Hackosis has put into words the true definition of a hacker.  Many have tried before, but most failed.  The ones that came close told of a similar concept but didn't elaborate enough for most people to understand.  The following questions are put forth, so ask yourself:

1. Do you experience a never ending hunger for information?
2. Do you enjoy solving problems?
3. Do you shoot to kill?
4. Are you never bored?
5. Do you embrace free spirit?
6. Are you compassionate about what you do?
7. Do you do what you enjoy and enjoy what you do?

So?  How do you stack up?  Hacking isn't about breaking into computers and networks.  That's just how the media has sullied the word.  A hacker is someone who is intrigued by how things work and enjoys learning how they work, which is sometimes a difficult task.  Hackers fall into a lifestyle a friend of mine coined a few years ago, "intellectual hedonism".  We enjoy picking apart what most people would consider the most innane systems just to learn how they operate.  Because of this, hackers enjoy a life of accomplishment, whether its known to the world or not.

By the way, this Hackosis blog is amazing.  I've seen alot of hacker blogs around but this is one of the best I've ever seen.  No fluff on this one, it just gets right down to business.

If you plan on being any sort of security professional, you need to know about more than just Windows machines.  Linux is a powerhouse in the network environment and its use will continue to grow.  There are plenty of ways to learn Linux.  For one, you can just go download any distribution and use it for a while.  Keep in mind though that the ones used in production environments tend to be the Redhat/Fedora, SuSE, and Debian distributions or derivatives.

HP has had this website up for a while but their TestDrive service lets you get an account and use one of multiple Linux and UNIX systems, open source AND commercial,  over the internet so you don't even have to do anything to your PC.  The good thing about this is you can jump right in and start using a *nix system and learning about it.  The bad part is you don't get the experience of installing it.  Which could be very easy with the mainstream distributions or very tricky with the less well-known things.  Regardless, you should take steps to learn these systems inside and out.

Defensive and Offensive security go hand in hand.  If you're defending a network, you better know your systems and how to secure and properly configure them.  If you're conducting penetration tests on a network, you better know how to exploit flaws in anything you can get your hands on, including the more obscure OSes like OpenVMS and HP-UX.

There is more than enough information in online forums, IRC channels, and mailing lists to give you the knowledge you need to learn these systems so get going.  If you're like me, you'll appreciate the challenge of any new operating system anyway.

There are some really crappy SQL injection tutorials out on the net that don't really tell you what you need to know nor how to fix vulnerabilities. The main thing to remember when preventing SQL injections is to cleanse HTML tags and quotes from untrusted user input. And of course, depending on which language you're using there will be a different method for doing that.

Most tutorials show you the basic method of finding if a site or form is vulnerable, the old ' or 1=1-- trick which should return the first record in the database. This is fine and dandy but quite useless if you don't know what to do after that. The most important part of SQL injection is SQL, obviously, and if you don't know SQL you're not going to get very far. I'm not going to teach you SQL here, but I will tell you that the Uncommon SQL Injection whitepaper by N3T D3VIL is a good place to start learning about SQL queries you might find useful.

Now I'll tell you how to sanitize your inputs with PHP. Anywhere your users can enter data should be sanitized, including login forms, registration forms, and comment forms. Basically any form that talks to a database should be sanitized.

PHP comes standard with functions to do this, htmlentities(), and addslashes(). htmlentities() changes and special characters to the html equivalent. Say if someone entered a <SCRIPT> tag into a comment form, your sanitization code would turn it into &lt;SCRIPT&gt;. addslashes() adds slashes behind any quotes to escape those quotes before they can be used to hijack your SQL queries on the backend. These are good basic practices when using forms on a public website that can accept untrusted user data that speaks to a database.

While this is enough for some people, some people like to go a step further and limit the characters used to a specific set and feed any user input through a function to strip any characters that are not part of that set. This tutorial over at Nucleotide shows you how to use Regular Expressions to do just that. This would be perfect for login and registration forms and if you didn't care about letting users create anchor links on comments, it'd work there too.

If you DO want to allow users to create links on comments, you should think about implementing a WYSIWYG editor into your comment forms. The industry standard at this point is TinyMCE and it works really well. It is the default on many content management systems and blog platforms. If for some reason you don't like TinyMCE, there are several other solutions that a quick Google search with turn up.

Whether you're coding for yourself or a client, you should always use safe coding practices. If not for financial liability reasons, then just for not having the headache of restoring everything when a hacker destroys your data.

BBSes were once the primary playground of the hacker. They are one of the oldest methods of electronic worldwide communication, where you can chat, send messages, and share files with others. Long ago in a network far, far away, people dialed into these bulletin board systems with their 9600 baud modems and established what was to become the legendary hacker communities of the 80s. This is where The Jargon File was born, this is where the Anarchist's Cookbook was first published, and this is where all the old schoolers got to know one another. Sadly, they are almost all gone.

Gladly, there are enough nostalgic geeks in the world to keep the tradition going, only the new generation of these BBSes are TCP/IP based, so you don't have to dial in with your phone line. Given, many of the people on these boards only visit once, check it out either for nostalgia or curiosity but its worth a look, especially if you never experienced this culture when it was in its prime.

Check out the Synchronet BBS List for some online BBSes that you can connect to. All you need is a telnet client and a few minutes of patience.

This is a great whitepaper published by my good friend Steve Mallard that outlines the security concerns that face corporations in today's internet environment and ways they can mitigate threats. This is a very good read for anyone curious about security in the corporate environment.

Steve Mallard is an accomplished IT manager and has several published works. You should check out his blog for some more great reading.

Lots of times in the depths of programming and security studies, you sometimes come across binary and hexadecimal numbers. Most people look at it and have absolutely no idea how to read either. Its actually quite simple once you know what you're looking at. Let's just look at some examples to show you what's going on.

In each of these numbering systems, each digit represents a field that has a value. The digit itself is only there to manipulate the value of that field. In binary, the fields are read from left to right in descending values and each place is double the one to the right of it. Its easier to remember the values of the places starting from the right, and consequently, its easier to read the value right to left. If there is a one in that column, that means that value is turned on and should be added to the total, if there is a zero, that value should not be counted. Take the following example:

8 4 2 1
1 0 1 1 = 11

As you can see, the rightmost column represents one, the one to the left of that represents two, the next represents four, the one to the left of that represents eight. A binary value that has four places is referred to as a nibble, half a byte (a term with which you might be more familiar that has eight places, a bit is only once place). The fourth bit in this nibble (8) is turned on, so we'll add eight to our total, the third bit is off so we'll ignore that. The second bit is turned on so we'll add two to our total; and the first bit is turned on so we'll add one to come to a total of eleven. Easy math, right? Now let's try some hexadecimal.

Hexadecimal is a tad more complicated because there is an added dimension to the math and there are more than two numbers to worry about, now there are 10 numbers and 5 letters as well. Each place still represents a value and each place is the square of the last. In this nibble we have four different values for each place. A, B, C, and 2. The numbers 0-9 are easy, they represent themselves, A,B,C,D,and E however, represent the next five numbers respectively (A=10, B=11, C=12, D=13, E=14, F=15).

4096 256 16 1
A    B   C 2 = 43970

If you'll look closely, you'll see what's going on. The character in each field is multiplied by the value of that field and added together. So we've got A(10) * 4096 + B(11) * 256 + C(12) * 16 + 2 * 1 = 43970. Sure, its a bit confusing but you'll NEVER have to calculate this in the field off the top of your head. You're in IT, you should have a device with you at all times that either a) has a calculator or b) can connect to the internet. Now that you know how to calculate the values, you can use any calculator to do so.

Something I didn't touch on here is octal numbers. If you're a *nix guy like me, you're already familar with an octal set (does chmod 755 ring a bell?) The mode numbers for permissions in *nix operating systems is an octal set. Learning octal is up to you, grasshopper. I have taught you all I can teach you.

With all the dangers out there on the web, one must be conscious of malicious code on the websites they visit. Even if you're visiting a reputable website that would never plant malicious code, their users could in comments, forum posts, etc., without anyone's knowledge. Webmasters should both implement measures to prevent malicious users from doing this and check their comments and 3rd party posts regularly for malicious code. Sometimes it doesn't even look malicious at first glance but it could be. For some people though, that just isn't enough assurance that they're safe, and they're right.

Firekeeper is a proactive solution for end-users to prevent themselves from being duped by malicious code such as cross site scripting attacks. Its basically Snort for your web browser and its quite impressive. I've been using it for a few days now and its alerted me to several possible malicious scripts on various websites and allowed me to put them on a blacklist. It uses the a similar rule format that Snort does but its much simpler and anyone can write rules (if you know how). Give this plugin a try, it can't hurt.

A new plague of malicious emails are making their rounds offering nude or erotic pics or videos of Shakira, Scarlett Johanssen, Rihanna, and Britney Spears. Of course, you should NEVER trust an email offering nude pics, ever. The emails include a link to the pics but instead of giving you all the naked celeb goodness, it gives you the Agent.IMB trojan.

The trojan installs a service called CbEvtSvc.exe that runs in the background and starts every time you boot your computer. I'm not sure if a tailored removal tool is necessary to remove it or if a standard antivirus will work, but for God's sakes, don't trust your inbox! If you se this email, ignore it, or even better, delete it altogether.

The good folks over at TAO Security have launched OpenPacket.org 1.0 that allows security professionals to share packet captures of various types of network traffic so people can learn what they look like and be able to identify it if it happens on their network. The dumps are divided up into three categories, Normal, Suspicious, and Malicious so you can quickly find what you're looking for whether you're evaluating some traffic you've captured on your network or if you're just looking around out of curiosity. You can view the files in Ethereal/Wireshark, tcpdump, snort, etc.

This is the first time a website has served this purpose and it was sorely needed. Now more people can learn how to look at traffic dumps efficiently than ever before. The best thing about it is that anyone can submit new traffic dumps so the variety of available information will be expanding rapidly.

I found this great post over on Pantz and I have NO idea who the author is. Its a really handy init script for setting up iptables for a laptop. There are a couple lines there that you can uncomment if you want to open up ports 22 for SSH or 21 for FTP. Of course, you could just copy those lines and substitute the port number for anything else if you want to run something else.

What you need to do with this script is copy/paste it as root in /etc/init.d somewhere, I named mine firewall.sh and chmod 755'd it.

Get it here.

BTW, if you wrote this or know who did, let me know and I'll credit and thank you.