Linux Shell Accounts

[Rivenwry1]

I'm trying to learn security.
My overall ignorance in the topic is proving to be rather burdensome.
According to what I'm finding I need a shell account in Unix.
Apparently it's hard to get one from an ISP nowadays. A good one, anyhow. But I've read that the Linux OS supplies one.

This isn't computing for me because ISP's and OS's don't seem to be on the same playing field.

Besides, I'm on a cable connection. How that fits in, I don't know.

I'm planning on building a new machine on putting Linux on. Does that mean I have a shell account, which will connect via my cable?

Thanks for your time -
Rivenwry

[dinangkur]

Hi,

Now a days shell accounts are provided as payable service. If you like to get one from the net you can try search with google. Most of them are hosted in US. Shell account means getting a user account in a *nix server. So, you can execute small scripts and network based query which are provided by *nix OS.
You can also have same facalities if you get a linux box by yourself. People get shell account cause they don't have resourses or time to setup a *nix box. So, the answer is you can have a shell account of your own if you get a linux box by yourself. I recommend FreeBSD if you really want to master security.
www.freebsd.org
You need to setup a firewall and also need to setup cable connection in order to access internet. You can find related howto in the following website: www.tldp.org

I hope this will help. If you have further query don't hesitate to post.

Happy Hacking.

-DK.
_________________
...we too are stardust...

[quantum]

Well...a shell account is helpful to learn security only if you are trying to set up your own ISP or web server and want to act as a system administrator. Do you want to learn to work with a shell account / linux just on academic purpose, or you have anything specific on mind?

If you just want to make your web site secure, then you can leave the shell account part out of the syllabus. As you will really not have much control on the web server. The system administrator of the host you choose will take care of that. And he won't relinquish root control over the web server.

Now a days, a shell account on a remote server almost serves no function at all. Because most of the commands and daemons are being disabled by the sys-admin for fear of abuse. In early days anonymous shell accounts had been widely abused and misused by a number of crackers. Most such shell accounts these days won't even let you run a finger query!

But yes, as DK says, if you get a linux machine on a cable connection, you do get a shell account and can use all the standard linux shell commands, depending on the linux distribution you choose. Then you can install and run an apache server, use it to test and debug your web site and even publish your web site for the internet from your home! A cable connection gives a very decent and enough upload speed IF there are not too many people sharing the same network in your neighborhood.
_________________

Dust fills my eyes / Clouds roll by / and I roll with them / Centuries cry / Orders fly / and I fall again
Afford best design, implement best solution. Outsource your web design.

[Rivenwry1]

I've meandered out of making a secure website into a more hacking-oriented area of study. But as is apparent, I'm up to my neck in unfamiliar waters. I'm just trying to figure out which way is up, basically.
If I want to be able to do Wargames activities I need to be able to connect. Since *nix systems apparently already have a shell inherently, now I know that when a page is talking about getting a shell they must be talking about non *nix.

I suppose I'll be looking into telnet soon. Weee!

Thanks for the input -

Rivenwry

[quantum]

Hacker wargames! way kool. That's really fun stuff. Check out some of the early threads in this forum here on Happy Hacker, you will get some kewl newbie leads.

Quote:

now I know that when a page is talking about getting a shell they must be talking about non *nix.

Or may be a very limited *nix shell account!

Have fun hacking away...it's really an exciting way to learn security and networking issues.
_________________

Dust fills my eyes / Clouds roll by / and I roll with them / Centuries cry / Orders fly / and I fall again
Afford best design, implement best solution. Outsource your web design.

[xer0]

Most *GOOD* shell services require you to pay a monthly fee, I know of a good unrestricted one I use you can apply for one at [http://www.metawire.org/,]
Though for what I know the service is still down, They provide an OPENbsd shell for no cost, But beacause of how the planet has been literally scarred with ignorance, Some lame asshole had to run a stupid DDoS program and crashed it, Though it should be back up very soon, Well anyway while you do your security experiment, Try learning some programming languages, Experiment with cgi scripts and C. And other things of the sort, Unix file permissions have allot to do with security though if you allow everyone access to everything there will be major disadvantages and advantages, And if you find a good shell provider, Then use a ssh (Secure Shell) client like PuTTY, It uses it telnet to but the windows terminal program is rather slow and limited, Trust me, Programming WILL help you learn how to deal with security issues. And then try to exploit security flaws in your website and try and fix them, For example, If you have some kind of form in your site, people can actually have passwords and user information emailed to them by using hexadecimal characters ex: '%0A and %20', %0A is equivelant to pressing enter while %20 is like typing space. ex: 'http://xxx.somesite.xxx/some%20guys%20passwd.xxx%20post="board.cgi"?%0A.

[xer0]

Sorry a little hard to read you'll learn about that later... But the web address
I posted if it were real, would post the passwd file on board.cgi, Assuming it's
a board... You see this is why most hacking oriented sites reccomend that you learn ASCII and Hexadecimal.