I have a subscription. I think it's a little over priced, but it is a good read.

I passed the RHCT, but fell short by about 10% on the RHCE.

Need to start saving again, its become like a mission for me!

I sat my RHCE exam today - finished it a couple of hours ago. Just waiting for the result now.

It's a harsh exam, three and a half hours sounds like a lot, but really it isn't!

It is the best Linux cert around - not just because Red Hat have the market share of Linux in the business world, but because the of the exam structure.

I'll let you know how well (or not) I did when I find out.

I'd also like to be involved, whether it be writing, proof reading etc.

I think a collaboration amongst the EH.net people would make for a good read!

I think that the OSCP is more widely known and respected.

Give the Heorot more time and it will become more recognised.

Does anyone else have a subscription (print) to Hakin9?

I got one, have had one magazine and the archives CD. I have not got the most recent magazine that was released last month, not the other two previous issues that I was told were sent to me.

Does anyone else have problems getting this delivered?

At the moment I feel like its a waste of money.

I really enjoyed my CEH course. It was a real eye opener, and I had a really good instructor.

Awesec, if you are in the UK I can recommend Firebrand, I studied at Wyboston Lakes, and the instructor (Luke) was really good.

The CEH is one of the most widely recognised certs in this field and definitely worth going for.

That said, I would also recommend the OSCP, I want to do this next year, as it seems like an excellent step up from the CEH.

The way I look at it is:

Beginner: CEH
Intermediate: OSCP

Not sure about an advanced course, but it would probably be an Offensive Security one.

I do agree that the study material is one of the worst I have ever seen. Luke was trying to get them (EC Council) to let him write it, and believe me, he knows his stuff!

The CEH is a great step up the ladder, but when you try and compete with people with two years actual experience you are hard pressed, and the CV will not even get a second look.

But then how do you get two years actual experience? This is the problem I am facing at them moment.

The exam is very straight forward, and its not hard to pass (given that you study for it and have a good tutor).

Good luck with your decision.

Yes. Spent ages moving the alphabet around, gave up after about two days!

Thanks Don and Ketchup

It's SSL traffic, I've decrypted it in Wireshark using the key, and can see them in hex code in the outputted file. Wireshark just shows the encrypted data still.

I'll carry on with NetWitness, as it does look like a very nice tool.

*EDIT*

NetWitness has come up trumps, and given me the files.

Thanks again Don and Ketchup

Hi

Can anyone help me recreate files from a packet capture.

I have found a good page on hex headers (http://www.garykessler.net/library/file_sigs.html), and I know that there are at least two bmp images and one zip file.

I have tried copying them all to notepad, then loading them up in a hex editor, and saving them as the required file type, but if I try opening them up in paint, or winzip, I just get a "file is corrupt" message.

Is there a step I am missing?

Gargh!

I feel like I am so close.

I have done (I think) 1, 2 and 3, and most of four. I have half of five, and ideas for the bonus.

My wireshark-fu is letting me down

This is good fun though

It looks like ssanz has just used the recent anti-sec attacks to run with the money he's made via visit4cash.

I don't understand anti-sec attacking imageshack - that was probably more of a PR stunt (by anti-sec) than anything.

Blackhat-forums and astalavista attacks are keeping in line with their goals though.

We arn't going to see the 0day any time soon.

Excellent find, thanks Don!

Thanks Ketchup, that's a very good idea, I'll do that instead.

I have just been converting the shellcode and all it seems to do is try and connect to an IRC channel.

Am I missing something about the exploits "usefulness"?

I will compile and test this on a virtual box at home later, it'll be interesting, more as my first steps into understanding shellcode/exploits more than anything!