So far I do not have anything to contribute but I would also love to hear from others regarding the above topic. 

So.....?  What happened?  Did someone win or is it still open?

Thanks!

I know which log files to edit in Linux and in Win2k3 Server, but not sure how to cover my tracks with those log files if I must do it blindly.  I'm doing it blindly because I only have 1 zombie machine to use as a relay. Can someone shed a little light on this?

Thanks   

Found it!  http://lasecwww.epfl.ch/~oechslin/projects/ophcrack/

Thanks.

Hey guys,
There was a website I used a little while ago to input a few hashes (individually) and the site's rainbow tables cracked them for me.  I've lost the site though.  You guys know which one that was?

I know the plain-text.info site, but see that you can only input a hash file or something and the results are posted for all to see.  It wasn't that one.

Thanks!

Thanks plik!  I'll check out Sophos. Never have used it before. 

It's difficult to learn the enterprise products if you just have a small lab at home and no money to spend on courses. I'm wanting to learn these well enough to put on the resume. 

For Snort, I have a few books, liks Snort for Dummies, O'Reilly - Managing Security With Snort And Ids Tools, Prentice Hall - Intrusion Detection Systems with Snort & Syngress Snort 2.0. I see that the current version of Snort is 2.6 though.  Oh well, their free. 

Hey RichM,

Thanks for the great response! 

I'm not a big fan of Symantec, but I'll check out Trend Micro and Sophos a little more. 

I'll have to try out barracuda, or at least learn about it. 

I don't have any money at all to spare on anymore courses so I'll look around for some free online IDS/IPS courses.  Maybe I'll just study up on Snort.

Hey Guys,

What's your favorite Anti-Virus suite, IPS and IDS system? 

I'm wanting to familiarize myself with a few more apps, since most security jobs I'm finding list "Good knowledge of IPS/IDS, Anti-Virus, Web Content Filtering and Anti-Spam technologies" as a requirement.  Obviously I do know and play around with a couple of products such as Symantec, McAfee and AVG as well as BlackICE and trying to learn Snort, but not too sure what these vague requirements actually want us to know.

Thanks!

Wasn't sure where to put this, so it's going in the same thread.

Any suggestions on how to present my new SANS cert beside my name?  Should it be "GCIH", "GIAC GCIH", "SANS GCIH" or "SANS GIAC GCIH"?      haha

Thanks.

You've got it!

I just finished writing my second exam and PASSED!!! 

Woo Hoo!  Now I'm SANS Certified. 

Yeah, to challange the cert is to self-study with your own study materials and then pay a few hundred to write the certification exam itself.  And yes, you write it in the comfort of your own home.  I think they mainly want to know if you know how to find the answers in the quickest amount of time possible from any source.  You don't have long on each question.  They give you 2hrs and there's about 80 questions.  I've just finished my first exam for the GCIH and taking the 2nd exam tomorrow.  It's a good challange anyway. 

To obtain your GIAC Certification, you need to pass their exam.  This will give you the "Siilver" certification.  If you're up for writing a practical, and it's accepted, that will earn you a "Gold" certification.

You can see if there's a "mentor-led" training class in your area.  This can be a lot cheaper then an actual conference & you still have the hands-on labs there.  Or you can do the SANS@Home, OnDemand or even challange the cert for a few hundred $$$. 

Has anyone here actually went out and became a consultant in which the majority of what you do are pen-tests?  This is my ultimate career goal.  I'm just finishing up my SANS GCIH and you can probably already see what other certs I have.  I'm taking my CEH after the SANS one.

Anyways, just wanted to get some thoughts on starting out in this specialized field and if any of you are already here.

Thanks! 

Man, do I feel embarrassed now! 

I haven't been online posting here in the last week or so because I've been studying for my SANS GCIH.  Wrote the first test and aced it with 95%!  Just writing the 2nd test for the actual cert this weekend... 

Thanks Don!! 

I see that I can either generate my own rainbow tables with the help of the Tutorial on this site or I could download the SSTIC04-10k rainbow table.

What do you guys prefer?  Any benefits to doing it either way?  I just finished generating and sorting my 5 rainbow tables.