SYN Stealth Scan [-sS] in Nmap

To initiate a TCP connection, the initiating system sends a SYN packet to
the destination, which will respond with a SYN of its own, and an ACK, acknowledging
the receipt of the first packet (these are combined into a single SYN/ACK
packet). The first system then sends an ACK packet to acknowledge receipt of
the SYN/ACK, and data transfer can then begin.
SYN or Stealth scanning makes use of this procedure by sending a SYN packet
and looking at the response. If SYN/ACK is sent back, the port is open and the
remote end is trying to open a TCP connection. The scanner then sends an RSTto tear down the connection before it can be established fully; often preventing
the connection attempt appearing in application logs. If the port is closed, an
RST will be sent. If it is filtered, the SYN packet will have been dropped and
no response will be sent. In this way, Nmap can detect three port states - open,
closed and filtered. Filtered ports may require further probing since they could
be subject to firewall rules which render them open to some IPs or conditions,
and closed to others.
Modern firewalls and Intrusion Detection Systems can detect SYN scans, but
in combination with other features of Nmap, it is possible to create a virtually
undetectable SYN scan by altering timing and other options.

I hope this may shed some light on what you are looking for.

It will be the EC-Council because when I bought the books and videos for the CEH they threw in the CHFI books and videos.  So presently I am learning that one, hopefully will be ready to test at the end of the month.  About half way through the labs right now.

I am 42 and just start my career in info sec and I love it.  The only advice I can tell you is that do what you love to do. If you love networking then do that or if you love starring at lines of code then do that.  But I love security, not sure why but I seem to have a passion for it.  When I started I just cuoldn't stop.

It was not as bad as I thought it would be.  I was told it was one of the hardest certs to get, which is not a bad rummor because I actually got an interview because of this cert.  The highering manager was saying how impressed he was that I passed the certification and kept asking how hard it was. If he only knew.

I almost feel bad that this certification holds as much wieght as it does not certs like OSCP are unknown. Rule number 1 in the IT field is don't try to make sense of what the situaton is just be grateful.

Possiblities are opening up but that is not holding me back.  Next step is CHFI and then OSCP.  So for those whom are not sure about the CEH, if you are in the goverment field i say take it.  It opens doors lots of them.

CFP Released!
December 7, 2012
The Call For Papers has been released. Check it out!
Sun, Surf, and C Shells
Shakacon, an Information Technology (IT) Security Conference, is back and ready to invite business executives, government and military officials, security professionals, and IT enthusiasts to participant in Hawaii's only Call for Paper based IT security conference.



We decided it was time to bring some top notch technical talent back to one of the most remote locations on earth.

Sitting around somewhere freezing your a$$ off? Dreaming about warm days, rainbows, decadent tropical drinks sipped out of coconuts? Sure you could drop your 0day in Vegas, bring down the Internet in Germany, or satisfy your dark desires in Asia; however, wouldn't you rather submit your research or topics to our CFP and maybe win yourself a paid trip to Hawaii?
Call For Papers.

Who: Shakacon Crew
What: 5hakacon
When: June 25-28 2013
Where: Paradise aka Honolulu Hawaii (nuff said)
Why: Why NOT?
How: By plane, boat, canoe, yacht, hydrofoil, stand-up paddle board, jetski, long board, dolphin, whale sled, nuclear submarine...

[Overview]

Want to learn the Hula while increasing your security skills? Want to attend a conference where you can grab a drink with some of the top security minds in the industry? Want to surf the beautiful waters of the pacific in the morning and then drop some 0day in the afternoon? Sitting around somewhere freezing your a$$ off? Dreaming about warm days, rainbows, decadent tropical drinks sipped out of coconuts? Sure you could drop your 0day in Vegas, bring down the Internet in Germany, or satisfy your dark desires in Asia; however, wouldn't you rather submit your research or topics to our CFP and maybe win yourself a paid trip to Hawaii? If the answer to any of the above is yes then we are your conference.

The Shakacon security conference is a laid back conference where industry, government, academia and independent experts will get together to share knowledge and experience in one of the most beautiful places on Earth.

Shakacon will offer local, national, and international participants a casual, social, learning environment designed to present a "holistic" security view and the opportunity to network with peers and fellow enthusiasts in a relaxed setting. Leave your ego at the airport (or shoreline if you come in via another method) as we look forward to attendees varying in skill level from N00b to Ninja.

During the day, sessions will include: best practices, case studies, research projects, etc. covering all different aspects of the information security landscape. There will be something for everyone and if sitting through talks isn't your cup of kava, there will be exciting events and contests for you to sharpen your skills and knowledge on.

You will not want to miss the closing ceremonies where we pour enough alcohol that we convince some interverted security geniuses to get up on stage and dance the Hula.

[Trainer Opportunities]

Don't want to speak at the Con but have an uncanny ability to teach and a proven track record for delivering quality courseware and want to come to Hawaii? We're also interested in bringing in trainers to provide world class training leading up to Shakacon (June 25 and 26). Submit a synopsis/class agenda, prior teaching experience, and maybe get selected to teach in Hawaii.

[CFP Details]

We have a very limited number of spots so get your submissions in early to ensure you get a spot.

(1) Abstract for papers must be submitted to the review committee by _February 22, 2013_.
(2) Selection notification will occur by _March 1, 2013_ and abstracts posted to the site by _March 15, 2013_.
(3) Full Slides for your papers must be submitted by _May 15, 2013_.

CFP Review Committee:

Caleb Sima - BlueBox
Katie Mossouris - Microsoft
Colin Ames - Attack Research
Matthieu Suiche - MoonSols
Vincenzo Iozzo - TiQad
Kent Backman
Jonathan Brossard - Toucan Systems
Jeremiah Grossman - Whitehat Security
Daniel Hodson
Kris Harms - Cylance
Mark Ryan Talabis - Secure DNA
Chris - Secure DNA
Jason Martin - Secure DNA

As mentioned, there are a limited number of speaking sessions for which the conference organizers will provide travel and accommodations so please submit your abstract early if you are interested in speaking. Speaking slots will be 55 minutes long (45 minutes for your talk and 10 minutes for Q&A).

The audience will be a broad mix of professional, academic, and enthusiast, so we welcome both technical and non-technical submissions on all aspects of security. The key criteria are practicality and timeliness. We want to provide our attendees with up to date materials they can take away and immediately gain benefit from as well as new research or tools. Absolutely NO SALES presentations will be accepted.

Proposals should include:

Subject Line: "Shakacon CFP Submission: <paper title>, <your name>"

Body:

1. Name, address, and contact info.
2. Employer and/or affiliations.
3. Brief biography.
4. Presentation experience.
5. Topic summary.
6. Reason this topic should be considered.
7. Other publications or conferences where this material has been or will be published/submitted.

Please include plain text of all information provided in the body of your email as well as any file attachments.
The plain text information will be reviewed first to find the most suitable candidates.

Please forward the above information to cfp at shakacon.org in order to be considered.

[Media Partners]

We are media friendly. Please email info at shakacon.org for inquiries about press passes.

ALOHA FROM THE SHAKACON CREW!

Are you going to be there DON?  I live in Hawaii let me know and I will take you around the island or go out for some really good Hawaiian Food.

This is a topic a talk about all the time with people.  Back in the day when I was growing up a hacker was a programer, a cracker was a code breaker and a script kiddie was some one that did not know how to code and used everyone elses.

Now to what is a hack? A hack is to make something do what you want it to do outside of it's design (or Program).  So hacking is not bad hacking is what make us understand things more and possibly make it operate better.  Breaking an I phone is due to Hacking.  Making a car drive faster or cleaner is a hack.  People Hack everyday all types of ways . . . so I ask you is ahcking BAD?