

Over the Wire : A war game site that has escalating challenges teaching different skills.  I enjoy playing around on it.  It gives some nice hands on experience without the fear of jail.

Cybrary:  This site is amazing, has a lot of IT/Security professional training.  It includes user content in the form of articles about various topics.  They also update content frequently and have reasonably priced lab environments to accompany some courses.

PenTester Lab: This site has a boot camp schedule and has some virtual machines to practice skills on for free.  The boot camp is on my list to do.  It has more content for a monthly fee. I don’t have any experience with that so I can’t say if it’s worth it or not.

GitHub: You’d be surprised how much you can find on GitHub.  There are proof of concept malware and rootkit repositories, and all kinds of other fun things if you do some digging and searching.

reddit:  There are some great reddit subs like r/netsec, r/malware, r/hacking, and more.  You just have to sort through them.

Until next time 97 days to go.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s