It will stop attacks on ports/services that are not allowed. However, it cannot stop attacks for ports/services that are allowed. For example, you would hopefully deny inbound tcp/445 but might allow tcp/80 in for web services. We can still attack the web server and the web application....which is allowed by the ingress filtering.

I thought it stops packets which contains unapproved IP addresses in its header to enter the network ?

Secondly I'd like to ask why didn't have waited until the new Kali Linux / new certification platform get be released?

How does this affect the Offensive Security courses? Surprisingly enough, with all the new changes we have made in Kali, the user experience remains pretty much the same. Our students should feel little difference between Kali and BackTrack. As usual, with our course upgrades, all alumni will be able to upgrade their course materials for a reduced fee. Students who have enrolled in PWB since the 1st of Jan, 2013 will get an additional discount on the upgrade fee –  once a new version of PWB is available, in the next 6 months. Our lab environment will not be changing due to the new BackTrack version. Be patient, we will release more information about Kali once it’s ready…soon.

One more question :

Is it better to take 1 month labs and if I need more time than buy additional time or it is better to take straight 3 months from the start?

We all learn differently and do so at different speeds. Also we all have different background experience and not everyone can put in the same about of time. Having now completed the course, I would say if you want to "just pass" the course and can put a good couple of hours in each day then you could get away with doing 30 days - at a push. However, if you want to take your time, learn it and (try to) "do it all", I would recommend 60+ days in the lab. I started off with 30 days, with the hope of cramming it all in as I could spend 8+ hours a day on it. In the end, it took me a solid 30 days in the labs (not including any of the exercises before the lab work), so I ended up extending it by 15 days. If I was to do it again, I'd opt for 60 days and pace myself better.

These are fun! Curious if anybody is able to get the "you solved it" page for puzzle #8...

Threat Actors Using Mandiant APT1 Report as a Spear Phishing Lure

By Intel Team on February 21, 2013

It was only a matter of time. Today, Mandiant learned of at least two malicious versions of our APT1 report that attempt to lure users into opening PDF documents titled “Mandiant” and “Mandiant_APT2_Report.” We are currently tracking the threat actors behind the activity and have no indication that APT1 itself is associated with either variant.

Symantec  and Brandon Dixon’s 9B+ blog uncovered the two permutations of the report. Hashes for the malicious PDFs are available on their blogs. Thanks to both for posting their findings.

Mandiant has not been compromised. Reports downloaded, previously and currently from our website, do not contain exploits.

We recommend that you only retrieve Mandiant’s reports from: http://intelreport.mandiant.com, then check the hash of the downloaded files against the hashes posted on our web site.
Tags: Advanced Persistent Threat, APT1, Brandon Dixon, Symantec
Category: The Suite Spot

This report is focused on the most prolific cyber espionage group Mandiant tracks: APT1. This single organization has conducted a cyber espionage campaign against a broad range of victims since at least 2006.

I seem to recall seeing exploits that claimed to allow remote code execution or something similar on Pastebin BUT in reality they were bogus and ended up pwning the downloader's machine.