Not sure I'd agree with that. Pre-shared keys means both parties know who is on the other end. Use of certificates in PKI only means the person with the public key knows who is on the other end - system with the private key has no clue who the other system is.

As a side note, I have added new memberships to the Hacking Dojo. Students who are not interested in the online lab or the mentoring components of the different classes can sign up for one of a couple different lifetime memberships (one payment, no subscription).

http://HackingDojo.com/lifetime/

Yes, you can stop and restart at any time.

Once payment is made, PayPal will send you your login credentials, which will allow you to log in immediately to the student area.

We actually have over 25 hours of videos right now. :-)

Currently there is a dearth of professional penetration testers in the field - companies are finally realizing that they need to improve their security posture in order to stay competitive (it's not just an expense for them anymore - it's a business incentive).

Considering a lot of work in this field is also being done remotely and through the use of conference calls, I think age, handicaps and limitations of any sort will soon be immaterial in this job. So yeah, go for it.

Yeah, feel free to use the 1.110 as a target. It doesn't track the same, but the concepts of the methodology are identical.

I don't have any additional videos of the online lab, since it can fluctuate in its design. On an unrelated note,I have to admit it's fun watching what people do in the lab - as an example, I mention to students they should try to be like surgeons, and conduct surgical strikes... but they come in carpet bombing the targets.  But that comes with time.

Feel free to hit me up with any other questions you might have. Enjoy!

Just found this thread, and wanted to try and fill in the gaps regarding my book and the videos present in it...

IP address:
The De-ICE disks were designed to simply give a challenge of attacking a system. Because of the IP address and number of protocols available on the target systems, you can look at them theoretically as internal systems. However, I wanted those people using them to worry less about the network configuration, and more about the process of information gathering, vulnerability identification, etc. I also wanted to make them based on misconfiguration instead of exploitable applications, so that people would quit thinking pentesting was simply launching autopwn and rooting.

Videos:
The videos came first, the book second. Although the videos in the book are still valid and useful, they come from the Heorot.net training program, which has now migrated over the HackingDojo.com. To keep things in perspective, the videos in the book could be considered v1, while the Dojo material has evolved to about v4. Currently, for the same level of training in the book, there is about 10 hours of video training at the Hacking Dojo. In addition, there is a lot more hands-on activity at the Dojo as well, plus we have live sessions at the Dojo... much more evolved than what's in the book.

De-ICE 1.101:
This image has not been released to the public, and is accessible only for students of HackingDojo.com (and heorot.net beforehand). It is used as a method of testing a student (along with a written exam) to see if they have absorbed and can demonstrate the appropriate knowledge to move onto the 2D Nidan level of training. Consequently, there is a De-ICE 2.101 disk as well that again has not been released to the public, and is used by students to test out of the 2D class onto the 3D.

Hopefully that helps answer some of your questions. Now that I know that this thread is here, I will monitor it in case anyone else has questions about my book or the videos.

I know this is like using a shotgun to hit a gnat, but so be it... 

There is a Colorado Springs Hackerspace being launched in September - we are looking for people interested in joining up. The permanent location for the space will be in the I-25 / Garden of the Gods intersection, and will house 2000 sq ft. of workspace, meeting rooms, a full kitchen and more! The Colorado Springs Hackerspace will include monthly lectures, hands-on shops, special projects, and more. The Hackerspace is partially funded through HackingDojo.com, which will be offering free lectures throughout the year to members of the Hackerspace.

As mentioned, we are currently looking for members - if you are interested in joining us please PM me or contact me at info@hackingdojo.com. We would like to gauge the number of people interested in joining the community for planning purposes and to help us launch the Colorado Springs Hackerspace.

I wanted to let those going to DefCon know about a couple "official events" going on at the convention.

First one is the "Be the Match" donor registration drive. I started this event at DC18, and so far we have had 250 join the registry, and we actually have had one person who signed up at DefCon be selected to donate bone marrow to a patient in need. This event can be found at:
https://forum.defcon.org/forumdisplay.php?f=635

The second event that I'm helping organize is the "BloodKode Challenge" (blood drive). This is the second year of the drive, and I was able to get two days blocked out for blood donations (last year they showed up for half a day). You can sign up online to schedule your donation time during the convention (slots going fast, so don't hesitate... do it now) - information about the event and how to pre-register can be found here:
https://forum.defcon.org/forumdisplay.php?f=655

And as an added bonus, if you participate in either of these events, you could receive access to the Ninja Networks party (and for those who have never been, you've missed a HELL OF A PARTY!!!). For specifics on this, visit the following:
https://forum.defcon.org/showthread.php?t=13006

You really won't want to miss this opportunity... seriously.

Yes - the discount will last all through July, and into a few days of August. Also, if someone signs up and is later picked to receive the free year I will refund their enrollment.

As author of the aforementioned book, I strongly support your purchase it.

 

I wanted to let the community know that I'm closing down the heorot.net web site and migrating all the instructional material and forums to HackingDojo.com. If anyone experiences problems logging in, please email me at info (at) hackingdojo (dot) com, or send me a PM here. I believe the transfers went ok, but I'm too cynical to believe it went perfectly well, and I expect someone will be left out in the cold.

Thanks!

Advancement is based on demonstration of skill, not time attended.

You can move onto the 2D when you pass the 1D test (which can be taken the first day you sign up if you feel you're skill level warrants the advancement). There is a written and a practical - but if you can pass both you can immediately move onto the 2D.

This is to ensure that everyone in the 2D has the same level of understanding - that way we don't have to reteach prior knowledge. There have been students that were able to advance pretty much right away, so if you want to and can test out, I'm all for it.

Just wanted to let everyone know that the Hacking Dojo will now be offering its 7-week Novice course as a on-demand video course. In addition, we knocked 30% off the price. Sign up for the course at our re-designed web site: HackingDojo.com