Know what you are doing. Good intentions are necessary, but not sufficient.
Plan to practice your skills safely:
- Stick to systems, locks, and data that you own or have permission to do potentially destructive testing to.
- Watch out for what you are connected to! An innocent pentest can easily break things on the same network if you don't know the limits of the software and techniques you are using.
- Beware of brittle systems: it is easier to break things and hurt people than you think.
- Everything is legal in your own security lab!
If you don't know what you are doing, at least make absolutely sure the experiment can't escape the lab.
Beware of side effects. If you anger a botnet controller, chances are your whole house, if not your whole block, is getting DDoSed.
FINAL SAFETY TIP
Never trust skiddies.
Ethics For Infosec Beginners
By Susan Sons