amede0, if you search the forum you'll find some topics about Hacking for living.

Good luck!

amede0, unfortunately I don't know the answer to your question, but I am sure that if you send an e-mail to E-Council you will have an answer.

I may be wrong, but as far as I know it's not enough to work in a security related field if you choose the self study route, you have to have 2 years of experience in a security field also.

amede0, congratulations for you CCNA certification! Great job!

C|EH will surely be useful for your goal, but you'll have to have some hands on experience also. C|EH certifies that you have the knowledge of how to do things, not that you are also really capable in hacking. Please note that I say this assuming that you have only networking experience.

If you'll search the forum for a topic named "The value of certs" you'll make yourself a good idea of what I wanted to say.

Another really good course is OSCP, check out the topic related to it in the Certifications section of the forum.

I simply don't see the point in starting netcat at a "specific" time for learning purposes ... why just don't start netcat when needed or permanently start as dean explained?

And I never said that just using netcat implies malicious intent. The malicious intent I was thinking of is the one above.

But hey, the important thing is that kthc got the answer he was looking for.

Welcome to Ethical Hacker Network.

Hope you noticed the ethical part of the name, and we are hoping that you are going to use netcat for ethical purposes (for testing, learning etc.) on a system that you own.

If you want to start netcat at a specific time with the purpose to open a back door to that system with malicious intent, we totally discourage you in doing this.

But to answer your question:
- Windows - use "at"
- Linux - use "cron"

I don't know if Languard can help you with this, but surely Kismet can.

Just put your card into promiscous mode and start Kismet, and if there is enough traffic finaly it will display also the network range used by the wireless network.

Looks like dean is right, WPA2 is also vulnerable to an off-line dictionary attack.

Last time I used aircrack-ng suite for a wireless hacking demonstration there was nothing about WPA2 dictionary attack in the aircrack-ng tutorials.

Good thing to know, thanks dean!

Congratulations blackzarro!

Good luck with your new position!

Why spend time&effort on setting up a wireless IDS when you can improve your wireless security settings?

If your access point supports it, you should switch to WPA2 encryption (not vulnerable to attacks yet). Scan you computer for keyloggers or backdoors, review your wireless settings, update your wireless card driver and that should do it.

But, if you are willing to spend time in setting up a Wireless IDS, you can use Airsnare in order to be alerted when an unfriendly MAC address associates with your access point, but if you want to be protected for future attacks, my opinion is to use Kismet. Kismet can be set up also as an WIDS. You will be alerted when someone is wardriving near your location, if various attacks are performed (deauthentication etc.). I don't know if Airsnare has the same capabilities as Kismet does, but I am only familiar with Kismet.

The hacker can sniff your packets in passive mode, but if you are using an encryption method that's secure enough you should have no problems.

But, before doing any of the above, maybe it will be a good idea to review your AP logs, you can find out from there if someone else successfully authenticated with your AP.

From the description of the course you can see that it's based on the aircrack-ng suite. The aircrack-ng suite is also described in the CEH course, but I think that the BackTrack WuFi will be in more detail.

Please note that this is just my opinion, I didn't attend the course.

Other opinion is that you can't consider this course as a precursor to CEH, the Offensive-Security 101 course could be considered a precursor to CEH.

York_daro,

The price of the certificate shouldn't be an obstacle to you.
This depends if you really want to test you knowledge and to be able to prove you employers that "you know what you are talking about".

If you really want to take a cert, in my opinion you have two choices:
1. Self study. If the price of the course is to high for you, do a lot of self study. Use virtual labs, read books etc. When you feel confident about your knowledge, you can take the cert, the price of the exam is not that high (non-US guy oppinion here also).
2. Prove you employer that you are willing to specialise youself in security, and, if this is important for him or the company's project, maybe he'll support the price of the course/exam.

Please note that both of the choices depend very much on you commitment to you goal.

Hope this helps...

Hello everybody,

I'm not new to this forum (I posted only twice in the past), I am reading it for the past few months and I want to thank don and all of you guys for making me come back every day eager to check the new posts.

On topic now: I passed my Security+ 2007 on 28 August with a score of 836. I studied about two months, tried to do it every day but not all the time I could do this.

The books I used:
Microsoft Press - CompTIA Security+ Training Kit - 2003
Que - Security+ Training Guide - 2004
Syngress CompTIA Security+ JK0-010 Study guide and practice exam - 2007

Although the Syngress book was related to JK0-010 exam not SY0-101, it help me very much to understand very well some things that were not that clear.

I was expecting an easy exam, but, for my surprise it wasn't that easy. It made me think a bit. Also I didn't know that I am taking the 2007 version of the exam, but in the end, when I found out this, I was very proud.

Next step will be OSCP blackazzaro recommended and then, of course, CEH.

I hope that I would become an active member of this forum.

Regards,
Florin

Thanks for your replies guys.

But I was interested in alternative methods that I can use to detect and map the AP.

From what I know the GPS method has some limitations - it can't be used to detect AP inside buildings.

If someone can give me a valuable hint I'll greatly appreciate.

Hello everybody,

Lately I’ve done some wardriving sessions through the company’s premises to discover if there are any rogue access points attached to the wired network.

I discovered some APs but what I am interested in is how I can map/plot these APs into something like Google Earth.

I am using Backtrack with Kismet as software, and a laptop + Ubiquity card with external antenna as hardware.

I know about the solution with a GPS receiver that works pretty well with Kismet, but since I don’t have such a GPS device yet I was wondering if there are any other alternative solutions for doing this instead of using a GPS.

Thanks in advance for you answers.