http://www.damnvulnerablelinux.org/ does what it says on the tin.

HTH

Chan

If you've not read it "the cookoos egg" by Cliff Stoll is a great read.

It certainly has a infosec/hacker story but it's not just a book for geeks.

http://oss.oetiker.ch/mrtg/ MRTG will cover 1) & 2) quite nicely, maybe even 3) if you're willing to put the time configing (and horse power!*) in.

We had one box graphing about 500 nodes for in/out bandwidth use over 3 or four time periods and it seemed to do its job fine.

It does need a bit of time setting up, but there's masses of config help and tutes online. I do have one or two gripes about it, but it has helped me get to the root of a couple of issues.


Might not be quite what you want, but I thought I throw it out there anyway.


*not just the processing on the monitoring box but the overheads on the network hardware

--edit--

while I think about it I've had sucess with observer http://www.netinst.com/products/observer/index.html for tracking down issues too, but it's not free.

If you want to check if it's destroyed the world yet there's a handy little site here: http://hasthelargehadroncolliderdestroyedtheworldyet.com/

 

Should he be sat in a jail cell for the next few years? Yes. Most certainly

Should he be extradited? No. According to UK law he committed the offence in the UK and should therefore be charged and tried in the UK courts. There have been many similar cases where extradition was refused. The only reason I can see that this is different is that he's been labeled a terrorist (which IMHO is BS).

Both sides have been guilty of this from day one "your going to serve 45yrs unless you come quitely" "Guantanamo Bay for you boy" etc.. but that's just lawyers for you.


The claim by the media that McKinnon is "worlds greatest hacker" is laughable. From what I've read he's one step up from a script kiddie, maybe not even a whole step, a skiddie with lifts in his shoes.

The UK really needs a Con, so I would be very interested.

Birmingham is good a place as any.


BrumCon?

Thanks Don,

You don't know how much this has de-stressed me. I'm now in exactly the same position you were in 7 years ago. I recently quit my job, bag of poop that it was, in order to try my hand at pen testing but without a role to step into. I just started to give up hope of anyone taking me on, due to the catch 22 of experience needed/getting experience... but to hear someone has been down this exact road before and come out of it sucessful and respected fills me with hope.

Thanks again.


Chan

If it's an AD domain you're wanting to do this in could you not set security on an OU to limit read on that, create a new group in it and add your users to that group, and the group to admins?

Might test this out when I get a spare min.