Pages: [1]

Author Topic: New to Forum, need some suggestions  (Read 1044 times)

0 Members and 1 Guest are viewing this topic.

Offline t2nator

  • NULL
  • Posts: 2
  • Cookies: 0
    • View Profile
New to Forum, need some suggestions
« on: June 12, 2012, 05:15:36 am »
Hey everyone! I am currently a college student attempting a Computer Science degree. So far I have been primarily been studying c++, with a little bit of Java in the mix. I also have been playing around with html, php, and MySQL for a couple years but am still a novice at best.  I currently have a job as an IT Administrator, and I am experienced as far as setting up domain networks, VPN's, etc. I want to start off by asking how hard, from experience, is it to hack a Windows Server 2008 R2 domain? Let me develop an example: Say you are at a Starbucks, you bring your laptop and see that that the wireless signal from another building is strong enough to connect. So you connect and because the people who set up the network did no put that wireless on a separate subnet it is part of the domain subnet. From their what would be your next move to gain access to... let's say the command prompt of the domain controller??? :)
Report to moderator   Logged

Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: New to Forum, need some suggestions
« Reply #1 on: June 12, 2012, 08:10:27 am »
Hardness is directly proportional to the knowledge level of operating database admins.
Report to moderator   Logged

Offline t2nator

  • NULL
  • Posts: 2
  • Cookies: 0
    • View Profile
Re: New to Forum, need some suggestions
« Reply #2 on: June 12, 2012, 03:50:48 pm »
Fair enough, so lets say its a person new to hacking. Would that be possible? I've always assumed a good start is to scan for open ports on the network, then try and infiltrate any of them.
Report to moderator   Logged

Z3R0

  • Guest
Re: New to Forum, need some suggestions
« Reply #3 on: June 12, 2012, 04:19:01 pm »
Quote from: t2nator on June 12, 2012, 03:50:48 pm
Fair enough, so lets say its a person new to hacking. Would that be possible?
No, because new people do not know any attacks, nor would they know how they work until experiencing one on their own (hopefully in a legal manner). Attack vectors are not only limited to what ports are open. To really be able to determine what type of attack is best, one would have to completely understand the inner-workings of an organization...for example: how the network is setup (this is a very very very broad term for what it all entails), security policies, any financial issues, legal history, what kind of physical security they have, telephone numbers, e-mail addresses, what kind of hobbies bob likes, etc, etc, ETC!!!! Setting up an effective knowledge base to attack with can take days, weeks, months (depending on the circumstances, i.e. stuxnet, the advanced persistent threat, etc).

In short, pay attention to the little things. A sticky note saying what time john's dinner date with his wife is can be turned into an attack vector.

EDIT: More simply, think of an attack like putting together a jigsaw puzzle. It will take forever to find the pieces, but once you put them all in the right place, you see exactly what the entire picture is about.
« Last Edit: June 12, 2012, 04:22:18 pm by m0rph »
Report to moderator   Logged
Pages: [1]