It's noteworthy that for the exams, questions on practice tests don't overlap with real test but are often not worded as well and are a bit harder. The reason for this is many of the questions on practice tests did not make the cut for real exam questions because they were too ambiguous or in testing the questions were found to be problematic in some way. That's not the case for all of them though so the practice tests are definitely worth taking. It's also worth noting that if you fail an exam, the 2nd attempt will use different questions and often those tend to be harder as well. I've not failed one yet, but this is what I've been told by the GIAC folks.

Ubuntu for desktop/laptop (and derivatives like Helix, SIFT, MobiSec, Samurai-WTF, Security Onion and of course Backtrack for specialized needs)

Centos and Redhat for servers. Redhat if it's a user facing box or one where uptime is critical, but mostly just run Centos for those systems I am using for security tasks.

OpenBSD for firewalls (have been known to use IPcop (not BSD) but these days it's a m0n0wall (freebsd)or more likely pfSense (freebsd) if I need a ready built firewall)

I don't know, did someone pay you $50k for the privilege?

In the words of George Takei, "Oh my!..."

This would be extremely useful for building bots for CTF if the CTF designer wants to allow client side attacks. Unfortunately most CTF's I've seen don't allow for this. My local DC group is designing a new CTF now and I think this will be pretty beneficial for us. Thanks for sharing!

Real hackers don't speak leet.

Metrics to measure the effectiveness of security program. For instance I find the number of spams blocked to be a poor metric that's more about big numbers in a chart than any meaningful representation of how the organization is reducing risk or saving money. Good metrics are things like measuring number of incidents detected internally vs by customers, attack vectors, time to respond to incident, time to close out incident, lag time for remediating vulnerabilities, etc.

Hacking web services and/or mobile apps.

Oh you said general information security... How about - metrics that don't suck?

Been here since June 2008 (as a registered member, lurked before then) and only 4 days and 15 hours. I log in pretty regularly but don't usually stay logged in. Not sure what this stat proves without activity context.

It has a static IP, it's not going to pull a DHCP lease. Listen to Grendel. I don't recall what IP it was using as it's been several years since I did these. You don't need to login to the ISO. All you need is the IP which I suspect is in his video link.

Or use a VM and setup a custom virtual network for working with those VM's so you don't have to keep reconfiguring your virtual networks.. You don't have to install the ISO's to a virtual disk, you can leave them as non-persistent ISO's and just boot inside vmplayer/workstation. I'd recommend using host only mode (or your custom network with De-Ice network addresses, but configure it as a 2nd host only if you do) for this as they won't need internet and you will minimize exposure on your LAN.

For historical data about domain hosting or what IP a site was running from, on what platforms, etc I always start with http://netcraft.com I find it useful to fingerprint patching lag time as well. You may want to be mindful of any NDA you've signed if part of an official test. I know some folks who would consider certain activities as a breach of that agreement.

Hey folks, figured I'd drop in and talk about what I've been working on today. I am working on a separate project that required I extract records from about 2 million pages from a website with no published API. After agonizing over how I was going to accomplish this using bash or Python, I settled on the Scrapy framework. http://scrapy.org/

Some of the unique challenges I had involved bypassing anti-spidering mechanisms built-in to the site (I checked the TOS and it did not forbid automated harvesting of site data) and filtering out a ton of cruft I did not need. I managed to reduce my requests by about 500,000 by building the spider using Scrapy. With a 200 ms delay between requests that saved me over a days worth of requests.

I'm not going to post all my code here, but wanted to highlight the things I did to overcome the sites defense mechanisms.

(these things go into the x_spider.py file)

DOWNLOAD_DELAY = 2 #added to address rate limiting controls, can take decimal entries. This is 200 ms so recommend reducing this or commenting out entirely if possible (scapy will randomize from .5 to 1.5 by default)

COOKIES_ENABLED = False #added to defeat mechanisms which were detecting the cookie I presented and fingerprinting me based on that. Default value is true

(this went into settings.py file)

USER_AGENT = 'Googlebot/2.1'

The default user agent is the project name, with version 1.0. If you needed to you could also randomize the user agent with code like:

http://snippets.scrapy.org/snippets/27/

Another gotcha I ran into, is when using the CrawlSpider Rules, if you are using multiple rules you need to put the deny entries in each rule.

Anyway, check it out. Was super easy. My Python-Fu is really weak and I managed to learn the framework and bust out a script in only a couple hours.

At smaller events or for less popular classes you will most likely be facilitating the class by yourself. It's not too bad though, most of the work is done with a team before classes even start and there will be plenty of veterans there to answer any questions.

Arrive day before conference for setup which includes:

• Moving and unboxing books, shirts, merchandise. May be manual labor intensive. Don't be a wuss, I've seen 90 lb women handle this just fine.
• Creating registration kits (folder with materials) and putting name badges together
• Inventory courseware
• Putting course bags with books together
• Staffing registration desk
• Setting up table with marketing materials
• Signage

Day 1 of conference and beyond:

• Setting up and staffing bookstore
• Handing out evaluations for nighttime sessions
• Monitoring door to room to ensure all students are wearing their badge and are authorized to be in that class
• Providing general assistance for questions like "where are the bathrooms?" or "Where is my class?"
• Assisting instructor as needed - usually just entails bringing them their beverage of choice and handing out the eval forms, and extra course materials like handouts and CD's. Some instructors may ask for more, but you are NOT a teaching Assistant. I usually wind up helping people with VMware setups but some instructors may prefer you not to help at all.
• Entering evaluation scores into SANS laptop every night
• Other duties as assigned
• Have fun
• Profit
• Tear down conference and box up to be shipped - Usually leave around 6 PM on last day, sometimes slightly later