While I'm not an expert on TOR, and I could be wrong...

If you get enough of your systems in the lab set up, you could try setting up a tor node network. you might have to do some interesting work to make it happen.

Somebody should be, sending out copies of Little Brother to everyone in that school district.

I'm surprised by the response of the ACLU, how does privacy not fall under their area?

While privacy is not a constitutional right in this country, and privacy laws are few and far between, there should be a way to create a ruckus over this. What if all the students who don't want it, change schools to a saner one?

You need to think of it from their perspective. How many people do you think contact them on a regular basis for these "Services".

If they're doing anything PII (HIPAA, CreditCard, Banking, etc) and not doing HTTPS, and you and show it without "being evil" (BE ETHICAL), then you might want to let the agency that is concerned with that know (the ones you report to with violations).

As for ISACA, ISSA, etc, you're gutting yourself from the word go. Not everyone that goes to them know everything, and some are looking for help from other people. #misec is made up of several skilled people (100 or so of us), and we all have our specialties. We  also leverage the others in the community for help. You may meet someone that needs or wants a web app pen test, but doesn't have the skill in house and willing to hire you if you have the references to back you up.

I read this one back in the day (After being let go from a large telco company).
http://www.amazon.com/From-Serf-Surfer-Becoming-Consultant/dp/0782126618

There was another one, even older, that I read. I don't remember what it was called. It was written by an electrical engineer who went in to photography consulting if I remember right.

Malachi,

I would assume if you sign up for the class... he'll teach you the skills to play.

From the site:
"From October 22nd – November 11th I’ll provide you with access to the Strategic Sec lab network that will be full of challenges with explanations and step-by-step walkthroughs for each challenge."

What part of the install is giving you a problem?

tar -zxvf <filename>

change to directory then issue the proper commands to compile from source.


think that's right.

Since it's a tarball, you have to melt it first. It is currently in the TAR (archived) and Zipped (gz) format. the first command will un pack it (melt it).

simple stuff, the right google would guide you through what you need.

I think that was the same time as burbon con, and the #misec guys already had plans to "invade" that. and invade it we did, and very well.

A lot of the home, and some of the business stuff have gone to 254 for the gateway. I've worked at places where I put the primary AD for the forest at 1, with a 254 gateway. figured what the heck. only available from internal (no natting).

If I get a new Credit Card in time to sign up I will be. (Glaring at The Pub in Louisville, even if it is 350+  miles away).

Actually quick conversation with Joe on Twitter, if you're going ot be doing CCDC this year (I could but mentoring instead at school), he says this will help.

Nice catch. I was typing quick at work.

N is backward compatible with B/G, which the H will support. you won't get the range. Yes you're better off getting something new, that has made a compatablity list, but the older stuff could be cheaper, and for learning / lab use that would be fine.

 Real world. get the new shiny if it going to do what you want it to do. That said, I'm still using the IBM (yes says ibm not lenovo) T60 I bought in 2007 (granted i've done a cpu swap and upgraded the memory). 32bit processor works nice.

Having used both internal and external cards, I tend to recommend the external ones. They tend to get better range over the internals. Mostly due to antenna. I could take my laptop apart and run some cable to make a bigger antenna but that's more work than I want to do.

While Jinwald12 doesn't seem to like the AWUS036H, I have had no problem with mine. It was the standard for a long time for wireless hacking, since it could do the packet injection.

If you're looking for a laptop and you're checking them out at the store, take a copy of BackTrack with you, reboot and try airmon's injection test see if it works or not.

You'd be surprised at how fast people working at the store want to help you out when you say you're a security professional and want to see if the hardware will work with your hacking tools.

I probably won't be doing any certs again this year. I'm having a hard enough time keeping up with college course load. I tried the e-Learn Security stuff, but the professional levels was over my head. maybe I'll go back and do the beginner level when I have time.

Congratulations Rance. I'll have to remember that in about 2 years, when my current contract is winding down. This time it was chased by a head hunter, next time I don't know.

sorry I missed some of you. Was great meeting the ones I did though.