From: AdamT (adwulf@gmail.com)
Date: Sun Aug 07 2005 - 01:20:09 EDT
I would suggest joining your local 2600 group, most are quite open and
totally fine with white/black/grey hats in their group. There's a
2600 magazine, you've probably visited their website at some point or
other, espcially during the 'Free Kevin' days (http://www.2600.com/),
which you can subscribe to, or you can meet with varying degress of
success trying to find it in a local newsagent (I'm only aware of one
stockist in the whole of London). If 'sleeping with the enemy', so to
speak, is a problem for you, just think of it as an exercise in
counter-espionage operations. Or something.
I really want to suggest Phrack, but the last issue
(http://www.phrack.org/phrack/63/p63-0x01_Introduction.txt) indicates
it has something of an uncertain future - and you've probably either
a) heard of it before
or
b) heard of it before and are now feeling almost insulted that I'd
dare to presume that you might not have.
Apologies in either case.
Also, terrible chore though it is, do take a look at various
IRC/USENET communities, which, once you've sifted through the noise,
can contain the occasional gem, and a few pleasant souls who'll be
happy to help you out with particular tricky issue which is becoming a
puzzle inside an enigma wrapped in a firewall. Much like this list,
in fact ;-)
These sources are often over-looked, but worth taking a look at -
especially the 2600 groups.
One last thing I can think of is SC Magazine (http://scmagazine.com/)
- I've been getting it delivered free for years - although much of it
seems to target the people who close the sales and pull the
purse-strings, rather than the people who open the holes and push the
buttons.
If you're pitching for some security work, you'll find a handfull of
anecdotes and stats you can quote in your presentation, but there'll
be little in the way of technical detail.
It'll keep you up to date on new product offerings by way of reviews
which seem to have been written by somebody who's dying to get in to
the ones and zeroes of the whole thing, but knows that the editor will
cut five paragraphs and inflict some severe physical punishment on
him.
For technical folk, there's usually at least one interesting article
or interview with somebody. It's not solely a pen-test mag, however,
as it also covers the broad range of 'security' including antivirus,
firewalling, VPN, IDS, forensic investigation and various market
research stats, usually showing us all how much money the average CIO
thinks they'll be spending on security next quarter.
Hope this helps,
-- AdamT "Maidenhead is *not* in Kent" ------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:42 EDT