One of the odd things about working in an OS that you hardly ever use is there’s no “where is everything and how do I use it” button. Google brings up fifty ways to do the same thing, yet the syntax doesn’t quite work. I’m pretty sure most of the learned *Nix folks would be shaking their heads at the blundering of a Windows Admin in their home turf.

Thank goodness for the “revert to snapshot” button on in VMware workstation for when I download every piece of software for no real reason and stuff up a perfectly working environment.

Let me give you an example.

One of the objectives in the GSE is a simple netcat relay followed by lots of weird and twisted relays, then shove shell back to you with the lovely # prompt.

Normally this is easy, jump on to the final box type in nc –l –p 80 –e /bin/sh. Not on Fedora, which doen’t like the -l and –p being run together. So nc –l 80 –e /bin/sh then?

No – Fedora’s default installed out of the box netcat stops the evil shenanigans of the –e excution command. Oops, so you have to go and get then install another version of netcat, such as the original written by the Hobbit (make netcat, as along as long as there’s a complier on the box) which is on all Ed Skoudis’ SANS course materials or pulled download socat or one its friends.

Then using –e to shove a shell works tricks works fine.

Okay, so different OS have different versions of applications, but surely we could keep command syntax similar? Apparently not.

I decided to reach out for a bit of help and guidance, in the form of what books to read. The two I settled on were both recommendations by people in the know:

A Practical Guide to Fedora and Red Hat Enterprise Linux – Fifth Edition by Mark G. Sobell.

It’s all about Fedora 12, which is the subject of the current GSE Linux tests. Very solid and clear layout, comprehensively covering the features of Fedora and its syntax proving excellent examples

Unix and Linux System Administration Handbook – Forth Edition by Evi Nemeth, Garth Snyder, Trent Hein and Ben Whaley.

This one was recommended by Hal_Pomeranz, who wrote the SANS Linux 506 track, after I hassled him on twitter. This one goes covers many flavours of Linux and Unix, but it’s a marvelous journey through a SysAdmin approach to using *nix, making it a surprisingly easy read.

I don’t expect either book will make me a super admin over the next few weeks, but they go a great way to make me feel somewhat more at home and relaxed in Linux, rather than feeling like I just broken in to someone’s place and set fire to it.

I can read and carry all my geeks book, massive pdf files and evil security books without raising suspicions.

I get curious glances on the bus, but none of the looks of outright horror and fear when I leafing through a 1000 pager on TCP/IP.

I can quickly flip to a human friendly book if someone takes and interest in the kindle and wow them with free access to buy books anywhere in the world.

Then I can sneak back to reading up on BOFs, SEH and other three letter acronyms (tla) of the IT world with click of a button.

Even the Microsoft training manual PDF’s overly Visio-ed diagrams come out well.

Mu-ha-ha

Now if only copy write laws banning thousands of books being delivered to Australia based kindles could be sorted, I’d be a very happy man.

Techo-based stories can be hit or miss, but I haven’t picked up one in a while, so grabbed a copy. With the rain pouring outside and terrible tv re-runs, I settled in with the book.

I flew through the book and finished it the next day.

 Daniel is an independent systems consultant working heavily with databases and obviously done a huge amount of research.What struck me is how realistic the technical segments were and how the thematics echoed in a number of conversations I been involved in, had or listened in on. Reading the back pages, I noted that he’d been working with the guys that did the Hacking Exposed series, so Iguess that’s why I recognize a bunch of the attacks.

At the recent SANS conference in Sydney, over a few beers after one session, James Shewmaker was talking on similar, but more advanced exploits, he’d witnessed and was teaching on how to defend against to his class 504: Hacker Techniques, Exploits and Incident Handling. I’ve only had to deal with this sort of attack at a local level. It’s almost scary to see these sort of attacks put in to a feasible story line with global consequences.  At the same conference I was bugging Mike Poor about a course he authored on bots and worms, his passion and fascination is always  infectious, so can talks for days on the topic. Pretty much everything he talked on surfaced in the book . I wonder how much of Mike’s suggestions on dealing, subverting and defeating with bots will appear in the sequel, Freedom.

Once bit that did make me smile was the though of the use of netstumber  - surely they should have been using Kismet

If your a looking for a good solid piece of entertainment with some scary IT implications, well worth a read.