Mine is crypto.  I heart teh maths.

I'm working full-time and going back to school.  Even a small amount of extra time to maintain a full site would be a deal breaker for me.  Once I'm out of school, I might do that; especially if I need to release code, exploits, etc.

Check out this thread:
http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,8775.msg48286/#msg48286

And this article:
http://www.infiltrated.net/pentesting101.html.

I don't have to do any maintenance or setup.  I can just write, check my stats once in a while, etc.

Thanks again guys.  I'm pretty excited.

Thank you very much.

It used to be that IE was vulnerable and Firefox was not:

http://blogs.securiteam.com/index.php/archives/628

From the post:

"my site is vulnerable to this form of XSS (if the victim uses IE). What can be done? Everything that normal XSS can do including phishing and… well… everything.
As for fixing this (and yes… I will get around to that), I’m not too sure yet. I know I could create a custom error page but there may be better solutions, I’m asking RSnake about that and I’ll either comment here or just update this post if/when I get that info.

The reason this doesn’t work in firefox is because it doesn’t allow or support the Request header, I’m not sure which."

Recently, I've had several discussions (online and offline) about password security, password hashing algorithms, and what it is that we're trying to accomplish.  I ended up starting a blog so I had a place to publish everything.  The articles up so far are about password security, but I plan to publish more on other (mostly application) security issues.  I hope that what I've written will be of interests to the folks here.

So far, I've posted about why rainbow tables aren't as powerful as people think, how long passwords actually need to be to withstand an online or offline attack, and an analysis of what we're actually trying to accomplish with salting, stretching, delay timers, expiration etc.

The blog is here: http://bugcharmer.blogspot.com

Feedback is welcome.

Don't worry about programming certifications.  Programming certifications carry no weight for most employers.  Whereas many networking jobs will ask for a CCNA or a security job will ask for a CISSP, programming jobs generally require CS degrees and experience and do not look at certifications at all.  If your goal is to be a full-time programmer, try to get a CS degree

Outside of application security, the programming skill that is expected in most security jobs is minimal or is considered a bonus/nice-to-have.  Learn whatever languages interest you and put them to use: automate, build tools, etc. 

I'd just hope it was a faithful adaptation.

Correct.

Nessus reports local information as port 0.  Are you scanning this machine remotely or are you running Nessus from the target machine? 

Port 0 is reserved and not used by any (legit) TCP/UDP services.  On Unix, a program can request a dynamic port by specifying port 0; this will tell the API call to select a port.

Here's the lesson: use bcrypt.

The reason the LinkedIn hack resulted in so much criticism is that the passwords were all hashed without any sort of password stretching or salting.  Salting prevents precomputation and forces the attacker to guess each password separately; brute force can't scale for multiple users.  Stretching also destroys rainbow tables and makes brute force much slower.  Some people have criticized LinkedIn for using SHA-1 but that's beside the point.  With salting and stretching, even MD5 would be fine (although I'd use SHA-256 or better).

Nobody should design their own scheme here.  Salting and stretching are already implemented in bcrypt, scrypt, and PBKDF2.  Use one of those.  Scrypt is new, but bcrypt has been in OpenBSD for more than a decade and is pretty widely supported.  PBKDF2 is standardized in RSA's PKCS #5 and in RFC 2898.  Bcrypt and Scrypt appear to be the strongest options.

I've been in school so I haven't had time to focus on certs.  Four classes down so far this year: Forensics, Software Architecture, Network Security, and Security Management.

TCP/IP Illustrated isn't a theory book: it follows sniffs of real traffic throughout.  If the other book helps you, great.  But, you can just setup a few machines and start playing around.  Setup servers for FTP, HTTP, Telnet, SSH and sniff the traffic.  Monitor your ordinary web/email traffic.  Setup a Snort box and monitor traffic with that.  If you have access to Cisco equipment, you can put that into the mix; otherwise, download one of the network sims and practice Cisco commands on that.