Awesome!  Congrats, DrivinTin

I was looking at signing up for the classes, but not sure where I should start.  I have an intermediate knowledge of Linux, but my programming skills are basic.  I'm not sure of the languages taught in the Mukyu class, but I have intro knowledge of Perl and Python.  If possible, I'd like to subscribe into the Shodan classes to lock in the $95/month subscription fee, but I don't want to be in over my head.  Any thoughts would be greatly appreciated!

Hey tturner, any updates?

Good read.  It seems peoples belief that one can trace an IP back to an attacker is more common than it thought.  Or maybe I'm just lucky and have learned that early enough in my security training

Thanks ziggy.

Tip for others searching for ep2 on youtube, append the ep name to your search: karat caper.  The first ep should come up if you just search for the show name.

lol Great way of putting it.

Totally agreed, great stuff Don.

lol :-P

I was just listening to the Wireshark University certification video this morning and the issue with images, tables, etc is exactly why the Wireshark Network Analysis book wasn't made into an electronic version.

I've never used a handheld ebook reader, but I've always had issues reading PDF versions of tech books.  I just flip back and forth way too much for an ebook to work for me.  From the sounds of it, this is one of the issues with the handheld ebook readers too.

Just watched ep1 of "Tiger Team" (full ep via TruTV - thanks hayabusa) and the clip of ep2 (thanks for the link BillV) - good stuff!  I wasn't able to find a full ep2, but I'm going to search a few other sites after I get off work.  Watching the recon, planning, and educating the client is just as good as the attack IMO

As for "Breaking In," I have yet to watch that yet, but I'll be watching it for the comedic value rather than accuracy/factuality.  It seems its more pleasurable that way :-P

I just learned of that yesterday while listening to the ISD podcast, ep361!   They were talking about the Hartford breach and how the press release they sent out gave the vendor specific name of the virus rather than just the generic name.  Which in turn tells everybody which AV solution you're using.  That's good to know...

And those are some great tips, Sil - thanks!

Ah, good point regarding local vs remote.  I would think you'd need escalated privileges to access the SAM.  Checking my Win2k3 box, it only has permissions for administrators and system.  And I think if you have either admin or system privileges on a box, you wouldn't need to worry about the SysKey.  I think watching those week 1 Metasploit Unleashed vids from grmn00bs might of benefit to you.

I found the grmn00bs/Reversespace stuff after listening to her talk about her SMS botnet project also lol.  Heard her chat about it on PaulDotCom and Hak5 @ Shmoocon.  I've bookmarked that BrightTalk website, looks like some good videos there.

As for netcat, I don't have experience using it myself (yet), but IIRC from reading, netcat on the remote machine is the listener while you connect to the machine on the port netcat is listening on.

I did some reading on SysKey and it seems that being aware of it would be beneficial since it's an extra level of encryption on the SAM file.  From what I can gather from Irongeek's article on it though (http://www.irongeek.com/i.php?page=security/localsamcrack2), if you grab the SAM file while logged in as admin, then the SAM is unencrypted.  So then you only have to worry about cracking the hashes.  Otherwise, you're going to need the system key to bypass SysKey.  The article was last updated in 2007 though, so I'm not sure if there are other ways to bypass SysKey now.  I'll edit/post again if I find something else.

Thanks for posting this links, KillJ0y.  I've yet to watch the vids on the 2nd link, but the first video is great.  This is the first I've heard of masking for password cracking.  Is that something new or am I just behind the times?

As for Windows, just as KillJ0y said, you can use Metasploit to grab the hashes.  Reversespace has been doing Metasploit classes following Offensive Security's "Metasploit Unleashed."  During their week 1 class (can be found here: http://www.grmn00bs.com/), Georgia shows an example of exploiting MS08_067 using a payload that drops into meterpreter.  Once in meterpreter, you can issue a command that prints all the usernames and their respective hashes on the screen.  Then use whichever method you prefer to crack them.

I'm new to Metasploit, so if I've misworded something or understood something incorrectly, anybody please correct me

Gratz SephStorm!

Awesome, thanks Jamie

So I've finally gotten around to setting up some VM's (using VMWare Player), went to download Metasploitable and I can't seem to find a link that works.  Initially started here and found that the "torrent" link doesn't work anymore.  I tried a few searches around metasploit.com with no luck either.  Anybody know of a good link to download from?