How to be a White Hat?

[claude]

How can I learn or find out how to hack a linux server? I want to try and find out all the common security holes on my server and then patch them up. Any programs that do brute force, attacking specific ports, port scanning etc etc. Any ideas?

[cornelis]

You may need to take up a security course for that as not a lot of people will actively teach you how to do it.
As for port scanning... you may want to look for something called NMAP.

[Cobalt]

It takes a little more knowledge than that. There are varying degrees, what I would assume you're looking at primarily is "script kiddie" status, in that you want to look at brute forcing your server, trying the well known exploits and so forth to make your server reasonable secure to all but the most dedicated crackers.

If, however, you wanted to make your server near-bullet proof, then it will take a lot more than run-of-the-mill applications I'm afraid.

I would hesitate to google the above keywords, but be VERY careful what you download. A lot of "hacking" utilities contain trojans themselves to don't download from anywhere that seems less than respectable. Also, ensure you have up to date anti virus and firewall programs before using any prebuilt programs such as port scanners or brute force mechanisms.

There are plenty of legitimate tools out there though, what do you think real system admins use? Go check out somewhere like downloads.com, there will be network utilities that can scan ports and so forth I'm sure, although brute force may be off the list.

Goodluck, just make sure you read plenty of technical articles and understand what you're doing and why. Otherwise you're no more than that aforementioned script kiddie.

John

[cristobal]

Other than that, try to be very cautious when you are experimenting things out.
Don't want to get into the situation where someone sues you for privacy intrusion.

[xacto]

I often browse this site for security updates of exploits.

[jmack]

Knowledge of how to hack or exploit a system comes from intimate knowledge of how a particular system works.

Get a box. Install you favorite Linux distro. Then play until you are blue in the face.

Spend a couple years learning it INSIDE AND OUT. Really, that is the only way. After that, you will definitely be in a much better position to be a white hat.

nmap is a good place to start. It's available for pretty much every unix system out there.

[ikarisama]

Thanks for the advice. This forum is godsent.