From what I've been reading, many exploits are the result of getting the user to click your infected site and take advantage of a browser flaw, Java exploit, Flash Player, PDF reader....as shadowzero said, no run runs vanilla Windows with no third party apps installed. Just might take some Social Engineering.

Thanks for the tutorial, as a newbie I found it very helpful. I haven't setup a linux box in my lab to practice on yet, I'd like to try something like this.

Didn't even think of that. Wow.

The more I learn about security, the less evidence I see of it being used.

Well, the whole hint giving thing is just weird.

"Your password rhymes with 'nassword'"

and starts with a P and ends with a D.

 

Why even have passwords. Just use the honor system

**raises hand**

1) They will snail mail your password to you....

2) To an ADDRESS YOU CAN CHANGE!!!

Can we have more info about what you were trying to do when things went wrong?

Kudos for research skills though, many kids I talk to don't know the first thing about how to research a problem. As for your router issues, Try Harder. 

Thanks for sharing, I am considering the PWB course and its good to hear many views. Oh, and you are sooo branded.

I too deal primarily with SMB's, well mostly SB. The major issue I've seen recently is how poorly they deal with employee termination. I got a call from one THREE WEEKS after they let someone go for check stealing. She still had remote access and a working company email. I found out during a routine checkup. They said "Oh, don't bother with her computer, she doesn't work here anymore..."

She had been given significant access to many areas. My head spins at the harm that could have been wrought. I had a chat with the boss and hopefully enlightened him. At the very, very least, call me first before firing anyone so I can cut access and lock their account.

I know many larger companies with real HR departments handle this more professionally. Have any of you needed to step in and fix employee termination processes as part of an evaluation?

x2 on that book. Great examples to work through and well written.

You could use a host name registered with a free DNS updater, like no-ip.info so you always know the remote's IP. Use Logmein free to access it and to open your infected emails remotely and see if they work.

I'm learning Python now from the MIT free lecture videos. Might be too basic for you, but the last code I wrote was in Pascal. Python is not hard, should be a cinch someone like you with a background in C.

So long as your router on the BT5 end is set to port forward whatever port you had your exploit use and BT5 is listening on, should be OK. Haven't tested that myself yet, just been doing stuff on my local LAN. Let us know if your AV picks anything up when you open your mail on the remote test boxes.

If you can pull off a certain amount of gravitas, your age could be a bonus. I would think that most potential clients would really just care that you seem to know what you are doing, and you present yourself well. And that you can document your findings in a way that management can grasp, and enough technical knowledge to demonstrate expertise to their internal IT staff.

I've started the MIT series on Python as well. I took Pascal about 25 years ago, and knew some BASIC before that.... so starting from scratch is kinda necessary for me. Thanks for the excellent link.