EDIT:Ok, so it's been a while since I was a member of THA, but when I went through it was a good program. Despite the corny advertising, I remember the information was pretty decent, and there was an opportunity to communicate with the staff.

While some would disagree with me I would suggest looking at Mile2's offering in this arena, the CPTE. I did go through their training material and I enjoyed it much more than EC-Council's version. The cert itself may have no value, but I liked the training.

https://www.christophertruncer.com/red-teaming-a-ccdc-practice-event/

Pretty good review of an event the author participated in.

I won't comment on whether the CEH will help your career or not, but I do not support EC-Council as an organization. Good luck with the GCIH.

Reviving dead threads is not generally a good idea. but since you re here, the OSCP is not for beginners. Look into the elearnsecurity course.

It detected a trojan, i'll have to try to have them get the name.

So what do you guys think happened here?

exactly I was thinking maybe the first trojan wasn't encoded, designed to be detected, whereas there was hidden malware that wasn't detected.

So someone I know got hit with some malware recently, and i'm trying to understand exactly what happened, as best I can. Heres the sequence.

non admin User downloaded a zip file, and scanned it with MSE. While MSE didnt alert (strangely) it did in fact detect a trojan in the zip file and it was supposedly removed.

After the scan the user preceded to unzip the supposedly now clean zip file. This triggered some kind of malware that killed MSE, User immediatly took remediatory action.

Now, it appears to me that one of several possibilities existed... here are my thoughts:

original trojan was easily detected, was this intentional, perhaps luring the target into a false sense of security?

traditionally trojans drop files, or provide access through which further comprimise can occur. There have been no indicators of further comprimise, what am I missing?

What caused MSE to be killed? I know that commands can be executed to kill AV, but they generally require Admin or SYSTEM privlidges, user was un-privlidged. I thought maybe some sort of client side exploit to gain privlidges. I'm just not sure.

Finally, the user immediatly pulled the network cable, scanned the computer in safe mode, and regular mode with up to date scanners (3) and nothing else was detected, but can we trust this? outside of MSE which was originally killed, the other software installed at the time did not stop or detect an attack. In addition the user ran a networksniffer, and did not detect any malicious traffic after the comprimise...

Thoughts?

Nothing posted yet, I assume it'll be up tomorrow.

Yes, I am US based. Right now I am looking at contractors.

I do agree with an https login. Personally it stresses me out whenever I seen a sign up form on a website where I have to enter any PII or email address unencrypted...

I might give the xp one a shot tomorrow, thank you. Any thoughts on my resume, or companies I should look at?

Big News!

REBOOT's release is only 3 days away! On 12.12.12 @ 12:12am you can purchase the HD download of the film via our site. We are thrilled to finally share the film with our amazing fans. Thank you all for your patience. Stay tuned for the link to our purchase page which will be up shortly. www.rebootfilm.com #rebootfilm #rebootlaunch #12.12.12

Hi all, it looks like its time for me to transition from the military, and I am looking for a job, in the interest of fairness, I will say I am expecting to be available at the end of January or February. If anyone is recruiting or has any positions that I may be able to fill, please feel free to PM me for contact info.

A little about myself: self-starter, highly motivated about technical work looking for an SA/NA or Security position I have knowledge/experience with systems administration including troubleshooting, Active Directory, OS Support os XP-W7/W2k3-2k8, visualization technologies (VMWare)
Network Administration-experience deploying and troubleshooting Cisco network devices (mainly switches, in my career, Routers and ASA in lab, not sure if I need to make a point of that)
Information Security-Familiarity with STIG requirements, experience with vulnerability scanning and remediation for computer vulnerabilities. Familiar with Retina, Nessus, and Nexpose software. Taken courses in intrusion detection and incident handling.

Resume attached below. I'm looking for positions ideally in FL,GA, MD,VA. in that order, but I am willing to relocate worldwide. A question I would have for you all would include what kind of position should I be looking at with this set of skills? What would be a reasonable salary request? Thanks for your time.

If I did, I want aware it was active.