What exactly are you trying to do, and how are you trying to 'connect'?  Is this over VPN, or how are you trying to do it?

You've given us NO information that will help us, to help you troubleshoot.

And not really 'hacking' but with regard to online activities and trying to track a criminal:

Untraceable

Good movie.

Hi kumar, and welcome.

In addition to the aforementioned thoughts, how is your background with 'Object oriented' languages like Ruby and Python?  If you've got even a decent background in C++, and as Ketchup noted, you understand memory and such, you'd likely be able to pick up on the other languages pretty easily, and Ruby and Python are very heavily utilized in many of the tools and exploit development projects (CANVAS, CoreImpact, Metasploit, etc.)  Granted, the object oriented side of them is different than C++, but the concepts are easily understood, and I'm sure you could quickly adapt.

Assuming you could pick them up fairly easily, you could really go far on the exploit end of the security spectrum, but even if you don't, the understanding you've gained as a programmer will help you to know what types of things you can be looking for, and you'll better understand, at least, what exploits are doing under the hood, giving you an advantage over many of the 'script-kiddie' types that both attack systems (unethically,) as well as quite a few who are looking to get into the proactive side of security (ethically.)

As far as the security knowledge / experience requirements for CEH, I'd agree, that you could work on something like Sec+, etc, or you could even do some co-op work with existing companies, directly assisting or developing security offerings, to begin getting that time in.  Either way, from my experiences with other folks who needed to meet the requirements (I met mine, prior to even reviewing the course, so I haven't personally had to consider alternate options,) I know EC-Council has been pretty reasonable, provided the experience you have in IT and programming is documented and verifiable, and you can show you're working towards direct activity in security.

Good luck, and if you do approach them, let us know how they respond.  It's always nice to get feedback that we can give to others, who are in the same types of situations.

I'll fourth their comments, and welcome aboard, zeroflaw.  I think you'll find EH-net a very good place to start, and if you have something that we dimply don't know, a lot of us are happy to help you find the answers elsewhere.

Good luck with the college pursuit, as well.  I personally NEVER went to college, although, for obvious reasons (many jobs are hesitant to look at you without a degree) there are often times I wish I had.  Who knows, someday, when not hammered with work, the wife, and our kids, I might actually find time to try it, again.  I've never given up on the idea, myself!  The fact that you're still after it is good, and I'm confident you'll make your way through it.

Again, welcome aboard!

Wow, that's quite the write-up, and I'm sure you'll get a lot of seasoned advice here.  Oh yeah, and welcome aboard, stephen.

I'm not former military, myself, so I can't vouch for what they have allowed you to take, or will allow you to take.  As you'll find throughout the forums here (dig around and search a little bit,) you'll see a lot of us giving advice on the different roads we've taken, or recommended to others.  It's VERY largely dependent, as you said, on what you really want to do when you get out.  We obviously can't make a decision for you, so I wish you the best as you do.

That aside...I'd tend to agree, that if you want to begin with general IT Security (not specific to pentesting, auditing, forensics, etc,) then I'd probably start with the basics:  A+, Net+, Security+, UNLESS you're already comfortable enough with your knowledge in A+ and Net+ to bypass those.  However, in any realm of security, the knowledge they teach is still a necessary evil, sometimes, whether from the standpoint of understanding physical or logical network layouts, or even hardware / software configurations and troubleshooting.  But specializing in security, the Security+, as a first step, would be good.  

If you get through that, and feel plenty comfortable with things, then you probably could start studying and working towards CISSP, or you could look more at the CISA / CISM tracks, again, it all depends on where you want to be in 5-10 years, and how you foresee your career advancing.  You're correct in noting that CISSP is very well-known, and in many of the customer environments I work with, they won't hire a security person, regardless of the job description, without it.  Does that mean it's the end all certification to have... definitely not.

If you decide you'd rather work as a consultant, or within a company that specializes in security, then you can focus more on what areas interest you, as well.  You could look at pentesting / ethical hacking, with CEH, GPEN, or OSCP.  If you wanted to move into law enforcement or some other fields, you might prefer to go into Forensics, as that's another field that is booming right now.  (CHFI and other forensic trainings come to mind.)

Ultimately, I'd never say you are 'better off' or 'worse off' to let your future mimic your current work.  I say this as, if you aren't happy with the specific work you do now, you likely won't find any peace in continuing similar employment afterwards.  (Besides, if you totally liked what you do now, the government benefits might far outweigh those you'd find on the outside, and if you were happy in what you do now, or close to it, I'd personally stay put!  - Note: my opinion only)  

My advice to you:  think hard about where you want to be... not next year, or in three years, but in 5-10, or longer.  Look at all the options that are out there and decide what you feel suits you best and what you WANT to do, then look at what career options and training are out there that line up with your goals and objectives.  At that point, if you're having trouble finding things that line up with those objectives, either make a conscious effort to dig further (and obviously feel free to ask us, as we'll definitely help to steer you, if you truly KNOW where you want to go,) or make the decision to look at your 2nd option.  Don't just go into it with one, but prioritize the various options.  Who knows, in the end (this isn't meant to say DON'T go into security,) you might decide that some other IT field, or no IT field at all, is where you truly want to be.  I can only tell you, from personal experiences, that if you don't at least attempt to do what you WANT to do and enjoy, you may regret it down the road.  It took me years to realize I'd missed my calling and enjoyment in IT security, before I came back around, but boy, am I glad I did!  Don't just focus on marketability alone, or you might very well miss the boat.

Good luck, look forward to others' advice, and again, welcome to EH-net!  You'll enjoy the interactions here!

Agreed, fully.  We understand the purpose of the exercises.  It's not about the specific systems, etc, it's about testing leadership and incident response methodology, in general.  

However, as I'd said, general public (not the IT-'informed') might not understand this, to the same degree, and thus, my questioning the public-release nature, even of the event taking place, let alone any detail on the outcomes, beforehand.  I think it might have fared better had they gone through the drill, then after the fact, gone over the results of the response side of things, rather than opening it up, pre-simulation, to scrutiny or 'blind' questions from media, etc.  

From the standpoint of those involved (industry analysts and lawmakers, as well as the folks formerly holding the critical positions,) I fully agree with their perspectives and knowledge being put to use for this, as well as for the lawmakers having opportunity to lend their insight and reasoning to form new policies and the like, in relation to this type of situation.  Mind you, I know I'm being overly cautious / critical, and that ultimately, those in the know will NOT release any data that they shouldn't.  (We are talking about politicians, right?   )  Personally, though, I just don't think it was as wise to open the floor to public media, even just in acknowledgement, this soon, but rather, I'd have waited until after the exercise is concluded, to brief the rest of the world.  (And then, again, only to brief them on generalities, and nothing specific.)  Even though we are NOT talking about specific security and infrastructure systems and the like, directly, even giving a firm understanding of how the TEAM of invididuals works together, in this scenario, allows others to try to manipulate that system, and come up with other means to an end.

Even in penetration testing and security analysis, we often examine our clients' security policies for backup, data handling, incident handling / prevention, etc.  That doesn't mean that if we question any of it, disagree or even agree with it, that we release it to other individuals outside the scope of the testing.  It defeats the purpose of confidentiality, ethics and common sense.  And while yes, this IS the United States' critical infrastructure we are talking about, that doesn't preclude US citizens, some of whom HAVE ill intentions, from using any given data against the system.

Understand, I fully agree with everything stated in this thread, from the nature of the testing and simulation, to the lessened severity of the outcome of simply simulating, and awareness of the results, per se.  And these are FORMER post holders, not present, so there's no guarantee that the responses will be the same as they'd be with the current position holders involved in a real scenario.  However, IF protocol is in place, as it SHOULD be, then 'technically' they should be following set procedures, etc, and those procedures do NOT need to be publicly scrutinized or disclosed, as it's the job of those in the proper positions of authority to adequately understand, react and rectify these types of situations, by procedural guidelines.  (That's the point of this, right, to analyze current procedures and modify / change / better them, to accommodate future changes in technology and methodology, in order to come up with BETTER ones?)

That's my opinion, and again, I fully agree with the rest of the points by myself, unsupported, and Ash Chole.

Again, from the security-realm / world perspective, I'd still be interested in hearing any results of the procedural outcome, so if you hear anything, unsupported, let us know.

I'd assume they're good, but I haven't done the RedHat certs. 

I have LPI's LPIC-1 and Novell's CLA, CLP and CLE for SuSE Linux, and I know they did a good job with theirs.  From others I've spoken to, RedHat's RHCE was a good experience, but I've not talked to anyone, yet, who described the RHCT in any detail.

Interesting, as I'd begun looking at the same icon and website, as she'd mentioned, previously.

I'd agree, and per discussions with 'unnamed' others I've had in PM's since yesterday, I'd think closing this thread is a good idea.

Note, in that last URL you referenced, unsupported, the date of her post was 2005...  I'm sorry, but that 'issue' was almost 4 1/2 years ago, not just 2...  Whatever the issue, I think it's time to call it quits.

So first note (more to come, as we analyze further and dig more) is that the network they are providing (Belkin54g, as you mentioned) is the default for that router, so it looks as though, at some point, they completely reset it.

All good points by unsupported.  And his questions are very valid, and really, to help ANY more than we are, we'd need much more detail on exactly what you're seeing, what data shows you're being hacked, etc.

That said...

Heck, were it me (and it's thankfully not,) I might even consider throwing a honeypot or two on your network, to help keep the person(s) occupied, while you utilize the other tools that were noted, both to protect, and to analyze the attacks to see if you can gather more info about the attacker.

These don't necessarily prevent the access they've gained, but at this point, whomever is doing the deed obviously has a decent grip on your setup and how to get to it, so at LEAST you could throw some 'interesting' stuff into the mix, to buy some time, especially if, for now, you've removed any private data you don't want them to see.

Again, I'd be very wary of people 'close to you,' as, based on the intensity they seem to have in coming after YOU, there's at least a very real chance that they're gunning specifically for YOUR data, for whatever reason.  I don't know of many hackers that would target your ISP, your home network, your phone lines, and all, knowing they're adding to the risk of being caught by spending so much effort on one 'home network,' if it's not someone that either knows you, has a bone to pick, is targeting you or your business, specifically, or is very close by, physically, to your home.

After all, you'd said:

"What happened to me is that I stumbled onto something very nasty; and was put into something that is definitely not your usual botnet ( and I am familiar with them )."

I'd follow the advice given here, by unsupported, myself and others, and look for an IT Security professional in your area to look at this.  Not your local Best Buy Geek Squad (I know you already know this) or your local repair folks, but someone with more background and experience specifically in Security.  If the FBI is asking for more data, then the right people can hopefully help you GET that data.  Again, we're here to help where we can, it's just that we can't offer much more than suggestions, without being directly involved in your situation and in possession of more info than we are really privileged to have, or have been given thus far, based on the circumstances.

L-O-L!!!  'nuff said!  I'm in full agreement, as it's definitely nicer to come discuss with folks who understand the reality of it, rather than just the hype and 'fantastic'-ness of it all.

If your buddies are involved, definitely keep us posted on this.  I'd really like even a 'mini-synopsis' of the whole ordeal, when they finish it up.

Hey, unsupported!

I definitely wasn't debating the seriousness of the exercise, nor the meaningfulness of the outcome.  Any preparation, even in a less than 'perfect' simulation, is better than none at all.  I'm all for the exercise, just not so sure that making it public knowledge is the best thing, as the public's view of said outcomes / simulations is totally different from those of seasoned security folks, and the general public would likely be much more critical of the process and expected outcomes, even with much less 'informed' knowledge of the procedures and severity.

I'd agree with you, though, as I'd LOVE to see the lessons learned, etc.  Just questioning if the public ever will (or should, for that matter!)

Also, even with the gmail / https suggested, be careful.  If whoever is attacking is good enough to be that deep, https / gmail likely isn't going to be 'secure'  HTTPS, if the attacker has access to your machines, is actually very easy to get around.

Again, we can only give some advice, and can't really defend for you, etc, but the more specifics you can give, the better we may be able to advise, a bit more.

Ravenquill...

Hope you weren't offended.  just seemed odd (as you acknowledged  )

Keep us posted, and we'll help however we can, but as unsupported said, if it's THAT serious, you may need a professional, onsite, to look at this.

But again, we're here for help / advice, so if we can, we will.

I knew they'd done this with the oil scenario, so not really suprised that they'll work one up for cyber attacks, too.

I think that would be a very interesting room to be in, if one were actually allowed to observe it...  You often wonder how those particular folks would respond to a scenario like that, although because they DO know it's simulation, you've still removed the 'fear' factor of the unknown, in that, while you DO want to show you'll react appropriately, the stress and situational awareness (or lack thereof) in a TRUE attack scenario (where real systems are already down, or compromised, etc,) would be much less 'real' / minimized.

Wonder how much info, if any, the public will actually hear about.  After all, explaining how something like this is handled, publicly, just gives attackers more thought process to try to workaround similar response methodologies, in the event of a real cyber attack.  Assumably, actual 'details' of what are done will not be made public, and we'll only be told that those in the know have decided appropriate actions and behaviors were taken (or not.)