oops, I missed Sil's second link. RWSP sounds gnarly.

That makes OSCP look like childs play.

sil

Can you talk a little about the BH class you mentioned? How long is it? How is it setup? Is it just a big lab with attackers and defenders? Sounds really cool.

I have heard nothing but good things about the SANS courses. For your requirements, I'd start there. The offensive security courses are great too, but its not as focused on your requirements.

timmedin is right on. Passphrases are the way to go, especially if you can avoid dictionary words. However you dont want passwords so complex that people are leaving sticky notes all over the place. But this is where some education or help to your users will come in nicely.

Do you fall under any compliance or government regulations?

First, familiarize yourself with the RPC protocol by reading the RFC that details that protocol. Also, you can look at existing exploit code and compare what is there to what a normal packet looks like after you read the RFC. If you dont want to look at the metasploit code, look at this python code http://downloads.securityfocus.com/vulnerabilities/exploits/31874.py

Courtesy of @backtracklinux

http://www.backtrack-linux.org/backtrack/backtrack-5-screenshots-wip/

That a great piece of concrete advice for someone trying to make a statement in the industry. I agree. The rest of your posts were negative for my taste and if you had a positive/constructive message you were trying to convey, I didn't understand it until now. You've got a different style than I do. To each their own. Good luck skitch.

Dude, no one is saying the OSCP is the end all be all. It cant hurt the guy for doing it. Certifications can get your foot in the door sometimes but you can quickly become exposed if you don't really know what you're doing.

You're taking the gloom and doom approach to this post. I'm trying to keep the kid positive but keeping things in perspective. Sounds like you're telling the guy to just go to work, don't get any certs because they all suck and nothing is replaced by experience. I think he certainly understands that experience is necessary, but why diminish what he's accomplished?

For a lot of people who want to get into this stuff, something like the OSCP can show you things that are possible and help you see things outside of what you saw before. "Broaden your horizons" if you will.

Of course seasoned pentesters wont have OSCP, why would they? It's too new. They dont need to have it, they already have the job and the valuable experience. They have no need to get their foot in the door as he would since he's just starting out.

I think you forgot that this is someone that is just starting out. It's not like he can put on his resume that he hacks his home lab and practices all the time and anyone will give a crap. But, he can put letters on his resume that might get a hiring manager to take a look at his resume.

I think its foolish to say that for someone just starting out that a certificate wont help them, even if its just from a knowledge perspective and not a professional perspective.

I beg to differ. If he were trying to become a pentester, the company would certainly be aware of OSCP. I don't think that anyone is going to argue that the offsec labs are real world examples, but its a close as any other cert can get for learning fundamental skills. Also, those labs don't require you to just "fire off tools" either. Did you take v3 of the course? I also wouldn't diminish the fact that this kid in college obtains that cert while he is going through school. That is an accomplishment and something to be proud of.

I also think that college gives you a framework on how to think. It's not really the content, rather the thinking methods that college teaches you. I use about 1% of what I learned in college but I certainly use that way of thinking on a regular basis.

Obviously you cant go out and buy experience. With that said, you're better off than most graduates if you've already nailed a couple certs in addition to your degree. Not to mention a very technical, hands on cert as in OSCP. That can kind of replace your lack of experience at this stage of the game. That cert means you dont just know how to memorize information and take a test. It took creativity and skill to accomplish. That has value in and of itself.

Stay positive and understand that this is a long road, experience builds over time and the next thing you know, you'll have 10 years under your belt. Good employers will recognize talent (assuming you interview well) so hang in there and keep making the right moves, it will pay off.

Also keep in mind you may not be able to walk right out of school into a pentesting gig. You may need other experience first and then move into that role. However, like I said before, if you interview well and can communicate your value and skills, you could bypass someone who has more experience.

Why not just make your MITM box the default gateway? Have the router give out the IP of that box for the gateway and boom, everyone is sending all traffic right through your machine. This is just for practice right? You're not setting this up trying to lure people into it are you?

Do the OSCP and buy lots of lab time if you can. That's a great way to get hands on experience. They've got a pretty interesting lab and you can be exposed to a wide range of vulnerabilities. AND, all the boxes on the lab can be popped.

After you go through the course you can build your own lab of VMs to keep practicing. Good luck!

Read KrisX's review and here is my review:

http://networkadminsecrets.blogspot.com/2010/12/offensive-security-certified.html

You probably contact them. For the OSCP it was challenges@offsec.com.

There are a few wordlists in the /pentest/passwords/wordlists/ directory......even one called "WPA"