That sounds pretty good for a hacking redhat class Jay.  I was thinking the "Securing Redhat" and "Assessing Redhat Security" classes should be pretty low level so newbies can understand and use it, but the hacking redhat can be more technical so the less experienced can just see that it really works.


For the assessing Redhat class I was thinking:

Port Scanning (to show what is running on a system)
  Nmap
  Netcat (maybe)
  Netstat (not a port scanner, but tells you what's running and this is really intended for someone to check their own system)

Enumeration (finding out information about open ports on your system)
  rpcinfo
  telnet <port>
  finger

Sniffing (seeing how they work and how bad plain text is)
  tcpdump
  ethereal
  dsniff

Maybe we should do a little planning on these classes and present these classes when Jay gets back in a couple months.  That way we have a little time to get organized.

Dusty


----------------------------------------------------
> er, i wouldn't be able to talk about it (won't be back in hawaii for
> another couple months), but i'd be able to assist in writing an intro
> to hacking redhat.
> 
> -local exploits
>  -password brute forcing
>  -local network sniffing
>  -stack smashing
>  -physical access
> 
> -remote exploits
>  -OS fingerprinting (passive/active)
>  -selective port scanning and the use of decoys
>  -identifying services
>  -using fragmented packets
>  -network mapping
>  -protocol weaknesses (NFS,NIS,etc)
>  -stack smashing
>  -DOS attacks
> 
> that's all i can think of off the top of my head,
> but i'm still hungover from yesterday so i'll probably
> have more ideas when my brain stops bleeding.
> 
> =jay
> 
> ------
> "I did nothing, absolutely nothing.  And
>  it was everything I thought it could be."
> 
> 
> ---
> You are currently subscribed to luau as: dusty@sandust.com
> To unsubscribe send a blank email to $subst('Email.Unsub')