Hi
Just go the few books recently including a book on XSS, The Basics of Hacking and Penetration testing, Web Application Hackers Handbook, not yet started as I'm reading currently reading The Basics of Hacking and Penetration testing. I will look into it soon....exciting (not enough hours to read in a day )
V

Wow, Congrats agoonie, Your newyear starts with big gift

Hi, I would say, as long as one is willing to put more time to learn, anything is possible to learn...Believe in yourself to decide & go for it....
V

Thanks for sharing, also reading some of the articles which interests me......

I got this book very recently, I have been reading actively this week and really a good book, especially as jamie pointed, it is good for newbie who needs to understand about security/pen testing has its lifecycle and how informations are obtained.
V

Guys,
thanks for your pointers.
Atlast, things got settled now. I have got working version of lab without any issues...After setting as Hostonly, I got the better picture.
Also came across config setting in metasploitable website, which gave a very good idea of what I have to do...

Cheers
V

Hi Dynamik & HDCautism,

Thanks for your suggestion,

I'm not taking rude, advice well taken  Its all part of learning....

Certain things which I read thru in websites (Google is friend) are not crystal clear personally even after trying practically, during that time, I seek you guys help/clarification. As you said , sure I will get to know more on networking side (but not cert level  ). The harder the way I learn is a good base for my learning too. . I'm glad you guys are here to help each other.

Back to issue, I have taken of staticip, (See these options I have been trying since yesterday, and some understanding from my side was not clear). Now i see myself clear on my understanding thru your answers.

Thanks buddy,
V

Hi Mr.Tuxracer,
I'm in the same course, except joined during christmas....
Probably might meet in community  there...
V

Hi Lorddicranius

You hit the point exactly, I'm using the VM which receives 192.168.0.34 set as bridged network. I believe it is getting thru my host (which is 192.168.0.3). I was under the assumption I can define a static IP in virtualmachine and it will be assigned with staticip...Looks like it is not doing it...

To further clarify, after reading thru the network settings, i have set it as NAT, which means, I cannot set ipaddress in the range of 192.168.0.xx series (so that it can be in private network), right ? , This VM being a victim vm and BT5 as attacker should also be configured in the same iprange as victim...? Am i right?
Thanks,V

HI dynamik
thanks you mate, I did tried the static ip option. I have provided static ip as 192.168.0.20. When I run dhclient eth0, you wont believe it, i'm getting a ip allocated as 192.168.0.34 Also    when it renews after n seconds, it is not assigning same ipaddress, it assigns the next increment (192.168.0.35)....strange...

Here the problem is, I couldn't identify from where it is getting this 192.168.0.34!!!!! I have been searching this now....
not sure If I will get imme answer, will update you soon.
V

Hi,
I agree it is very short and as it is vulnerable app, I would like to change the leasetime more than 3600, but the problem is even if I change it, It is not taking the value from dhcpd.conf file. Somewhere else it looks like picking a value? couldn't find the entry for it...
I have checked the Tcpipguide website and its leasetime/dhcp allocation process, everything points at same file...OR might be I'm missing something....
V

Hi Dark_knight/cd1zz

Wow, I'm working on this since the last quarter of the year during my appraisal with my employer. They are interested and given opportunity to learn (not from their pocket  ) atleast I got opportunity where I can show my passion on security/pen testing to move into Sec testing...

I have joined couple of courses (out of my own pocket) to SWSE & eCPPT. I hope by end of first quarter of this year or around April 2012, I get this completed(again it depends on how hard I put my effort).

I'm yet to start a blog to share my learning experience and articles...

Glad to see your success stories...
Cheers
Vp

Hi,
I remember going thru the same help while searched on google, my dhcp-client.conf file doesn't have entry for default, but just max-lease-time as 3600.

Not sure if anything else as a part of dhcp leasing, it updates as 1400seconds....

I will try with defaul-lease time entry and see if it changes any behaviour.

Cheers
Vp

Hi guys,
Could some one help me on DHCP lease time...please...

My query: Where is default dhcp lease time provided in linux flavours like ubuntu?

Thru google I came to conclusion it is in /etc/dhcp3/dhcp-client.conf file, where it has settings for eth0 with ipaddress, gateway, subnet, lease time etc... In my Virtual box, it is set as 3600 (seconds), but when I run the command dhcpclient eth0, it assigns a new ipaddress and shows approx 1400seconds to renew my ipaddress. Since it is one of vulnerable webapp distro, my trouble is after 25minutes or something, it assigns new ipaddress and from testing BT5 attacker vm, couldnt connect to it... Though my settings in dhcp-client.conf has 3600seconds, I think it should show around 3xxx seconds rather than 1400seconds...

I did came across /etc/lib/dhcp3/dhcp-eth0-lease file, where it has got all the dhcp setting created with few more parameters like renew/rebind etc with datetime.

I'm not clear from where this 1400seconds is been set.

I have been searching thru and couldn't find answer to it...

Please do clarify me,
Cheers
Vp

Hello Guys,
Wish you all a Very happy new year...
Let your dreams come true (certifications and career).

Cheers
Vp