An Information Security Community
Do I need to hack the internet to understand attacks and their impact.
While developing my personal labs I discovered that in order to make a lab representative of current infrastructure you will spend more time understanding what an
administrator does not what hackers do. The labs are vulnerable, the
device is available, its one of one in more cases and causes you to
focus on the skills needed which make them great, but what about
devices that sit behind a firewall, inside a DMZ or clients that have
AV, HIPS and NIDS to protect them, all these mechanisms used to
protect a network and its clients can still be bypassed by the
black-hat that wants what you have, while trying to emulate these
extra protections take more time than bypassing them so without being
able to perform penetration testing against real world systems and
the devices, services and people that link them, how can you learn
what black-hats already know without becoming a black-hat yourself.
I have been interested in computer misuse for a number of years and have never crossed the line nor picked a hat, but one thing I have began to understand is permission
is what makes hacking legal, reports make it something management can
respond to, for the penetration tester, 'the hacker in us all' it's
not about the box but out smarting root no matter what box it is.
There are some tools that can help you to produce a lab with extra hosts, such as the live-CD's provided by Thomas Wilhelm and others, I have also included SwoothWall
distributions to add extra dimension to the penetration process, but
I bet its not the same. What would be the real harm in complying to
OSSTMM and ISSAF to produce a report for the owner(s), would this not
be a better learning platform, one just like the black-hats have only
with less mal-ware and back-doors being left.