M$ problem solving: Minor problems - reboot, major problems - reinstall ...

It seems that you are mixing routing and bridging.

Did you create the bridge in windows ? You'll have to do that manually outside of openvpn.

Do you really want to bridge ? (it's not advisable if you're connecting via the internet, a lot of unnecessary traffic will go over the wire...)

If you decide to use routing (that's what I would do) remember that you'll have to activate routing (IP-forwarding) in windows either via MMC-SnapIn "Routing and RAS" or via setting the registry key manually.

BTW, if you don't specify "pull" in the client config no setting will be pushed from the server, so have a look at that too.

Never had any problems.

Post your config if you need help.

A DMZ is another layer of security and you never can have too much layers when you are about to secure your network.

If you need to make a system accessible from the Internet I can't think of any reason to put such a system directly in a internal network - that would be the worst possible solution.

No matter what tool you are using you need a hardware write blocker to be absolutely sure to get a forensically sound image when doing it in windows.

There is a registry key to prevent write access to USB devices but I would not rely on that...

That is not a question of money. What you need is a concept - and the very same idea can be set up with $10.000,- or $100.000,-, the difference is reliability and the real level of security.

You can set up a system with a DMZ, an IDS, an IPS, firewall, proxy, mailserver etc. using just one Linux-Box - or a bunch of high-end servers, routers and appliances.

All depends on the needed level of security. As negrita pointed out you'll certainly not choose the option with one Linux-Box if you need to secure top secret information, the more applications runs on one system the more vulnerable it will be.

But for the scenario Don has described I would definitely go for the one Box solution to start with, it is easy to extend such a system as needed. I think the biggest problem in that scenario is who would be the person to do the job. A startup with 5 people will rarely hire a skilled admin ...

If you are in need of security you would not allow any encrypted traffic into your network - be it skype or any other app.

Terminate any encrypted channel at your perimeter if you really need security, otherwise you'll always be in big trouble....

It depends what cert you are talking about.

Certs which require a practical cannot be done only by studying braindumps, but there are not that many that require a practical (Red Hat, EnCE).

All of the mainstream certs (M$, Cisco, EC-Council etc) can be done just studying braindumps, but those who take them that way are easily spotted when they face the first real world problem (most of the certs have nothing to do with real world scenarios, thats one of the biggest downsides of these certs).


 

It depends on your needs...

If it's for gaming or just sharing some MP3s - go for it, it's easy to use.

If you need a secure VPN solution to transfer sensible data - don't even think to touch it. How a VPN going through a server which is completely out of your control can be secure ? I would never trust it, but perhaps I'm paranoid.

I mostly agree with Negrita and Kev and I'd like to add another reason to use those kind of "study guides":

I've taken a number of different kind of tests so far (M$, Comptia, Mile2, Guidance) and found that the content - what was asked for - is somewhat questionable in a lot of these tests.

On one hand there are a lot of questions where the whole content (the question and the proposed answers) has nothing to do with real world or at least comprehensible  scenarios, on the other hand on some of these exams there are outdated and poor worded questions where even the meaning is hard to understand (not only on these study guides, I've seen this kind of questions on live exams too).

Even if you really know your business sometimes it's really hard to guess what answer they want to see - and that can make it sometimes hard to pass an exam without having the possibility to prepare yourself by the means of these "Study Guides".

The point is that the questions in these guides are often worded as bad as they are in the real exams - so without posting a question exactly as it is printed sometimes it is not possible to find the wanted (not necessarily the right) answer...

I agree that the Answer would be C.

But sorry Negrita, I somewhat disagree with your explanation because:

1) though it is still possible it's not very likely that somebody still has valid accounts/passwords in the dummy passwd file used by most ftp-servers
2) why an attacker would wait more than 36 hours to login after retrieving a valid account ? (sure it could have happened that way, but I don't think so.)

Look at these entries:

It looks like an attacker has first discovered a certain version of DNS-server-software (most likely some vulnerable version of bind), then exploited a buffer overflow (NOPs are often part of the payload to exploit buffer overflows) and then logged in first with an unprivileged account and then su'ed to a privileged account...

BTW, I found that log somewhat familiar - if you are interested in the whole story have a look here

That query works, but you have to add a space after the double dash to get it working.

Harlan does a lot of great work - but why should somebody need to determine the OS from a RAM dump ? When you're in front of computer doing a RAM dump in general you know what operating system is running on that box.

What do you think about, perhaps I'm missing something?

Of course, but you don't need a wireless card to crack the key, you'll use it just to capture data.

Multiple wireless cards won't give you the ability to do multiprocessing as opposed to have multiple processors.

I canot see the reason why WEP would be cracked more quickly using 8 cards instead of one.

In most cases you'll just capture traffic sent by the access point - so one card will do it. In case that you're running a replay attack with ARP packets  you'll flood the access point with packets at the speed it supports, so where's the advantage of using multiple cards ?

If you are trying to crack multiple access points you'll benefit from that box, but I doubt that you'll get it done quicker when just targeting a single access point.