!!Read First!! Ethical Hacking and Countermeasures

[z3mwaz]

(Self introduction & Disclaimers)

Hi, I'm Z3mwaz and I am current taking the CEH (Certified Ethical Hacker) Course on my free time. I am already certified through CompTIA as an A+ Computer Repair Technician, and have an Associates of Applied Science in Computer and Electronics Engineering from ITT-Tech. (Just because I have a degree and certifications doesn't mean i have great grammer, so please bare with me. I can't spell myself out of a papper bag) Anyways, I am taking the time to post the module's from CEH in my own word to help others learn and in the process help me learn. I will try to committe one module every week, but I am a very busy person and i leave town on business trips often. So if I dont post for acouple of days dont worry, I'll be back.

To Start off theres this one thing I must do. No offense to anyone.

All Disclaimers and TOU's are to protect suck-o.com and me, z3mwaz. If you decide to copy and paste this information, be kind enought to give links to the orginal post and give credit to Suck-o and myself for the time and effort involved in these post.

Disclaimer of Liability:
With respect to documents available from these forums, neither suck-o.com, its Admin, its Members, nor Me (z3mwaz), makes any warranty, express or implied, including the warranties of merchantability and fitness for a particular purpose, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights.

Ethical Hacking and Countermeasures Tools Terms of Use:
I, z3mwaz, provides these tools and information for educational use. The tools are not authored by suck-o.com, and in many cases are submitted by the security community. While every reasonable effort is made to ensure that these programs do what is claimed, suck-o.com will not be held accountable for any damage or distress caused by the proper or improper usage of these materials, and makes no guarantee in regards to their operation or suitability for any specific purpose.

This forum is for Research and Educational Purposes only. The primary intent of this forum is to provide the user with hard to find content for Research or Self Education relevant to network security and various protection methods and their intrinsic flaws by demonstrating exploit methods and techniques used to circumvent them. We hope that you are better aware of the danger that lurk out in society today and learn how to protect yourself with the knowledge you are about to learn. In continuing you must accept that you are going to use this information only for Educational and Research purposes.

While possession of information or programs included on this forum violates no laws, actually using or implementing some of the programs or content on this forum may violate Federal Law. For this reason the user is instructed not to use any of the programs or content on this forum which may violate any Laws or infringe on the Copyright protection of others. We provide them for educational purposes only.

My mission is to educate, introduce and demonstrate hacking tools for penetration testing purposes only. In other words "Educational Purposes ONLY"

Course Layout:

Module 1: Ethics and Legality - Estimated date of post 9/30
What is an Exploit?
The security functionality triangle
The attacker's process
Passive reconnaissance
Active reconnaissance
Types of attacks
Categories of exploits
Goals attackers try to achieve
Ethical hackers and crackers - who are they
Self proclaimed ethical hacking
Hacking for a cause (Hacktivism)
Skills required for ethical hacking
Categories of Ethical Hackers
What do Ethical Hackers do?
Security evaluation plan
Types of Ethical Hacks
Testing Types
Ethical Hacking Report
Cyber Security Enhancement Act of 2002
Computer Crimes
Overview of US Federal Laws
Section 1029
Section 1030
Hacking Punishment


Module 2: Footprinting - Estimated date of post 10/7
What is Footprinting
Steps for gathering information
Whois
http://tucows.com
Hacking Tool: Sam Spade
Analyzing Whois output
NSLookup
Finding the address range of the network
ARIN
Traceroute
Hacking Tool: NeoTrace
Visual Route
Visual Lookout
Hacking Tool: Smart Whois
Hacking Tool: eMailTracking Pro
Hacking Tool: MailTracking.com


Module 3: Scanning - Estimated date of post 10/14
Determining if the system is alive?
Active stack fingerprinting
Passive stack fingerprinting
Hacking Tool: Pinger
Hacking Tool: WS_Ping_Pro
Hacking Tool: Netscan Tools Pro 2000
Hacking Tool: Hping2
Hacking Tool: icmpenum
Detecting Ping sweeps
ICMP Queries
Hacking Tool: netcraft.com
Port Scanning
TCPs 3-way handshake
TCP Scan types
Hacking Tool: IPEye
Hacking Tool: IPSECSCAN
Hacking Tool: nmap
Port Scan countermeasures
Hacking Tool: HTTrack Web Copier
Network Management Tools
SolarWinds Toolset
NeoWatch
War Dialing
Hacking Tool: THC-Scan
Hacking Tool: PhoneSweep War Dialer
Hacking Tool: Queso
Hacking Tool: Cheops
Proxy Servers
Hacking Tool: SocksChain
Surf the web anonymously
TCP/IP through HTTP Tunneling
Hacking Tool: HTTPort


Module 4: Enumeration - Estimated date of post (TBA)
What is Enumeration
NetBios Null Sessions
Null Session Countermeasures
NetBIOS Enumeration
Hacking Tool: DumpSec
Hacking Tool: NAT
SNMP Enumertion
SNMPUtil
Hacking Tool: IP Network Browser
SNMP Enumeration Countermeasures
Windows 2000 DNS Zone transfer
Identifying Win2000 Accounts
Hacking Tool: User2SID
Hacking Tool: SID2User
Hacking Tool: Enum
Hacking Tool: UserInfo
Hacking Tool: GetAcct
Active Directory Enumeration


Module 5: System Hacking -
Administrator Password Guessing
Performing Automated Password Guessing
Legion
NTInfoScan
Defending Against Password Guessing
Monitoring Event Viewer Logs
VisualLast
Eavesdroppin on Network Password Exchange
Hacking Tool: L0phtCrack
Hacking Tool: KerbCrack
Privilege Escalation
Hacking Tool: GetAdmin
Hacking Tool: hk
Manual Password Cracking Algorithm
Automatic Password Cracking Algorithm
Password Types
Types of Password Attacks
Dictionary Attack
Brute Force Attack
Distributed Brute Force Attack
Password Change Interval
Hybrid Attack
Cracking Windows 2000 Passwords
Retrieving the SAM file
Redirecting SMB Logon to the Attacker
SMB Redirection
Hacking Tool: SMBRelay
Hacking Tool: SMBRelay2
SMBRelay Man-in-the-Middle (MITM)
SMBRelay MITM Countermeasures
Hacking Tool: SMBGrinder
Hacking Tool: SMBDie
Hacking Tool: NBTDeputy
NetBIOS DoS Attack
Hacking Tool: nbname
Hacking Tool: John the Ripper
LanManager Hash
Password Cracking Countermeasures
Keystroke Logger
Hacking Tool: Spector
AntiSpector
Hacking Tool: eBlaster
Hacking Tool: SpyAnywhere
Hacking Tool: IKS Software Logger
Hardware Tool: Hardware Key Logger
Hacking Tool: Rootkit
Planting Rootkit on Windows 2000 Machine
_rootkit_ embedded TCP/IP Stack
Rootkit Countermeasures
MD5 Checksum utility
Tripwire
Covering Tracks
Disabling Auditing
Auditpol
Clearing the Event Log
Hacking Tool: Elslave
Hacking Tool: Winzapper
Hacking Tool: Evidence Eliminator
Hidding Files
NTFS File Streaming
Hacking Tool: makestrm
NTFS Streams Countermeasures
LNS
Steganography
Hacking Tool: ImageHide
Hacking Tool: MP3Stego
Hacking Tool: Snow
Hacking Tool: Camera/Shy
Steganography Detection
StegDetect
Encrypted File System
Hacking Tool: dskprobe
Hacking Tool: EFSView
Buffer Overflows
Creating Buffer Overflow Exploit
Outlook Buffer Overflow
Hacking Tool: Outoutlook


Module 6: Trojans and Backdoors -
What is a Trojan Horse?
Overt and Covert
Hacking Tool: QAZ
Hacking Tool: Tini
Hacking Tool: Netcat
Hacking Tool: Donald Dick
Hacking Tool: SubSeven
Hacking Tool: BackOrifice 2000
Back Oriffice Plug-ins
Hacking Tool: NetBus
Wrappers
Hacking Tool: Graffiti
Hacking Tool: Silk Rope 2000
Hacking Tool: EliteWrap
Hacking Tool: IconPlus
Packaging Tool: Microsoft WordPad
Hacking Tool: Whack a Mole
Trojan Construction Kit
BoSniffer
Hacking Tool: FireKiller 2000
Covert Channels
ICMP Tunneling
Hacking Tool: Loki
Reverse WWW Shell
Backdoor Countermeasures
BO Startup and Registry Entries
NetBus Startup and Registry Keys
Port Monitoring Tools
fPort TCPView
Process Viewer
Inzider - Tracks Processes and Ports
Trojan Maker
Hacking Tool: Hard Disk Killer
Man-in-the-Middle Attack
Hacking Tool: dsniff
System File Verification
TripWire




Module 7: Sniffers -
What is a Sniffer?
Hacking Tool: Etheral
Hacking Tool: Snort
Hacking Tool: WinDump
Hacking Tool: EtherPeek
Passive Sniffing
Active Sniffing
Hacking Tool: EtherFlood
How ARP Works?
Hacking Tool: DSniff
Hacking Tool: Macof
Hacking Tool: mailsnarf
Hacking Tool: URLsnarf
Hacking Tool: Webspy
Hacking Tool: Ettercap
Hacking Tool: SMAC
MAC Changer
ARP Spoofing Countermeasures
Hacking Tool: WinDNSSpoof
Hacking Tool: WinSniffer
Network Tool: IRIS
Network Tool: NetInterceptor
SniffDet
Hacking Tool: WinTCPKill


Module 8: Denial of Service -
What is Denial of Service Attack?
Types of DoS Attacks
How DoS Work?
What is DDoS?
Hacking Tool: Ping of Death
Hacking Tool: SSPing
Hacking Tool: Land
Hacking Tool: Smurf
Hacking Tool: SYN Flood
Hacking Tool: CPU Hog
Hacking Tool: Win Nuke
Hacking Tool: RPC Locator
Hacking Tool: Jolt2
Hacking Tool: Bubonic
Hacking Tool: Targa
Tools for Running DDoS Attacks
Hacking Tool: Trinoo
Hacking Tool: WinTrinoo
Hacking Tool: TFN
Hacking Tool: TFN2K
Hacking Tool: Stacheldraht
Hacking Tool: Shaft
Hacking Tool: mstream
DDoS Attack Sequence
Preventing DoS Attack
DoS Scanning Tools
Find_ddos
SARA
DDoSPing
RID
Zombie Zapper




Module 9: Social Engineering -
What is Social Engineering?
Art of Manipulation
Human Weakness
Common Types of Social Engineering
Human Based Impersonation
Important User
Tech Support
Third Party Authorization
In Person
Dumpster Diving
Shoulder Surfing
Computer Impersonation
Mail Attachments
Popup Window
Website Faking
Reverse Social Engineering
Policies and Procedures
Social Engineering Security Policies
The Importance of Employee Education


Module 10: Session Hijacking -
What is Session Hijacking?
Session Hijacking Steps
Spoofing Vs Hijacking
Active Session Hijacking
Passive Session Hijacking
TCP Concepts - 3 way Handshake
Sequence Numbers
Sequence Number Example
Guessing the Sequence Numbers
Hacking Tool: Juggernaut
Hacking Tool: Hunt
Hacking Tool: TTYWatcher
Hacking Tool: IP Watcher
Hacking Tool: T-Sight
Remote TCP Session Reset Utility
Dangers Posed by Session Hijacking
Protection against Session Hijacking


Module 11: Hacking Web Servers -
Apache Vulnerability
Attacks against IIS
IIS Components
ISAPI DLL Buffer Overflows
IPP Printer Overflow
msw3prt.dll
Oversized Print Requests
Hacking Tool: Jill32
Hacking Tool: IIS5-Koei
Hacking Tool: IIS5Hack
IPP Buffer Overflow Countermeasures
ISAPI DLL Source Disclosure
ISAPI.DLL Exploit
Defacing Web Pages
IIS Directory Traversal
Unicode
Directory Listing
Clearing IIS Logs
Network Tool: LogAnalyzer
Attack Signature
Creating Internet Explorer (IE) Trojan
Hacking Tool: IISExploit
Hacking Tool: UnicodeUploader.pl
Hacking Tool: cmdasp.asp
Escalating Privilages on IIS
Hacking Tool: IISCrack.dll
Hacking Tool: ispc.exe
Unspecified Executable Path Vulnerability
Hacking Tool: CleanIISLog
File System Traversal Countermeasures
Microsoft HotFix Problems
UpdateExpert
Cacls utility
Network Tool: Whisker
N-Stealth Scanner
Hacking Tool: WebInspect
Network Tool: Shadow Security Scanner



Module 12: Web Application Vulnerabilities -
Documenting the Application Structure
Manually Inspecting Applications
Using Google to Inspect Applications
Directory Structure
Hacking Tool: Instant Source
Java Classes and Applets
Hacking Tool: Jad
HTML Comments and Contents
Hacking Tool: Lynx
Hacking Tool: Wget
Hacking Tool: Black Widow
Hacking Tool: WebSleuth
Cross Side Scripting
Session Hijacking using XSS
Cookie Stealing
Hacking Tool: IEEN


Module 13: Web Based Password Cracking Techniques
Basic Authentication
Message Digest Authentication
NTLM Authentication
Certificate based Authentication
Digital Certificates
Microsoft Passport Authentication
Forms based Authentication
Creating Fake Certificates
Hacking Tool: WinSSLMiM
Password Guessing
Hacking Tool: WebCracker
Hacking Tool: Brutus
Hacking Tool: ObiWan
Hacking Tool: Munga Bunga
Password dictionary Files
Attack Time
Hacking Tool: Varient
Hacking Tool: PassList
Query Strings
Post data
Hacking Tool: cURL
Stealing Cookies
Hacking Tool: CookieSpy
Hacking Tool: ReadCookies
Hacking Tool: SnadBoy


Module 14: SQL Injection
What is SQL Injection Vulnerability?
SQL Insertion Discovery
Blank sa Password
Simple Input Validation
SQL Injection
OLE DB Errors
1=1
blah' or 1=1
Stealing Credit Card Information
Preventing SQL Injection
Database Specific SQL Injection
Hacking Tool: SQLDict
Hacking Tool: SQLExec
Hacking Tool: SQLbf
Hacking Tool: SQLSmack
Hacking Tool: SQL2.exe
Hacking Tool: Oracle Password Buster


Module 15: Hacking Wireless Networks
802.11 Standards
What is WEP?
Finding WLANs
Cracking WEP keys
Sniffing Trafic
Wireless DoS Attacks
WLAN Scanners
WLAN Sniffers
MAC Sniffing
Access Point Spoofing
Securing Wireless Networks
Hacking Tool: NetTumbler
Hacking Tool: AirSnort
Hacking Tool: AiroPeek
Hacking Tool: WEP Cracker
Hacking Tool: Kismet
WIDZ- Wireless IDS


Module 16: Virus and Worms
Cherobyl
ExploreZip
I Love You
Melissa
Pretty Park
Code Red Worm
W32/Klez
BugBear
W32/Opaserv Worm
Nimda
Code Red
SQL Slammer
How to write your own Virus?
Worm Construction Kit


Module 17: Novell Hacking
Common accounts and passwords
Accessing password files
Password crackers
Netware Hacking Tools
Chknull
NOVELBFH
NWPCRACK
Bindery
BinCrack
SETPWD.NLM
Kock
userdump
Burglar
Getit
Spooflog
Gobbler
Novelffs
Pandora


Module 18: Linux Hacking
Why Linux ?
Linux Basics
Compiling Programs in Linux
Scanning Networks
Mapping Networks
Password Cracking in Linux
Linux Vulnerabilities
SARA
TARA
Sniffing
A Pinger in Disguise
Session Hijacking
Linux Rootkits
Linux Security Countermeasures
IPChains and IPTables


Module 19: IDS, Firewalls and Honeypots
Intrusion Detection System
System Integrity Verifiers
How are Intrusions Detected?
Anomaly Detection
Signature Recognition
How does IDS match Signatures with Incoming Traffic?
Protocol Stack Verification
Application Protocol Verification
What Happens after an IDS Detects an Attack?
IDS Software Vendors
SNORT
Evading IDS (Techniques)
Complex IDS Evasion
Hacking Tool: fragrouter
Hacking Tool: TCPReplay
Hacking Tool: SideStep
Hacking Tool: NIDSbench
Hacking Tool: ADMutate
IDS Detection
Tools to Detect Packet Sniffers
Tools to inject strangely formatted packets onto the wire
Hacking Through Firewalls
Placing Backdoors through Firewalls
Hiding behind Covert Channels
What is a Honeypot?
Honeypots Evasion
Honeypots vendors


Module 20: Buffer Overflows
What is a Buffer Overflow?
Exploitation
Assembly Language Basics
How to Detect Buffer Overflows in a Program?
Skills Required
CPU/OS Dependency
Understanding Stacks
Stack Based Buffer Overflows
Buffer Overflow Technical Implementation
Writing your own Buffer Overflow Exploit in C
Defense against Buffer Overflows
Type Checking Tools for Compiling Programs
StackGuard
Immunix


Module 21: Cryptography
What is PKI?
Digital Certificates
RSA
MD-5
RC-5
SHA
SSL
PGP
SSH
Encryption Cracking Techniques


PS.
Please don't ever ask me any questions that will break the rules of suck-o.com.
I'm not going to hack into your school, a bank, paypal, e-mail, ect. for you or anyone.
AND if you do any of the above. This is my disclaimer.
I didnt tell you to do anything.
I shared my knowledge with others.
Dont arrest the teacher for the love of knowledge

Also please reply to this post with maybe just a "SWEET" to show that you understand this post, and support what suck-o and myself are standing up for.

Thank You
-Z3MWAZ (I had to vote too, lol)

[n3rd]

SWEET.... dude its nice to create this?. but it doesnt show actuall info that seems usefull to me other than some nifty programs.

if I recall correctly u actually wrote; what is a exploit. and then u just stopped. =]


btw i voted skiddie XD... nice i missed the dates _-- cus u stopped with em at at module 5 or so

[z3mwaz]

well with the expolit part i will go into some detail but not too much. i will give referance to past exlpoits that are 70% or so patched in most systems. but i will be following the course guide i have with me.

Also, there are 20+ videos that corrospond to the course that i paln posting on a image/video hosting server and refering to the links.
The main videos range from 20 mins to 50 mins and they cover alot of stuff.

I'm having to hand type all the other stuff, but everyword will be there plus a few of my own.
the you'll have post from other members too.
so we're all covered in some way skiddie's to gray hat's etc.

Remember, hacking is not something you can learn in 24 hours. It takes time and this course will give more than just the basics. trust me.
I've watched 2 full vids and read three chapters, maybe 4, but anyways i have a way better insite on hacking and how to hack...

[d10b]

...Nice table of contents!

[pseudo_opcode]

the general perception is that white hats are generally good in algorithms and black hats are good in reverse engineering and assembly.. i m good in reverse engineering... cant call myself a grey hat.. cant call myself white hat.. cause they work with companies to tell them about the bugs.. cracker.. no i'd never hack for ego or money...script kiddy?? hell no.. guess i wont vote...

[floodhound2]

I am in between and can’t be labeled I guess. I don’t hack to get rich but I once programmed a credit card number algorithm to gain access and locate a person. I felt that I shouldn’t have to pay for the service, I was a broke student and needed information quickly.
Then again I made programs to help people who can not speak use the computer to speak for them, no charge and it took me 2 days of programming. I have reversed engineered programs to work for me so that I did not have to pay the staggering cost. I needed them for jobs, and my school, remember I was a broke student.
I follow the rules most of the time but often my disorder [HAXOR] causes me to bend the constraints of social conformities. I am a curious and seek knowledge many hours out of a day, if I have to bend the rules to get what I am trying to learn then I do so. I never have destroyed a server, data base or PC; however I have been hired to make malice code and did so without concern of where it was going to be implemented (script kiddies need love too)

BTW I also went to Itt-Tech and have a BAS degree in Electronics and Computers

I guess my hat can be turned front to back depending on the agenda and importance.

PEACE

[pseudo_opcode]

actually when you do anything wrong.. its wrong.. there are no robinhoods in today's world..

i cannot steal a car and give an excuse that i needed something to travel but didnt have enough money..

please dont feel that i m offending you floodhound but the world we live in.. its like this only..

maybe you are right in your own way but hypothetically you are a grey hat. Thats what the ethics say.. but i m really waiting what DNR has to say.. i m sure he'll come up with a cool answer as always

[floodhound2]

Yeah I understand what you mean and I don’t take offence. I do what I do. I try to do right most of the time but it seems that the more I try to play by the rules the more I get screwed. I often, only a few times, have to take the hush hush route to get ahead, or what I need. For the most part I teach and run a straight course.

I also can’t wait for DNR to leave a post. He is a good writer and I enjoy reading his comments.

PEACE

[Nerdz]

Yeah I have this book on my shelve I need to start it asap

[pseudo_opcode]

Yeah I understand what you mean and I don’t take offence. I do what I do. I try to do right most of the time but it seems that the more I try to play by the rules the more I get screwed. I often, only a few times, have to take the hush hush route to get ahead, or what I need. For the most part I teach and run a straight course.

dont worry mate.. you're cool... just let it be..

[DNR]

Thanks for the support gentlemen, it helps me keep interest in writing.

Look, hacking is about mastering yourself. Flood has just admitted that he reconizes that hacking is a personality, an obsessive/compulsion type that can dominate a person's behavior. Some of the things I have done, and still do, is sometimes like a train out of control. I pick up on a flaw, and I'll rip it open - what makes me a white hat is what I do with the final result. So I break a network or security procedure, but if I do nothing with the nfo I recover, am I just guilty of just a trespass?

The rules are not so clear cut in the world, the definition of a crime is only a rule that was broken, or a victim that was harmed. Governments break the rules too - we can wage war for politics, yet to shoot or blow someone up with a bomb is illegal?

More later

DNR

[z3mwaz]

DNR is right, but we have to deal with whats in the world today..

oh, so everyone knows...
I maybe a day or two late with my first post. sorry, i been very busy the past three day and havent got much sleep

[DNR]

\/\The Conscience of a Hacker/\/
by
+++The Mentor+++

Written on January 8, 1986
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Another one got caught today, it's all over the papers. "Teenager Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"...

Damn kids. They're all alike.

But did you, in your three-piece psychology and 1950's technobrain, ever take a look behind the eyes of the hacker? Did you ever wonder what made him tick, what forces shaped him, what may have molded him?

I am a hacker, enter my world...

Mine is a world that begins with school... I'm smarter than most of the other kids, this crap they teach us bores me...

Damn underachiever. They're all alike.

I'm in junior high or high school. I've listened to teachers explain for the fifteenth time how to reduce a fraction. I understand it. "No, Ms. Smith, I didn't show my work. I did it in my head..."

Damn kid. Probably copied it. They're all alike.

I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me...
Or feels threatened by me...
Or thinks I'm a smart ass...
Or doesn't like teaching and shouldn't be here...

Damn kid. All he does is play games. They're all alike.

And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict's veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought... a board is found. "This is it... this is where I belong..."

I know everyone here... even if I've never met them, never talked to them, may never hear from them again... I know you all...

Damn kid. Tying up the phone line again. They're all alike...

You bet your ass we're all alike... we've been spoon-fed baby food at school when we hungered for steak... the bits of meat that you did let slip through were pre-chewed and tasteless. We've been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us willing pupils, but those few are like drops of water in the desert.

This is our world now... the world of the electron and the switch, the beauty of the baud. We make use of a service already existing without paying for what could be dirt-cheap if it wasn't run by profiteering gluttons, and you call us criminals.
We explore... and you call us criminals.
We seek after knowledge... and you call us criminals.
We exist without skin color, without nationality, without
religious bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good, yet we're the criminals.

Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.

I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all... after all, we're all alike.

+++The Mentor+++


That post will live as long as hackers live. A hacker's lament written 20 years ago, still sounds like my problem today. It will still make sense another 20 years from now (unless they all grow to be skiddies).

Great hackers are born, good hackers are trained.
The courses offered in your school seems pretty well rounded, it covers a pretty good spectrum of hacking stuff. The only thing missing is the most vital ingredient - the hacker mind. You can teach anyone combat techniques with a firearm, but you can't make them be a true gunfighter.

My hacker mindset? Its a little bit of personality (ok maybe a lot ), a little bit (a lot too) of a ADHD mind multitasking, running scenarios, breaking things and making them more secure, and of course, education of computer science ( hmm a lot of this too).

That personality is big trouble, I am messy, disorganized, I start projects, then get bored and leave 'em, I am antisocial, but yet my friends have lots of fun when I am around. I am a rule breaker - because I have no patience, and I despise rules that make no sense or purpose. We all have little patience, and hate stupid rules, but because I am smarter than the average joe, I hack the situation and do something positive with it, but to my own selfish advantage. The postive twist is because I have good ethics. An evil hacker might do the Kansas City Shuffle on you to steal your wallet. I choose to do things that I feel would benefit my community and maybe the world.

Attention Deficit Hyperactivity Disorder, thats the name they invented for a mind that has been around for ages. Computers only came on the scene recently, but it proves to be a good outlet or tool for that kind of mind. Doctors talk about ADHD like its a bad thing, but its not, its just a wild mind that needs to be tamed and trained. Just like I said, you are either born with it, or you'll just be another paper-mcse/book-smart hacker. A mind that can think and react so quickly is a great thing, it is just harder to get organized or focused. I guess those that 'suffer' from this disorder, just don't know how to train that mind.

Consider this my friends and neophytes;

Everyone knows the Yin and Yang symbol right? The two tails circling each other, one black, one white. The black tail has a little white dot in it to signify that there is a little bit of good in evil. The white tail has a black dot to signify that there can be a little bit of evil in good too.
Only after you reach a higher level of training, education, personal growth, you can begin to understand the most vital part of that symbol;
Look closely at any yin and yang symbol, you will see a thin line on the outside of that symbol, sort of holding it all together. That thin line represents ultimate level of being - you are no longer effected by the circling tails of good and bad. That thin line holding everything together - is a master hacker.

DNR

[pseudo_opcode]

another classic DNR post.. seriously it made my adrenalin rushing!!!

[Irvysan]

thanks, great post