 Okay, and if you couldn't figure out what's back the newbie you're in the right place because obviously you can't read All right, so we will try to keep this as upbeat and fun as possible. So first off who's got questions Anybody have questions at all any question right now answer a hundred percent with total honesty We're from this point. Yeah Yes, I could anyway next question You got a spot the correct Fed not the incorrect one Look at the socks Wrong socks that's section two of the lecture anything else Yeah Is that the screens? Okay, that's going That's it for hacking tools. I'll come up with something by the end. That's part of the closing thing places to go from here Okay, no one asked the million dollar question. Okay, well we'll get started Okay, so we'll start off with the boring stuff such as philosophy Here's to the biggest question that everyone will walk up and ask somebody. Are you a hacker and I find this to be one of the most absolutely humorous questions at all either to be asked or to ask yourself Mainly because if you're asking yourself, are you a hacker or declaring yourself a hacker? You're Deciding like you're going to be a car mechanic. You're going to be a lumberjack or you're going to be a stockbroker You're looking at it as a profession looking at it as something you decide one day that you're just going to start doing and go out Learn how to do and if you decide this you've already missed the picture Hacking is a state of mind hacking is a way that you look at problems hacking is a way of approaching life It's something you do on a daily basis and you've probably been doing it for the last 10 years and didn't even realize it You look at problems is from a different angle. You don't go things in a classic textbook approach if you did You wouldn't be a hacker Hackers have a tendency to First time you get you pick up a walkman. You see what kind of screws are holding together You don't necessarily look and see how cool how good it sounds you're more concerned with what kind of drive system It's using is it a direct gear is it using a flywheel is it running on a using a large rubber ring to drive it? These are the kind of things you you look at and approach The first time you know when you get a computer Do you buy a computer? Do you piece it together if you bought one as a package in it? First thing you do is is avoid the warranty pull out the screws and see what kind of CPU it's got did they rip you off These are the kind of things a hacker will do when they're doing things So typically what happens is you come to the realization one day that huh? Oh, maybe I am a hacker. Maybe I've you know, so that's kind of long lines. We're looking at So number bullet point three establish your code of conduct this also falls under philosophy Um Most people have an inherent scent sense of knowing when they're doing something wrong You know walking into the store punching out the clerk and walking out with the Constance cash register. This is wrong You know you put in a 25 cents on the gum ball machine and to drop out instead of one Is this is this wrong? No, you got something for free, you know, that's this is Yeah, so she bus This is the kind of thing that we're looking at with good and evil It becomes a little more of a gray market gray area with Computers, you know You decide to run a port scan on an IP. Is this wrong? Yes and no Have you done anything to this computer? No, have you intruded on the computer? No Have you actively broken into and obtained data off this computer? No So let me paint you another example How about I come up to your house and I decide to walk up to check your front door check the lock rattle It is a door locked. I go to the windows and I push up on all your windows and see if they're locked I go to your car. I see if it's unlocked. I check the handles Maybe I'll even take a slim gym and see if I can pop that door open. Let's test your security You know, is this is this something you would find acceptable? Probably not. In fact, if you saw someone walking through and casing your house and checking the windows You might get a little mad and probably call the cops This is what happens in the event of something like a port scan so and this this mentality is something when I tell people to when you're getting started and Getting into this environment Come up with and and establish what you what you know to be right and wrong now This may or may not be based on laws or such but you have to look at the big picture You have to understand What you're doing you have to understand there is a consequence for every action you take whether you realize it or not Prime example a couple years ago there was the large denial of service attack on Yahoo, and there's been eBay and such other things The motivation behind it could be anything from someone wanting to gain fame to someone who got annoyed to someone who's trying to Win a bid. I don't know But when you're looking at this you have to understand that Every system connected in between you and whoever is being attacked is also suffering These are people Systems you may or may not have a problem with or people and you're affecting their lives And you're making their lives pretty much a living hell when you do this kind of childish behavior And that's kind of what it boils down to so Typically it's a good idea to to understand You know right wrong good evil They're real fine lines. They're a matter of perspective what you might consider to be perfectly accept acceptable the next guy to you might find to be criminal and Somewhere along these lines you kind of all have to meet and hook up and understand and Kind of have our own space to work with So that's part of the long the idea of what the philosophy of getting involved in this environment is so Okay, this brings us up to etiquette and A lot of breaches of etiquette I observe around these these meetings The first point manners and you don't have to prove anything Actually, that's good. So how many times how many people is this your first time at DEF CON? Whoa, oh, wow, that's pretty cool. All right Let's see So a lot of people okay? So since this is new for all of you Something that happens a lot of time with these and it the adults don't tend to do as much as the younger people But what you have is the first time someone shows up here and They've been in their environment if they've been online they do their things and they have their persona They feel the need to make an impression on somebody when they meet somebody or they see someone they've seen on TV or Red reviews by or whatnot want to impress them and usually the first thing happens is they try to impress them by doing this Some of the most stupidest stunts. You can imagine Here's a here's a prime example from last DEF CON Myself and about six other guys all goons or staff or whatnot for sitting around the bar here in the lobby and About 3 30 in the morning this guy comes walking up to us with a couple of his friends We immediately spotted there was gonna be some kind of trouble You look like Fred Durst from one biscuit get the backwards hat the whole thing walk it up and he comes up looks at us So what y'all hackers? And I'm kind of look up and sticker in fact point of bars over there man get a drink cuz you don't have one We do you need a drink He's like on oh, I get y'all gonna be still must be cis admins, huh? You're not gonna give out any information you'd be like that, huh? It's like Dude, it's four in the morning, man. You don't have a drink yet get a drink and He kept on and kept on he got more angry and he kept trying to do something he's with his friends and You know it went round and round for about 20 minutes till finally he got frustrated he wasn't getting a rise out of me and We we sat around laughing about this guy because it's you know, how do you walk man? I was just gonna keep going How do you come up and been friendly? We're all having a good time We're we're socializing catching up on what's happened in the last year and you know whatever and out of the blue This guy comes up trying to like make an impression It's like you know pick pick the biggest dog you can find and go up and kick it to show that how tough you were that you went up and kick the big dog and You know it didn't impress anybody and he kept doing this throughout the convention till finally at one point it got Physical with somebody and he was ejected. That's that go home. You're not welcome here anymore because you have a wrong attitude and You know, it's it's too bad because it was a good environment as a chance to learn something meets the new people and hook up and Instead you had to go and be you had to go be an ass and that's it And now no one will deal with him and we've got his picture posted in a few places And he's still a good source of humor and now he gets to be a topic of the lecture Don't be that guy So along the same lines The bullet point to that is a phrase will like to use is shut your mouth and open your ears When your mouth is moving your brain usually isn't working Case in point on the lecture so Along with bullet point three Don't look with your mouth use your eyes use your ears use your other senses They're far more powerful than your mouth if you want to learn something you need to be quiet and make observations use your eyes listen to what people are saying think about what they're saying and truly think about it and Listen don't just hear them and You can you can you can get terabytes of information without ever saying a word that way You know the old phrase keep you know keep your mouth quiet keep your mouth shut and let people think you're stupid Don't open it and prove it and this holds true a lot of times because you may or may not know who you're offending or Being an ass in front of and that could be someone that could be a really good person to know or a fun person to know But you won't know until after you've probably pissed them off So and it brings down to point four how to approach people you don't know you see someone interesting like I Don't know like you you're bobbing around at Lobby and there's Ian Goldberg And you've heard about him. You've seen zero knowledge net and stuff, but you're not sure how to approach him Typically don't walk up and interrupt the guy if they're having a conversation with somebody this happened last night myself My friend just a bill and Peter Shippley were having a we're trying to hammer out something that had happened earlier And these guys these two guys kept coming up talking to him at like four in the morning Want to walk up and talk him and touch him and hug him. He looked him said will you go away? Yeah, but but no go away. We're trying to have a talk here How do you approach me another time when we were sitting around just chit chatting or whatnot or just walking through the hallway and Bump into him and say, oh, hey, aren't you so and so? Hey, I caught your speech Or I saw you on TV read one of your books read a review, you know, it was pretty good And you know, hey, I got a question if you got time You put it at, you know, their convenience don't demand attention from people Because they may or may not be busy and if they're busy and you're demanding their time at that exact moment. It's rude and A lot of times you have to just you have to flip places Do you want someone coming up to you and doing to you what you're doing to them and the answer is no Don't do it. I mean, it's it's pretty straightforward Unlike, you know, there's another case point which one of the guys in the back was laughing asked me Are you gonna go up and tell them all don't be an ass? Yes It's a matter of fact. I'm gonna tell people don't be an ass And then the last bullet point kind of goes along a little bit with philosophy with maturity and temper tantrums and You know someone on IRC says something you don't like and you decide you're gonna you're gonna pack at the guy Okay, that's cute. That's real mature. Nice. You're you know, so you're five hops away from the guy so basically you got three systems in between that you're also packing and flooding these guys and tying up their time and it's on their dime and Something I you know, I say that you know, think about what you're gonna do weigh your actions if you feel that you know that Whatever you're about to do DOS packing or or just being a general nuisance on the net to something if you feel this attack is justified and you know the It's the consequences Don't out weigh your actions. Well, I'm not gonna tell you not to do it Straight up if you feel that you're right go ahead and do it but there's gonna be consequences there will be backlash and Make sure ask yourself am I just you know throw in a temper tantrum? Am I getting my nose out of joint because some guy called me a loser on IRC? You know if what some things that somebody says on IRC is that important to you? You need counseling because it's just IRC You know, I have seen more wars. I have seen more fights. I have seen more long-term battling going on over IRC And I don't get it. I Had I've been doing various forms of online chat for at least 15 years on various networks and servers and hooking up with people I I love the medium is a great way to get to know people you talk to people on a different level It's cerebral. You're talking brain-to-brain mouth doesn't enter into it And the dialogue you'll have with someone on IRC is far different than you're gonna have face-to-face with the person It's it's nice But on that same token take it for what it is. It is a conversation. It is interaction. It is not It's not important, you know, so So it's button on that subject So let's move on Wrong button again. There we go learning There's a Number one point there coding versus compiling. This is a big issue when people are first getting into this When you can you can you can use the the old Star Wars parable the good You know the the the force and the dark and the light side and you know Compiling is the dark side coding is the light There's a happy medium If you need a tool and you need it now There is no sense in like I say reinventing the wheel grab your tool use your tool if you need a port scanner now Download it. It's there's no point in rewriting things that have been Written a thousand times and available on any search engine you can find for a file. Obviously By that same token though, if you have been running port scanners I'll use port scanner kind of as as foo and barf pretty frequently if you need it If you have never written a port scanner and you're using them all the time You would do yourself a World of good try writing one Write it in pearl write it in in basic right and see right at whatever pick pick a language or pick a weird one You know pick something obnoxious off the walls right right in the port scanner and Python You know why not? Yeah, cool And and learn how it works understand what it's doing put your own features put your own tweaks make it your own personal tool that is exactly what you want because The goal is not to write the port scanner the goal is to learn the machine you're on to understand the machine Knowing how how the the code talks to itself understanding what is going on inside the machine at the time This is getting back to the essence of hacking Understanding how it works knowing what something is doing You know that's that's the idea when you're when you're simply just compiling other people's code You aren't learning a damn thing All you are is going to 7-eleven and buying a bag of chips eating the chips and throwing the bag down on the ground somewhere for Someone else to trip on that's that's what quick coding and script kidding is you Typically are not doing anything other than you know passing, you know, hey, I take this I throw this and it's there I didn't go get the water. I didn't fill the water, you know, you're wasting space. You're you're a chunk of You're a chunk of biomass that is you know polluting everyone else's time and you need to just go away You're not benefiting and you're not hacking your a nuisance and typically These are the people you find doing the packet floods gonna do the port scanning Getting an IRC wars watching EF net crash in a piling burning code Code storm because someone has decided they're gonna pack at the servers until they split and try to gain hops on Pound feed the goats or something obnoxious Don't laugh. That's the script kitty channel So let's go along like I said know your code know your tools know yourself if if you Know how to write the code for the tools you're using You're ahead of the game and you're on your way to actually doing some true learning These things and that's it's pretty important for for getting respect from other people If you can write your own tools and have written your old tools and can show off that you've done this then people understand Hey, this this guy is actually doing something. He understands what he's doing and You're gonna find it's a lot more interesting and it's a lot more fun because how long do you want to keep? Downloading and running other people's programs. How long do you want to keep running other people's scripts? Or even more fun you download a script and you have no idea what the script does they told you what it does You don't really know because you can't read the code There was a neat little code. I used to pass around back years back called Burke op dot IRC and This was back when all the new people were coming in on the IRC around 93 94 and They are all man. How do I get off? I want to get off. I need ops on this channel. I'm gonna take it over And tell me I got a script for you want to run it here DCC it over to them and They start running it and so does they run it I'd know it because showing up in my message window says you've got the loser of the day And it's listing me my little mini menu Meanwhile on their side it's saying, you know script loaded what channel do you want to take over? so they type in their channel it says losers attempting to do this and It starts playing with echo on echo off turning their terminal off on moving them to various places and then outputting Things just for them to see as far as they're concerned They're taking over that channel and says, you know hacking ops hacking ops meanwhile It's I'm sending codes like you know, let's let's check their directory Hey, look at those files. Which ones do you want to wipe out? Shall we kill root and? The funnest funnest ones was you you send to it you a CTCP to it Folgers crystals And at that point it wipes out everything in their home directory their entire mail directory and anything Off the tree and replaces it with a file named Folgers underscore crystals and then it announced us to the entire channel You know, they don't know it yet, but we've secretly placed their home directory Folgers crystals Let's see if they notice But then again, I didn't write it. It was past to me so However, I did go through and make a few of my own changes and of course like I said before before I ran it I read it and I Went through and made sure that the code I was about to run wasn't about to do what to me What I'm about to do to somebody else. It's stupid enough to run this code And that's along those lines, you know the next thing you know, of course Okay, more anecdote to go with this one. The other side story was one day I get a little piece of email from one of the admins saying Hi, we because I'm on an edu at this time. I went. Hi. We'd like you to come in for a little meeting because Distributing trojans. It's not good So I apologize. It's where I wouldn't do it again. They groveled and you know, they said, okay So I told myself they didn't have to run the code and they go that doesn't matter Shame on you shatter bad shatter Okay, so let's get into the real world now. We've done a lot of we've done the Some of the fictitious stuff here in the abstracts Okay Here's the big wake-up call for a lot of people Life is not television Life is not the movies This is not the movie hackers Okay, we don't run around with little heads up monocles. We don't rollerblade and you know, I Never been on a pair of rollerblades. Okay, they're they look like fun, you know, that doesn't have they don't run CPM. What's the point? So yeah, this is the real world I have ran into people and listened to them sit there and worshiping the the movie hackers going dude It's the greatest movie man. This is this is what it's all about man Attacking that mainframe and taking over the Gibson and it's like oh shut the hell up Good God, you know, I'm sorry Penn Gillette is a cis admin is funny if anyone's ever met pen you understand why that's comical And you know the whole the Gibson, you know, yeah, it's named after William Gibson. Yes, we've all read Neuromancer Yes, it's a fine novel But God, yeah, I can't go on in that movie enough because it was just absolutely hilarious watching it A television show I liked it was short-lived was Level nine that used to be on it was on UPN. That actually wasn't too bad of a show I actually ended up talking with the producer last Def Con. He was here and walked up to me Which was kind of humorous because I'm working with the back doors gooning and all since God walks up goes Hi, can I take your picture? And I'm like why? He's like well, I'm doing a TV show and he gets me his card and he was legit and so chitchat And he was looking he was actually here at last Def Con Getting an idea of what one of these conventions is like for use in material on the show and see and what the people They were trying to do it as accurate as possible and after having watched the show It wasn't bad. It wasn't offensive Yeah, you know that When you're actually watching hacking if you haven't if you're not totally familiar with hacking looks like go over to the CTF and watch After about two minutes you can be bored off your ass because it's really boring You see some guys sitting in a screen like this and you know he's tap tap tap tap tap tap tap tap tap And there are the command lines just typing little things It's it's not flashy You don't see spinning graphics and and polygons and and flying through Visually getting this data readout and all this shit and and typing to dodge and oh shit He's coming. I gotta hit arrow keys. Here he comes and oh God I dodged it. Yeah. Oh, no, it's tap tap tap tap return Shit That's hacking it's you know when you get in the computer level, but you know so We'll point to good jobs perform background checks and They will check your background if it's any kind of a very any kind of a high-paying position anything happening in the building Job I was where I was gonna go on with a guy just this last spring They were doing the background check on me and it was pretty funny because he called me up and said shatter it failed I'm like Okay, so I ran him off List list of little nuisances and traffic everything including every traffic ticket every speeding ticket everything I'd ever done and he went back and He says he's and when I named off him off. He says, okay Let me go back and talk to him again, and then they had their conversation. He goes. Yeah, it was the public nuisance I usually wear that one like a badge big badge. Yes, I have been convicted Infraction public nuisance the people of the state of California found me to be a nuisance God bless the legal system It bit me on the ass and they straight up said that Considering the records of everyone else that worked for this guy as a consultant and contractor that the three million insurance was just not enough Anymore before I brought on that I was like the final straw because apparently everyone else works with the guys just even worse They got their little bits of you know Friday night fistfights and other things and they have many as nuisances as well So but they will check this shit. So, you know, you think you know Something you're doing when you're 18 and 19 that That will hold on and those carry over and once you turn 18 It doesn't matter what the charge is anything in fraction and up stays on your record your whole life and Like I just you know why my case in point being a public nuisance was too much for these guys to have and They said not till he had a larger insurance policy than it wasn't a big deal so Keep that in mind that things you're doing now might affect you when you want a job in 10 15 years and Bullet point three contrary to popular belief convicted felons do not get government jobs searching for hackers Getting busted is the quickest way to never get a job in the security field your the rest of your life It's been a misconception I've heard ever since the first time I got into computers and stuff that you know the whole the urban legend of Yeah, you know the government secretly seeks out and gets the most Hardcore the guys that they bust they go to them and cut them deals to get them to help them secure their systems And that's how you do it and bull shit if they caught you they don't want you You know it You know you just caught that you mean if you catch okay, you catch a kids You know port scanning and packet flooding your your DSL. Do you go? Wow, that was great. You want a job? Fuck no Tell the cute. Hmm. Anyway, so yeah It don't happen and so let's get on there point for a white hat black hat Hackers don't wear hats. Okay. Yeah, everyone of my know do not wear hats if they are My phone If they're gonna wear a hat usually it's up along these lines. I like this one thing I'm personal my propeller. It's got a skull and it's black That's a hacker beanie Yeah, no and yes, it's black Because I'm wearing a black shirt black shorts black boots. So anything else would look silly Yeah, the whole hat thing is such a misconception anytime I hear someone like quoted as The white hat hacker so-and-so was how I want to slap them That's just as bad or when they make reference to all these evil black hat hackers were coming in and now The difference between being a law-abiding white hat hacker and a and a evil nasty plague Antichrist to the world black hat hacker As I say here distance between those two is about 1.2 seconds and that's the length of time It takes you from being a nice happy guy to Getting that annoying spam for the 50th time and you decide to check the IP's and you see it's the same IP every time you decide Let's go check his shares. Oh, look at that windows. That's why he's got his shares wide open I'm gonna nail him and guess what as soon as you touch those shares You just intruded on that computer if you went across state lines. It's now a federal matter if you went into another country It's now an international incident So that's about the long link the time it takes and quite honestly With the amount of people I know on both sides of the fence the people in this computer security field and the people who I Know through various channels that are on the other side of the fence They there's a lot of overlap. I've never met Maybe only one or two really truly nasty evil Hacker types that are out to pretty much destroy everything and they have a pretty short life expectancy They pretty much get nailed pretty quick because they're pretty stupid Likewise, I have never met a pristine perfect guy who is in the computer security's field who has never snickered and done a little Watch this Blew his connection off anyway, you know it happens and Anytime I hear the self-righteousness the holier than thou or the I'm better than you References to white hat black hat gray hat and all that I give them a big Because it's bullshit You know your your action, you know, it's it's all in your head. It's goes back to some of the ethics the Etiquette and your philosophy. It's it's what you consider to be right and wrong and that's the differences And that's the only place that matters. It is a Putting a good bad label on it is like saying a person is good or bad there's all shades of it in between and The absolute worst people in the world can suddenly be a nice guy and the nicest guys in the world can just snap and Do something pretty horrible and that's Computers is no different. It's not any kind of perfect, you know, everything written in stone And I think I pretty much already kind of cover the concept of responsibility for your actions And that's a big that's a big stickler with me It's one of the things that and manners are two things that way pretty heavy with me and a lot of people I know You know do what you're gonna do but be responsible about it Don't whine. Don't say someone it's someone else's fault Someone made you do it or any other, you know, asinine excuses that you can come up with if you did it You say you did it, you know, how the balls to do it or don't do it own up to it Okay So Go from here. There's a lot of places to go learning Best places to go I find is a bookstore Pick up a book pick up a subject. You've never done before if you haven't worked with Pearl grab a grab an intro to Pearl book and You know start learning Pearl start slapping some code out and play with it pick something new That's that's gonna be your number one source for learning is gonna be a book there There is no There is absolutely no substitution for a good hard rock solid base knowledge in anything You can't you can't learn the wrong thing there is no wrong thing Anything you learn is going to open the door to something else and it's gonna be a foundation to learn something more and Keep moving and going My girlfriend was learning learning some age some HTML and some other stuff and somebody told her what why are you bothering? That's a waste of time. It's not a waste of time not at all She was picking up some some visual basic and someone was like, well, why are you doing that? She's just go learn C. It's like Why how what's what what is the point of going learning C if you don't have the foundation things and the foundation course It was teaching the basic concepts of computing was using visual basic as Their learning tool it was a tool you could use any language They chose that for whatever reason because that's what they did the knowledge you learn is not going to go to waste So anytime I hear people make references to you know, wait learning something. That's wrong or wasted knowledge It's and typically they're trying to just Keep you they don't want you to learn it typically because they probably don't know it and they haven't bothered to do it And if you go and learn something they don't know you're gonna be better than them and they're jealous so Learn what you can learn anything, but like I said my first recommendation is always read a book and there are thousands on the market to pick up, but Anyway, so finding like-minded people this is a You know a lot times you can do this in the bookstore when you're browsing books you find someone looking at the same subject Classes of college mail list listservs There's there's I don't remember what the last count of use in it is it's I'm wondering if it's reached the 500 500,000 market of groups of every possible subject You could imagine For people that are doing Anything and everything hacking anything. I mean Look at the look at that some of the obnoxious work that's gone into some of the Lego Mindstorm hacking. I mean Furby hacking. I mean that was that was a big one there for a while, but You know, that's one of the things. I mean if you see something new that comes out and it looks interesting Take check it out work on it see what you can do and use a good chance You're gonna find other people that are probably doing the same thing at some point So yeah Retaining a project. This is another way you can also find people and meet them Like I said like the Furby thing Pick a project pick something big and it doesn't necessarily matter what it is because the goal is not to to get from point A to point B. It's to to go to point A via the town next Next town over and learn all those maps before you come back to be Picking things up along the way finding new things anything you just haven't ever done before There's there's so many things out there besides Learning code learning TCP IP learning see learning pearl these that's those are that's a speck of dust on the wind of things You can learn and and hack on Any new there's I It's such it's so many it's hard to even pick one to focus on But what doesn't matter what you're working on the concept is that you are learning and that's typically what the hacking is all About if you're coming in if you want to get and if you're hacking and you're here at Def Con Because you want to learn how to break into a computer you wasted your money go home because you've missed You missed the boat boat took off and ain't coming back you your lost cause at that point So Waiting jail this is always a good one Waiting jail don't break the law It sounds pretty simple, but you'd be surprised how often people break the law Because they don't know the law and ignorance of the law does not exclude you from the law Before you're gonna do anything check it out look into it know what you're doing Make sure you're not doing something you shouldn't do If you want to practice breaking into computers your best bet is to build your own local Local network break into your own systems and then however you broke into that system go to that box Repair it and try to block that then go back to your other box and re-attack it and Work on your own system because what you do on your own computers is your business and you can do anything You please launch any nasty anything viruses email bombs all of it as long as you are not seeing it outside of your own local network You're fine and in fact, it's encouraged. That's a great way to learn that is an excellent way to get into some of the hard hacking because There's many steps to get up to that because before you have your own local area network. Well, you need a network So you're gonna have to get in to learn the networking. Well before you have your network you're gonna need machines and the best way to get machines build them and You don't necessarily need money Because you don't need a high-end machine necessarily to do some of these things This stuff worked great on 486's the stuff worked great on pinions. You don't need a 1.3 gig Athlon running 512 Megs of RAM to play around with Doss attacks It's you don't need it so you can find probably free machines parted out machines or anything else laying around from people You know and slap them together and build them. I mean The other day with me and my brother got bored and we got to talking about it And we wanted to play a bunch of some of the old old crunch classic DOS games That just absolutely don't run in Windows or they were they were They even even using various other things. They just they won't run So we started digging around through the drawers and we scrounged up one of our old motherboards We pulled out of the chip the only thing we actually end up buying for the system in the end Was he bought a 32 meg stick of RAM for $9 and everything else was parts. We had laying around we shoved it all in machine I found an old Ancient crusty Hard drive that was I think it's an 80 meg drive shove that in there because it's still spun and you know now We got a machine and so we're gonna run DOS on we could easily have put Linux BSD or anything else. No, it's not gonna be the fastest thing in the world But who cares it's it's it was nothing and Along the way if you're gonna if you've never done something like that, you should and Figure out what's going on and your your best your best thing it can possibly happen is it doesn't work Because if it doesn't work now you got to find out why and the why it goes back to what? What we're trying to do here is is the why it's going on the how not the fact that it's doing it Not the fact I push this button and you know push that button that happened over there. I need I'm done Now why did it do it when you push the button? So hangover remedies And we got how many people got hangovers today you people weren't having enough fun last night Hangover remedy best hangover remedy don't drink That doesn't happen at Defcon not when we feature the TCP IP drinking game Yes, alcohol and Defcon go hand-in-hand. I don't advocate drinking much. I Encourage drinking a lot because It's hurts anyway, so fun stuff at Defcon Lectures are always are a great great source of killing time during the day until the party start in the evening and I Always hear things on news sources in other places people saying that you know that you know Defcon's a farce I think I think Microsoft I heard yesterday once again this once again denounced Defcon As being fake phony and whatever I look around the room. That's don't look too fake to me unless you're all holograms We only got those figured out yet, so you must be real which means we're here Which means whatever we're here. We're doing it's all right fuck Microsoft Huh How do I what because that's actually pretty much what was on the laptop You know it it's here. It's running, you know, whatever Actually, typically what I was doing was doing a lot of dialing into my old job with this from the road and in their infinite wisdom decided to go from a standard login system to a To using a Windows networking Remote login systems and they completely bypassed the intermediary server which used a complete separate login and password And that was to make it easier which I laughed myself silly because well, they were simply using everyone's local in-office machine login username password and That's if you even bothered putting one on You know, it's just your desktop machine. We password for it's a work box So next thing you know is of course someone may want to change your password They're gonna issue a new password and of course they they you know email it out in their infinite wisdom got rid of the wonderful send mail box that we had running that was running a Sun system and threw that out because the company They only use exchange server because damn it. It's better We had a virus a week. I don't know actually we had a virus about every two to three days They were getting hit with yet another VBS script virus. I Hate using that term for the VBS because all they are is a glorified script But you know, let's just say of course it would go through hack hack and take over everyone's machine email bomb everyone and Mail could box up and take the email and send to whoever so if everyone's passing their passwords around an email like they did There we go compromised Of course, that wasn't the only compromise there. They The Unix systems I think were set up by people who were MCSE trained Which means they don't understand the concept of groups And so the only way I got the entire system work on the full cluster was everyone used the same login Why not and even better when they would write various pearl scripts to handle various other jobs and such Wow We'll just in the code Telnet and this there's the user in the password Good the script runs and they ran for three years And so anytime they wanted to change the password for for everyone to use they had to go through and change every script some of the program some of the compiled code because They put the user login and password right into the code And of course all the source was sitting there Yeah And the set the third part is is this is pretty typical of a lot of companies and you know You see in the news that this company got hacked or these guys got dosed or these guys got defaced and you wonder wow How can this be? This is why The typical home user or the typical DEF CON attendees home system is probably locked up a 10,000 times tighter than the average corporate system And I kid you not Guys who are hacking and whatnot back and forth on each other their systems are far tighter than most Anything you're gonna find in the commercial industry, and it's pretty sad But you know on the flip side, you know when they get attacked I can't be too sad It's like well you were stupid, you know if you make it in some of these companies you make a recommendation about it And they think you're about to hack them It's like no I want to lock it on my company system to be tight if I'm gonna be on it And they think oh you're you're talking to security you're probing the ports you're you're gonna do something to us Aren't you not me somebody will though So anyway Okay, so I think we're wrapping it down here a few more minutes So now do we have any questions? Yeah, are you look are you talking home-based or corporate home base? Most of them boil down to the same idea that what they're doing is There's to get down to two types of home systems you either have one that by default blocks certain port By default blocks every port. I like those ones. Those are nice Verse or you have the flip side where they automatically have every port open you decide what to block for most people in the home Automatically blocking everything and then asking you if you want it open is a little better Typically what I'll throw on systems. I actually I got it on this one here. This is an old one that is was bought out by Semantic bought these guys and it turned into The internet What are they called internet personal security or internet security product? No, it's that it's a semantic one Norton Norton personal security. I think there's I'm like I don't know Personal firewall. Okay. This was the predecessor to it called at guard and it's it was absorbed by them and Stripped down, but the nicest thing about this was it actually blocked ads and you never I don't see ads on webpages But it had a firewall here and you can see it automatically by default. This was a default one here blocking back orifice and net bus I'm sure had it had they stuck around or stayed as as they were they would have probably run sub seven some of the other ones And blocked them, but this one here by default blocks all ports and then ask you what you want to open and it's pretty friendly It was decent Easiest thing is experiment with them see what you like and what works for you Louder, I got battery Read anything you've never you've never read that's huh. Oh Yeah, you want to know what what books I recommend? I I straight up say anything you haven't read if if you've heard about it You don't know anything about it grab a book on it read it start there Um You snet man you just it's almost as bad as a search engine You just punch in something after you download the entire list and find something for a word you're looking for word of mouth to with some people you kind of just poke around and see what there are a Lot of times some of the real some of the more intensive ones the name will have absolutely nothing to do with What the discussion is? IRC IRC's IRC man. That's anarchy It's it's it's it's just goes Yeah, it also depends on which network you're on I kind of backed out of most of it Yeah, I got the first three words Yeah, what you have to do it ladies asking is the legalities of Say you're attacking your friend who's somewhere else Depends on the type of attack and you have to make sure that you're not violating use agreements to your ISP your ISP that you're providing or Whatever usually is the first one that's going to say anything about it And if they allow it then everyone in between it doesn't matter depends on the type of attack you're doing If you're straight up dossing you're going to be dossing everybody in between your two boxes And even packet floods that can be going on to it depends on the type of attack If it's one if it's a if it's a high bandwidth connection just hammering Everyone along the lines if you're using a smurf based distributed attack where many are sending to the one That will still end up hurting the ISP it depends on on how far up the chain it is So But if you're straight up trying to just do a penetration attack you're probably going to be okay as long as it's consensual But check with the ISP and see what they what they straight up say do and don't do But anything that's going to going to affect any system along the chain. That's typically illegal That's the easiest way to think about it and along the same way ethically as well Make sure that you know, you're not bugging anybody else in your exploration Yeah, not if unless you have it set inbound outbound I'd say no as well as along the lines of it depends on the game I mean if the game has a potential to exploit then yes, you could but Yeah, I'd pretty willing to bet unlikely because the game is only going to have access to certain resources and unless it's got the Ability the game itself has the ability to do things like modify your master boot record or whatnot You know, you should be all right Oh Okay, I'm old to me a cracker is the guy who's who's busting open software That's how it's always been to me this other term of calling separating the difference between a hacker and a cracker as being You know what they're doing You know to me, that's like new fangirls thing. I'm a jig, but I Tend to look some depending on the cracker what they're doing I tend to lump them in with a script kitty, which is nine-tenths of all the crackers out there are script kitties They get on bug track. They look for the newest exploit on what server and then they exploit that server to deface and You know, is that impressive? No, not really. I don't find I don't find I find the face It's to be pretty boring pretty tedious and silly and unless it's really really well done New York Times that was that was great. That was funny. I sent the New York Times hack about three years ago You can find it. It's there still want that that was a I was hacking for girlies and They if you jump on a trish, and you can find it in the archive That was beautiful because they cleaned it out New York Times completely stripped it and a couple hours later It's defaced again It took them better part of a week to track down every little Place that they hid the cron jobs and the code and got in and really just just blew it open so that was that was actually pretty good versus going in and and Nailing it to an IIS server and the humorous thing is if you look at some if you go and look at attrition You can kind of start painting a picture of these defacements and you look at when they hit and you'll see some group Well, suddenly this day did 28 defacements and You go and look at the details of it Every defacement was on the same type of server using the same exploit the same time uploading the same page And what they did was they had a little script. They went and they went Look what I did. I didn't do shit They sat and they changed a few variables and said launch and it went out and started going through hitting system saying What are you? No, what are you? What are you that? Oh, I'm gonna exploit you. Who are you? Who are you? And that's all it is. They just it's kind of like it's pretty similar to running a It's like port scanning except their ports. They're hitting at multiple websites Looking to see what server they run and exploit it. So I it's not impressive The human factor is almost always the weakest link of the chain humans are stupid. They're really dumb They use birth dates for passwords. They use their social security number. They they use their their maiden name They use pass they use test I Don't know who it was, but somebody at one point found out that the city cash manager of New York City for a city bank back in 1987 the main root login was user city password cash I Kid you not and they were that ridiculous. So I mean that's called human error Right Yes, that's actually using technology to change human behavior and That's that's that's you fairly good You're your simplest your basic thing of a way of if you're you know, like you said to spend a dollar to secure a system Look at the big picture draw a big picture of what's going on and Essentially try to figure out what what your weakest point is is I mean the same company I was okay same company that was doing the passing account for everybody We're talking like three or four hundred people Going on noisy dial-ups and and coming across DSL is using our using rsh to log in we didn't SSH We rsh'd they said SSH was too buggy to use is what the admins told us I Laughed a lot So their solution was to put up a second firewall we'll put another firewall will be even more protected Did you not Too firewalls does not mean twice as twice as secure to firewalls means you you've got your paying admins who don't know jack and shit and They're just spending more money because they don't know what they're doing and they just think well firewall will protect me Firewall is only as good as the guy who set it up. Firewall is only going to be as good as the guy who who? wrote the port blocks And if you're if you're even if you're running a unique system If you've got windows machines on the backside of it and you're not blocking ports 137 through 139 barred from the outside world That is the biggest hole in the world and it's in every version of windows even the new ones Every one of them and if you've got 137 and 139 open you can you might as well Just bend over and spread them because anybody can come flying in with us with a shares exploit So that's that that's In fact air here's here's my tip. I tell everybody the two things you can do if you are running windows on your home computer to make yourself almost fairly Secure as your first line of defense is number one You know type it right now go into Let's see All right, let's go you want to go into Go in here All right delete this file Destroy it Devastate it kill it make it go away and as a set and if you want you can even go in and Remove the file associations to Both of there's two points to dot. There's one to dot VBS and one to something else If you delete that you will protect yourself and probably 99% of the email viruses floating around the network today That the part this is this is the windows scripting host and it has one purpose to run Visual basic scripts on your system and I'd say 99.9% of all people running windows do not run VBS scripts That's that simple yet the default for all windows installations is to incorporate this into windows The for anyone that knows Pearl and Unix systems This is the same equivalent as giving root access to Pearl programs running under any user Okay, you should be laughing at that point That is exactly what that program does you can tell it to wipe out C and then when you're wiping out C You can also tell it by the way hide the dialogue boxes and don't and make itself run completely silent That is how the I love you virus runs. That's how all these other ones are doing it They run through that thing there if you destroy that you will protect yourself and number two like I said before run any kind of personal firewall public or whatever and Block ports 137 and 139 from outside access on your system easiest ways if you're running a DSL or a dial-up Designate that land card or what or whatever or if you're not running a home network Then just block it because it's not needed and that will block you from the shares exploit which is you know wide open by default on Windows so between those two You're not a hundred percent at that point, but you're a whole lot better than you were two minutes before Yeah, I'm talking about the Windows networking sharing. It's essentially kind of like a file share system that you You pro you probe on 137 and then you talk on 139. Yeah But you can go into anyone's system effectively and and by remote turn it on access their printers When we first were playing with this some guy argued, oh, you can't do that. So we dropped the Windows help file to his printer Every page made a believer out of them. Wait louder. Yeah Yeah Yeah There's quite a few of them if you want to pay you can use secure CRT, which is pretty slick There's also several public domain ones you can download if you go to like Google or something or even files calm or whatever Just look for just type it in Windows SSH client and you should get quite a few returns Yeah, yeah Yeah Probably start with you can always go to loft loft has got some of their stuff They done loft crack and whatnot loft cracks a nice one if you're admitting a box to run on your run against user user account passwords to Kind of do a quick quick quick hit to make sure they're not using stupid dictionary ones It's it's similar to running a dictionary one but loft crack. You can also run deep crack and and do a hard penetrate Just stuff like that numerous resources I Don't have one off hand. Like I said you throw in Google and just type in, you know hack Hacking tools and you'll probably get at least three or four hundred thousand returns Try to stick to ones that look that That have fairly good references on their site referencing back to say like, you know, not just saying hi We like CDC or hi. We like loft but tied into maybe a Throwing off hand places like Slash.org if they send you to a tool site It's probably warm the up and up versus somebody who's backdoored all their tools Which is a big thing you got to look out for that, you know, someone someone distributing it Script kitties can easily backdoor all the tools and put them up even things like secure CRT You know, you could have downloaded secure CRT from somebody and running it and little do you know that? There's actually hidden inside the actual exe file is a little keylogger that will once a day Send out a short little burst back to their system letting you know everything you've ever typed so Anyway, okay, it's one and someone else is about to come on deck. So I'm gonna wrap it up I'm going and I'm around if you want to know anything come up and ask me. I'm you know, I'm always around