WiFu + OSWP is a great course/exam

It was my first security cert and actually convinced me to take part in other practical certificates, I would highly recommend WiFu/OSWP

If you want to learn how to penetrate wireless networks and the internal's of wifi, go check out the aircrack-ng site, its all there

If however like me you want the certification, then do it

For me, I wanted a Security certification and to experience an OffSec course, so OSWP seemed like the perfect candidate as well as I knew pretty much nothing about wireless (I'd followed a video on youtube on breaking wep previously)

So, if you want the cert, go for it, else all the information is freely available on the aircrack-ng site for absolutely free

This is where you would learn the hardcore stuff about encryption,ssl,ssh etc etc and learn exactly how the encryption works as well as the handshakes

You will there have more knowledge about how it works, only then can you come up with your own method of breaking an existing connection, bruteforce maybe?

Good luck

MaXe (InterN0T) recently passed his OSCE exam and I'm sure he's more than willing to give you a few pointers to ease the pain if you ask

I believe OSCE/CTP is mostly about finding 0days whereas OSCP/PWB is about writing basic exploits and Penetration testing in general

So yeah you Try Harder! hehe

I agree, it would be great, but then how people would actually turn up? I mean like the UK is short in terms of security professionals but with OSCP not being know by HR yet it probably won't help unless your CISSP

But I would definiately go if they did some in say London

"Put it in quotes"

Thats the SVN version so run these commands as root


That will update, configure and install the current version of the aircrack-ng suite in the same location

~ThXero

Are you using the SVN copy of aircrack-ng?

If I'm switching to a dfferent channel, I also tend to refresh my driver as well, just to make sure


Hope that helps

~TheXero

The majority of home users will have client side attacks affect them, ie phishing emails etc

My home computer security isn't as tight as I would like it to be, but it still alot better than most

Company's tend to have open ports in the DMZ for emails etc whereas the majority of home users do not

Sacraficing security to send/receive a few emails?

Well that my opinion, security definiately starts at home for sure, but like most its not a priority as they don't think they have anything on the PC worth anything even though they do online banking lol

I would love to go, however I found too short notice and it is quite expensive

I have never been to any conferences before but one day hopefully I will get the pleasure of going

As long as you don't attempt to connect to the network, or feed any data etc you should be fine

Just using software like kismet or airodump-ng on a monitor mode enabled wireless card should do the trick

It will not send any packets or probes etc, meaning that even if the ipod is not connected to anything, you should still be able to find it

Even if the network is encrypted, you will see the device(s) via their mac address, as long as you have that, you will be ok as mac addresses are unique, there should be no two mac addresses in the world that are the same

Hey

I'm also in the UK, I only have the OSWP is terms of security certifications

It took me about 6 months to get a job after leaving school and I was using AP group (the recruitment agency)

I'm currently doing self study on Exploit Development and reverse engineering to better broaden my security knowledge and will be taking OSCP later this year

Personally, I would say 1 day per week is not enough to focus on making progress, IT/security changes everyday. Even though I work full time on an IT helpdesk, I spend most of my day doing research even though the helpdesk is one of my main priorities

~TheXero

This is just a video from MaXe's haxxme #4 at InterN0T

The official documentation for this has been available for a few weeks now

Just remember, some malware will detect that it is in a VM environment and will not operate to avoid these malware labs, and some can even break out of the VM environment and attack the host system

~TheXero

Enable MAC Address filtering
Enable Shared Key Authentication (if the DS supports it otherwise open)
Use a long key (26 characters etc)
Change the key on a regular basis (new key every day?)
Turn it off when not in use

The thing is though, WEP can be cracked over the internet, have a look at easside-ng and buddy-ng

Or

You could have 2 routers, and have the WEP router piggy back off of the same internet connection

Good Luck