Yeah, that's for the client that would be coming in from the outside. I have it connecting to an external IP, 12.191.2.235, through UDP port 1194, and then that's forwarded to 10.1.99.8.

Alright, the quick run-down is that I have two internal networks I'm wanting to allow access to, 10.1.99.0 and 199.1.99.0. The OpenVPN server is running at 10.1.99.8.


Server Config
########
port 1194
proto udp
dev tap
dev-node tap-bridge
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
ifconfig-pool-persist ipp.txt
keepalive 10 120
cipher AES-128-CBC
comp-lzo
max-clients 25
persist-key
persist-tun
verb 3
status openvpn-status.log
server-bridge 10.1.99.8 255.255.255.0 10.1.99.240 10.1.99.245
push "route 199.1.99.0 255.255.255.0"
push "route 10.1.99.0 255.255.255.0"
push "dhcp-option DNS 199.1.99.66"
push "dhcp-option WINS 199.1.99.66"


Client Config
########
client
dev tap
dev-node vpn
proto udp
remote 12.191.2.235 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
cipher AES-128-CBC
comp-lzo
verb 3

Does anyone have any experience with OpenVPN on Windows? I've configured both server and client scripts, everything seems to talk ok, but there's no network connection. When I connect through the client, it says the connection is successful, it recieves an IP and DNS, but it is not receiving a default gateway (not sure if this is the problem or not). I've been looking all around but there doesn't seem to be much out there on this specific issue. Anyone have any ideas? Thanks.

Anyone else taken the CEH course through New Horizons here? If so, how did you go about scheduling/taking your exam? I've taken the course (to much disappointment) and was not given the option to take the test on the last day. I apparently need to schedule and pay for the test separately. I never received an authorization code from class, so how do I schedule this exam? When I called the training center, I was told "I'll look into it" and I've not heard back yet. The person I talked to had no idea as to what I was talking about. Anyone else have similar situations?

On topic: agreed.

Off topic: ChrisG, I'm curious as to how you achieved both CEH and CNDA? Did you take the exam twice?

Where is it referenced? The only thing I can think of is using a birthday/date as a password and someone cracking/guessing that.

I was googling around for something and came across this write-up on InfoSec certifications. I think the writer was pretty fair on his evaluation and such, so I thought I'd pass it along here for those who may not have seen it.

A Guide to Information Security Certifications

You got it. No problem

The difference between the courses (and today in the training modules for CEHv5, they refer to the NSA course as ENSA) is that NSA is geared towards defensive measures (firewalls, intrusion detection systems, etc) where the CEH is completely offensive.

Yeah, I'm not sure what they're going with on that one. I've seen it both ways, NSA and ENSA.

Yes, I know of the course and I have the courseware.

A bachelors degree is not a requirement. You must have 4 years of direct security related experience or 3 years and a degree.

If you don't have the years of experience, you can still pass the exam and receive an 'associate' credential and 4 years time to get that experience and receive the certification.

ISC2

It would at the least be able to back up individual files and such I suppose. Being that you could transfer them directly or create a shared folder between the two to copy files. At that point, it's not much better than backing up to a CD or some other media.

It would be pretty cool if they do come out with something that can reverse the process and restore a physical machine from a virtual machine.

I'm surprised no one else has posted anything about this yet...

I bought this book as I saw several people had mentioned it was a good read before the CEH exam. I have read through it and taken my notes already, so I decided to take the written test in the back (110 questions). As I was comparing my answers to the answers in the back, I noticed several that just didn't make sense to me as to how I could have gotten them wrong. Upon further inspection, I noticed that some of the letters in the back, did not correspond with their correct letters in the question. The text explanation and answers all seem fine, just some letter mix-ups. It's a little confusing when you're just comparing letter-to-letter. Here are the fixes:

A. 27: D should be C
A. 31: B should be D
A. 40: B should be C
A. 51: B should be A

I suppose it's a good sign of preparedness that I can recognize when my answers should be correct, right??

Hope this helps someone

- V

I didn't take into consideration that newer AP's leak fewer IV's, but the wireless Linksys router I'm using isn't too new. My signal strength was fine, as I was sitting one floor above my wireless router with 3 laptops (2 clients, 1 attacker). I wasn't using Windows. Thanks for the tips