Tuesday, April 8, 2008

Instant Hacking / Security

If one see the graph of the computer attackers knowledge from 80s to today then there will be a big big drop down in attackers knowledge. I have seen some people who want knowledge with less or no effort. Worst case others don't want knowledge. Thats why there are lot and lots of Script kiddies these days.
There are lots of cases where a Microsoft Windows Exploit are being used on a linux/unix server by these script kiddies. I dont know why know one is ready to search a little bit , read a little bit. I think all are locked in to the instant phase created by media (instnat noodles, instant food, instant banking) So they want instant hacking also. But how do we say to them that hacking is not a instant packet. That just keep in oven / microwave and ready to serve. Even the people in the information security are exception for this. Lots of people in Information Security area also want to download Nessus, click on All the Plugins and hit on the target. They dont want to take some time to understand the tool, understand its working. Hell they dont even want to learn about the target against which they are using these tools. I think now is the time to follow the old school techiniques. It is very important if devlopement of the information security personal is concerned. I dont get how come person in the security also dont want to learn things about the network and tools that they use. I think lots of person are security area also only interested in showing some dumb nessus report to the user and get work done. What they dont understand is this is going to harm them in the future than the Client to which they are giving these reports. Their personal growth will affect from this kind of working. So atleast for personal interest try to learn / get information.