It's on my Amazon.com wishlist now.  Great review awesec!

Sil, I played with OpenVAS a while back and it wasn't very good.  It missed too much, when compared with Nessus.  Has it improved recently? 

No surprise at all!  Well deserved mate.  Congratulations!

You actually don't really want to mix drives when you are doing RAID.   It's not so much the driver sizes, but the timings on the drives.  If they are not identical in RPM, seek times, etc, you will end up with one drive that wears out faster than the other.  At least, that's from my experience. 

I think that NetWitness is a better option for this.   It has some nice features for automatic packet reassembly.   I am not sure about MSN IM, but it does a fantastic job rebuilding email conversations for example.   

Sil, the NOP cert sounds a bit too constricting.  Am I understanding correctly that the entire test is discovering a BOF and exploiting it within 40 minutes?   That sounds a bit limited and geared towards vulnerability research.  Still, it is pretty hard core.   I really need to brush up on writing BOF exploits.  My knowledge is so outdated and useless.  I wish there was more time in the day.

The briefings were great.  I missed the ATM machine one, and opted for another briefing.   That was a mistake    I especially loved the Samy Kamkar one.  He is one funny dude, great content too.   I am working on a review of the training class, but in short, it was very enjoyable. 

Samy's talk on this subject (and others) was absolutely excellent at Blackhat.

Did you compile hydra with LIBSSH support?   I don't believe that's on by default.  You would also need the correct development libraries.

Sil, that's a great write up.   I completely understand where you are coming from.  Reliance solely on tools is never a good idea.  They miss so much, identify so many false positives.  Most of all, they are noisy (in general).  Even if you do use a decent tool, you end up spending quite a bit of time in Wireshark trying to figure out exactly what's going on.

Still, it's difficult to avoid using tools.  If someone has already coded something that will save X number of hours on an engagement, you almost have to use it.  Time limits and budgets have way too much say in this. 

Any high level security book do the trick, if I understand your question correctly.   The CISA or CISSP track, for example, would have information on security controls.   You can also look at standards, such as COBIT or ISO 27002/17799. 

What are you looking for specifically? 

Hey millwall,

Those should be capital -L and -P.   The lowercase -l and -p will accept a single word from the command line.  The capital versions of these switches will read a file.

I have to admit that both CISSP and MCSE have opened doors for me.   They don't really prove that I know anything, but recruiters love popular certs.

sil, that's a great write up on these certifications.   I wasn't too familiar with the CPT and CEPT certs, but they sound like what the industry needs. 

You should also make sure that your WPA v.2 encryption phrase is not easily dictionary cracked.  Don't use anything that has to do with your family, address, etc.  I use a random set of alphanum chars.  I view a wireless network as an incident waiting to happen and treat it as such.