I require a formal questionnaire which would be provided to the client used for penetration test .

If no one is having it how about if some of you guys list up some of questions which you might ask considering the fact that pen test is of network + web app .

Hey Everyone ,
             

Didn't get other are to post this stuff so apologies if this is out of topic .

I was searching for a job in GCC countries related to Network Security Engineer/Cisco Engineer having 3 years of solution provider experience .

Let me know if you guys can help in this regard .

Regards,
MCP, CCNA, CCSP, OSCP.

For challenge exam email to info@giac.org rather then @sans .

نعم ، إذا كنت لا أن جيدة مع الناس ربما الإنجليزية الأخرى يمكن أن تساعدك مع هذا

If you need to appear for a CEH exam you dont need to use your credit card , or western union etc .  You can contact the testing centre in your area and pay them for the exam and they will register it . VUE and Prometric are 2 well known testing centres but I am not sure which one offers exams for CEH , maybe its VUE . You can check offical websites of these testing centres , get local contact numbers and then call them .

Try to make one in English , if you cant speak good English you can type what you are doing in a notepad in English so that the international community can have a look into whats going on .

Thanks I m watching it now ... BTW are you the same guy starting some sort of online Pen Testing Classes ??


Update : I cant understand anything , maybe its going to be one of the finest videos because the technologies used are latest . Can you try to make one in English ?

I was looking for some VPS solutions for personal use and I found this one . Has anyone of EH members used this one ?

hxxp://unixy.net/99/

Also check LAMP Security CTF , http://sourceforge.net/projects/lampsecurity/

have you tried changing the boxes ? I did scan a host located in other country ( SUN SPARC - SOLARIS Server ) and the results came up in 80 seconds which I think is perty much fine using nmap along with nse

As per wikipedia following are the features supported by Pfsence 

    * Firewall
    * State Table
    * NAT
    * Redundancy
          o CARP - CARP from OpenBSD allows for hardware failover. Two or more firewalls can be configured as a failover group. If one interface fails on the primary or the primary goes offline entirely, the secondary becomes active. pfSense also includes configuration synchronization capabilities where changes made to the primary firewall will automatically synchronize to the secondary firewall.
          o pfsync - pfsync ensures the firewall's state table is replicated to all failover configured firewalls. This means your existing connections will be maintained in the case of failure, which is important to prevent network disruptions.
    * Outbound and Inbound Load Balancing
    * VPN - IPsec, OpenVPN, PPTP
    * PPPoE Server
    * RRD Graphs Reporting
    * Real Time Information - Using AJAX
    * Dynamic DNS
    * Captive portal
    * DHCP Server and Relay
    * Live CD Version Available
    * Proxy server
    * Support for software extensions.
          o Notable expansions are : Squid proxy server and Snort intrusion prevention/detection system.


Also if you are in LAN subnet you can issue a ping command and then check the local arp table for mac address conformation , then you can match it with nmap results .

I did a -A scan and got the folllowing line which might be interesting

MAC Address: 00:50:56:BC:7B:D9 (VMware)

If you dont have money to invest then better google pfsence , smoothwall , they are good all in one firewall type solutions and open source .

These kinds of jobs are more available in USA or European countries .  You would not get some good offers from Dubai , if you get it will most probably be compliance+pen testing . Try different jobs sites and ofcourse linkedin but I am afraid that you wont be able to get sponsored work visa from the company unless you are distinguished person or have some thing extra-ordinary . 

When it comes to cisco computer based CBT I will always recommend companies like INE or IPExpert since they are far more specialized and better in Cisco then anyother company like CBTNuggets .

http://www.ine.com/self-paced/ccna/bootcamps.htm#Training/ccna-bootcamp

Maybe 500USD is expensive for a training but its far more better then any normal Instructor Led though this one is Self Placed . Other then that they are offering 30% Discount at the moment on all self placed materials .

As book is concerned Todd Lammel is one of the best in CCNA .

When it comes to hardware I would recommend to concentrating on purchasing L3 Switching equipment rather then putting money on RTR because you can easily emulate them on GNS3 which rocks . IT works excellent if you have a linux box with 2GB of ram depending on how much routers you want to emulate . Consider getting and LXDE interface in linux which can help save some memory on GUI .

ping 127.0.0.1