What's New!

Chat with

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 


Meet the 
Happy Hacksters 

Help for 



It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

How to Win at Hacker Wargames

By Matthew Cook

The best way to learn is to play with all of the systems and programs that you want to understand, and there's no better way to get started than with a small network on which you can experiment.

Ideally, this network should be composed of many different computers of varying specifications. There is no need for the latest and greatest hardware, and because many people have older computers lying around, you can often get 386's 486's and older Pentium system for almost nothing. They may not be able to play 3d games, but they are more than adequate for a server.

If you happen to have access to a large car or van (or a good friend with one), there are dozens of local businesses with small IT departments full of older computers and half working models that you will give you for free if you'll come by and pick them up. You could even write up a business letter and mail it out to a few dozen local businesses offering to take their old computer junk off their hands, you'd be surprised how many responses you'll get.

Even if you don't have access to a large stockpile right away, all you really need to get started are maybe 2 to 3 old boxes. Your network can always grow to accommodate new acquisitions later.

Once you've got some hardware together, spend some time thinking of the applications and services you would like to provide or understand with your network, and then teach yourself how to install and run them. You will probably want to run several of the servers at once over a single internet connection - this would call for a router of some sort, and the prefect opportunity to learn all about the Linux or unix router tools like ipchains, iptables and ipfw. Once you see how easy it is to route traffic to your network, the next logical step would be to restrict it with a firewall. Guess what, firewalls are made with the same tools.

Maybe you'd like to learn about the domain name system, sounds like the perfect excuse to register a domain name and set up a DNS server. Maybe you would like to set up a shell server for your friends, why not learn a bit about OpenBSD in the process. Maybe you would like a web page so you can post info about the shell accounts. Maybe you would like to do some 3d rendering, a Beowulf cluster would sure speed things up, or OpenMosix, or a Windows cluster...

As you work through your list, dedicate one box to each type of service you want to run (or several for related services). The only exception would be to have some sort of remote access on all of the systems so you can toy with them from work/school/etc. While you're at it, try not to limit yourself to one type of operating system (at least not at first, eventually you will probably find one you like to work with best). Some applications, such as a workstation might lend themselves to Windows, while something else like a Domain Name server would fit better with Linux, or a shell server might fit better with OpenBSD. Try and experiment.

Throughout this process, make friends with your local librarian (or Barns & Noble employee), because you will be reading a ton of books.

If you can afford it, try and buy the books outright, you'll find yourself referring back to them again and again, even months after you've finished whatever project you were working on. Online tutorials are fine, but there's nothing like a book. A note of caution, don't get over zealous and buy a bunch of books on different topics and say you'll get to some of them later. In my experience, by the time you get to the one at the bottom of the stack, its 3 versions behind and you just have to buy it again. If you're looking for which books to buy, a great source of information are news groups and mailing lists, they generally have a consensus on who wrote the best book on what and you can often find this information in their FAQ. As simply a personal preference, there are a few publishers I usually like, including Sams, Prentice Hall, Wiley, Addison Wesley, No Starch Press, and top of the heap is O'Reilly & Associates. There are no bad computer book publishers, but I would recommend you stay away from anything marked "dummies" or "learn x in some period of time".

Another piece of advice, don't buy anything you can make yourself. Shelves and stuff are fine, and I wouldn't try and make my own hub, but don't buy a router, make one; don't buy a print server, make one; don't buy a web host, do it yourself. Heck, don't even buy network cable, go down to Home Depot, buy a spool of category 5 cable (make sure its cat5 and not cat3 or something else) and a box of RJ-45 heads and a crimper and make your own. Network cable are a cinch to make, it takes 5 seconds to learn, and once you do, you can make them any length you want (and even special cables like crossover cables), and for pennies compared to what it cost to buy them.

Once you have a few things running, it doesn't have to be much, just enough to get started, set a few boxes aside to be your "victims".

Sometimes it can be helpful to divide them into a different subnet with your router the same way you would divide your LAN into a protected zone and a DMZ. Choose some service you would like to attack, start with something familiar and easy to install, like throwing a copy of windows on one of the boxes or install Linux and just sendmail or just bind. Then start working through what information you can gather about your victim from the other side of your network. Try looking up a few known vulnerabilities or downloading a few script kiddy type scripts and dissect them and see what they are doing. Set up a packet sniffer (ethereal, or tcpdump are good, or whatever runs on your attack computer) and run some service on the victims and see what kind of traffic goes by and what it tells you.

Can you tell what's going on? Was there any useful info in those packets? A username? A password? A command code? Set up a vulnerability scanner like Nessus and see what you can learn with it.

Another fun thing to do is to place an unsecured box in your DMZ so that anyone from the internet can access it, and just watch it to see if anyone tries to hack into it. This is called a honey pot, and can be a great way to see the techniques of other hackers (and believe it or not, meet a friend).

Once you've gotten the hang of these things, pick a program, something simple and open source, something written in a language you have some experience with, and download it and see how it works. Toy around with it, change it, add something, contribute to the project. Its very tempting to grab a book on C++, read it cover to cover and maybe toy with 2 examples and then feel like you understand it, but there is no better way to get a grip on all the day to day challenges of writing with a particular language until you're solving problems that haven't already been worked out and planned ahead for you.

This is just a general outline, but you get the idea, its all about exploring and trying new things. You will usually start out with some grandiose idea of a super network, and quickly get side tracked or bogged down in some seemingly trivial project, but that's ok, if not exactly what you should be doing. Don't worry about getting everything done or working on some little something for months, even leaving and coming back to it. When I started my network, I had this master plan of a really cool website, but I was continually having problems with my second hand Linksys router. I never wanted to deal with that stuff, but I finally gave up and spent a month and a half setting up a Linux router and writing a firewall script for it, and now I can see how limited I was with that old router.

I hope some of this helps you out, and I wish you good luck on your network ^_^

Carolyn's note: Matthew has done a great job of revealing how a real hacker solves problems. You can learn a great deal more about setting up a shell server and running a hacker wargame from my book Überhacker. It's in second edition, just in from the publisher.

Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Visit this group

© 2013 Happy Hacker All rights reserved.