n00bs can practice hacking legally

[pseudo_opcode]

ok i used to do this like a year before, since i was afraid to do it over the internet...

Ok i had a friend and he was also insane like me, he setup a linux server. He challenged me to hack that server, and it was configured that way that it would sniff any hacking attempt and permanently ban the ip address of the person..

Ok accepted the challenge, i already knew all the info about the OS and all and thats not a big deal to find out. I just went to a junk yard sort of place, where computers were thrown to be discarded or recycling or whatever.. took parts like motherboard, nic from different pieces, but i had to buy a new hard drive since i couldnt find one over there. i assembled a weak pentium 3 computer, but it was good enough to support a small linux distro.

I setup the computer with the same OS as my friend's computer it was slackware i think, and apache, plus he had a site in which he was running phpbb forums, so even i setup the same version of phpbb forums, then began the exciting part.

At first i tried and tried and tried with my original computer to hack into the other box(i named it as chimera, after mi2 lmao) but it took like a month for me after modifying exploits to get into that system. And later i got into my friends system the same way..

Later it began so popular among my friends, that whenever we need to test any bug, any OS, any new software, we just put it there and start messing, up, believe me its so exciting, that you would keep on attacking it again and again.

Now my chimera is with my friend and he uses it to learn assembly, i will ask him someday to put it online so that all of us can practice hacking!!!

The moral is you can hack anything you want, and still do it legally on your own computer... many of you i guess had already tried that

[bad_brain]

Now my chimera is with my friend and he uses it to learn assembly, i will ask him someday to put it online so that all of us can practice hacking!!!

that would be sweet! we´re also planing to setup a wargames-box which will be runned by CircuitB0mb...
and what you wrote is exactly what I´m always telling newbies which are hot for their first hacking experiences: setup a local network and do your experiments there, keeps you away from trouble...beginners usually have no idea about IDS and logs and how easy it is for a halfway skilled server admin to detect attacks.

[DNR]

The only problem with conducting wargames is you need permission of every network your computer will cross to hit the wargame 'box/server'. When hired, network security consultants will file paperwork with a plan and timeframe of when he/she will be 'evaluating' a network/server to any networks that he/she will be using. It is professional, it is ethical and legal. If all possible it is best to scan the network from the inside anyways, you don't need to be 'outside' their network to attack their web/db/admin servers.

Terms of Service of almost every ISP or intranet will always state that performing cracking is a violation. It might be your 'box/server' but you are using someone else's network still. There was even an issue of alerts and alarms going off that would worry a sysadmin and cause them to shutdown their servers. Networks/sysadmins are responsible in a way for things that happen on their network, if an attack is launched from their network, they could be fired. They also have to worry about preparing for a retaliation attack because someone attacked from their network. Your attack on the wargames server could be misinterpeted by those not-so-elite-sysadmins as an attack on their servers. All this cost money and billable time - thats why they sue, prosecute and ban.

I would like to wargame with you guys, but until we meet at a hacker con or a computer lab, it shouldn't happen.

DNR