Try the "--rules" option in John. That will mangle the words in your dictionary with some default rules in your john.conf file. There are also some very useful rule sets released by Kore Logic a few years back. You can find them here:

http://contest-2010.korelogic.com/rules.html


I use a "for loop" to go through and use all those rules similar to this:


Obviously, you'll need to insert the proper fields into your command, but you get the idea.

Hope that helps!

What you're asking for is called a penetration test. There are lots of people on this forum (myself included) that are professional penetration testers and get paid to do exactly what you're asking for.

If you're interested in having a quality penetration test done, it won't come free. I would suggest doing a little research on Google to find a reputable consulting firm to contact about your needs. Call around to a few of them to get an idea of what services they provide and an idea of what the price would be. The numbers and services will vary greatly depending on the firm you contact, so shop around and find the best fit for your needs.

Good luck!

 

I find it ironic that you reply to 'ajohnson' about username choices and mention that its a bad idea use initials and names in username creation. 


Honestly, although the username is part of the authentication, they are usually publicly (or somewhat publicly) available. I'm not sure there's such a thing as a "secure" username.

I've taken both. Each format has its strengths and weaknesses.

Live pros:

• Networking opportunities
• One on one access to the instructor
• Natural language/body language
• SANS @Night and other extracurricular activities

Live cons:

• The most expensive way to train
• Time away from your family
• Lost productivity at work
• The sheer amount of information thrown at you in 6 days' time

vLive pros:

• Slow pace fosters more in depth understanding
• Feeling of disconnectedness seems to make the students more willing to work together
• Less expensive with no travel costs

vLive cons:

• Evenings are shot on nights of the class
• Less networking opportunities...there's only one class
• Some topics can feel disjointed with the shorter class meetings

Edit: I meant to say that I would highly recommend the vLive format. I was weary at first, but after about week 1 I decided I really liked it!

Personally, I'm excited to see the new EH-Net!

To answer your specific questions:

1) Absolutely. A few growing pains that I may or may not feel are not going to drive me away from such a helpful community! Its worth the pain for me to stick around.
2) I like having the PM available, but I really don't use PM's that often.
3) Depending on the time commitment (I have 3 kids under the age of 6 and travel about 25%), I would be interested in blogging for EH-Net from time to time.
4) *raises his hand*
5) *twiddles his thumbs*
6) I'm sure someone has useful expertise on PHP, MySQL, and design, but it ain't me!
7) I don't have a strong feeling toward OpenID one way or another, but I will tell you that I typically do not link my GMail credentials (I don't use Twitter or Facebook) to very many other sites through OpenID.

Thanks for all the hard work you put into this site, Don! I'm always willing to give back where I can and am looking forward to all the changes you have in store!

SSL issues are very common as well. They're not super-sexy, remotely exploitable....but there still out there.

I get a 500 error on level 5 through 8.

I used less than 10 hours to go through all the labs they had at the time I was taking the class. They've added a couple labs since that I keep telling myself I should go back and do. The labs are fun and are a good way to cement what you learn in the slides. There's nothing earth shattering in there though. A lot of it you could set up in a home lab.

I would HIGHLY recommend buying time in the Coliseum (especially if you're planning on taking the certification)! That was a very cool setup that I learned a lot from. My understanding is that there is only a subscription plan for the Coliseum (but I may be wrong). If you can devote an hour or two a day to it, I think a 30 day subscription would be adequate for most people.

Fortunately, I don't think we're the only ones! 

If anyone else from EH-Net is gonna' be there, I've already got my ticket.

The work-study program is a huge discount, but as you point out it can still be fairly expensive if you're traveling across the country (and in your case a second country)!

I've taken three SANS course. I've attended a conference as a regular attendee, I've taken a vLive course, and I've attended a conference as a facilitator. Of the three formats, I would recommend the facilitator route every time! The networking you get as a facilitator is very different than the networking as a regular attendee.

I can understand where you're coming from on the cost vs benefit, though. In the three classes I've taken, not one cent of the costs came out of my pocket.

*drool*

That's a great one, Don!!!

Logs?

IDS/IPS alerts?

Regardless of whether you're looking for compromise on a workstation, webserver, or whatever....it all boils down to what logging do you have in place. Without the logs, you can't do much investigating....

If adequate logging is in place, the incident response/investigation process does not deviate just because it's a webserver.

You want to talk about feeling old? My "typing" class in high school was split between (first semester) typewriters and (2nd semester) computers...how many on this board learned to type on a typewriter?

Just sayin....

Another great resource is Google's Python training class. They released videos and printed material/exercises that go with the class here:

https://developers.google.com/edu/python/set-up