Excellent!  Thanks for the info.  once I am through Violent Python I will probably hit Intro to CS. 

Udacity looks interesting, I may have to check it out.  Didn't see the course numbers though, is 101 the intro class?  253 is the Web Dev?  How long did each one take?

Welcome to AIX, bit of a different beast from Windows.  http://www.auditunix.com/unix-security-tool/ this might help.  Some of the best practices around securing Linux can also apply to AIX - root shouldn't have remote access, users should remote in with their IDs and use SUDO to execute elevated commands.  don't use telnet if other more secure methods are supported.  Here is a link to a Tenable post, it is older, but some of the plugins may still apply: http://www.tenable.com/blog/aix-best-practice-and-pci-configuration-audits.  You will probably require SSH access to the systems to adequately audit them.  Oh and be careful when scanning these systems, they area  bit more sensitive than Windows and some scanners will break them even if you are running with safe scans.

Good luck!

Nothing I am aware of, at most it would be a distraction to confuse IR folks.  Do you have a sample of the file?  Maybe a some file just happens to have the string in it that makes AV recognize EICAR.

Anyone heading there this weekend?  What talks are you looking forward to?  The Walt Williams talk seems interesting, maybe Deral Highland's Embedded devices talk.  There also seem to be a couple talks around malware.  For those always looking to setup a lab, there is a talk on that as well.  They seem to have a good range of material.  Hope to meet some EH netters there and have some cool discussions!

http://www.securitybsides.com/w/page/12194141/BSidesBoston

Doesn't appear sold out yet either.

Wife and I have been chatting about moving out of glorious CT and heading down south to FL.  I think after the last couple winters, I may be ready for that change.  So I started peaking at the job boards for the Orlando area and there do seem to be some opportunities.  Just curious if anyone has any suggestions or may know of any additional opportunities for that area.  Another possibility with moving to FL is that the wife would be more tolerant of work related travel.  So I would be open to positions that do not require me to be in any particular geographic location. 

Thanks for your assistance!

I was thinking something like Facebook's session tracking, but that only shows the city/state, app, and the device used.  Or maybe Google's Activity tracking, that gives you an IP address of the last bit of activity, the app and the date/time. 

ZOMG!!! WE ARE DOOMED!!!!! Y2K!!! 12/21/2012!!!  AAAAAHHHHHHH....

oh, here's my wallet....

First question, have you hardened your server to the best of your abilities/knowledge?  Have you covered the Security 101 basics?
renamed default admins?
disabled guest?
use complex passwords?
disable unneeded services?
installed AV and configured it?
enabled the client based firewall and configured it?
Fully patched on both the Operating System and applications?
Ensure any local service/user accounts are running with least privilege access?

If you have done all of that, then you might be ready for a pen test.  And like Xtophertaito suggested, give it a go yourself, you will learn a lot.  Also another good idea is to grab something like OpenVAS or Nessus Community edition and run some vuln scans against your system.  Google on the critical/high findings to learn how to fix them.  Good luck!

Welcome, enjoy the community!

Just listened to that on the way home today, interesting stuff.

Thanks hurtl0cker, I actually grabbed the Ciphers book a couple weeks ago.  Looking forward to reading through that.  Going to work my way through violent python.  And yes, practice practice practice.  I heard someone mention it is best to do a little bit of coding every day than try to do a couple hours in a single day once a week.  Get's the repetition thing going.  once I've had my fill of python I will head back into more web oriented languages and maybe get my web building up to snuff.  My poor domain has laid dormant for far too long and it needs some action.

SEC501 Enterprise Defender, yeah looks like it is due back in June.  So not too long.  I've got a few mini lab projects I want to work on until then.

its not so much about branching out, I do enjoy a bit a pen testing, trying to keep it on the free side or at least less expensive side.  Though I just took a gander at them and 250 bucks and lifetime updates, ability to download the material, not too shabby.  Hmm, may have to review further.  I had a SANS course approved but it is no longer available in on-demand which sort of sucks.  So if that doesn't happen I want to fill that study time with something else. 

Hey m0wgli, if I was looking to go more into pen testing, I would consider it, but right now it's more of a self improvement thing and side hobby.  I want to get better at coding so I figure strengthening my scripting skills will help.