|
Ethical Hacker Community Forums
|
|
October 12, 2008, 04:24:20 AM
|
 Show Posts
|
|
Pages: [1] 2 3 ... 30
|
|
6
|
Ethical Hacking Discussions and Related Certifications / Hardware / Re: Encryption
|
on: October 06, 2008, 03:40:41 PM
|
|
Scucci,
I've only got limited experience as I've only used one of the products that you mention, and only from an end-user perspective. My employer recently rolled out CheckPoint PointSec, and I managed to get it to hose my laptop within a week. Hard-drive would not boot past the PointSec login, obviously HDD is encrypted, so recovering data was not possible. Thank goodness for good backup policies.
It seems the system didn't like being booted from a USB stick into BackTrack (disclaimr: may not have been the pen drive, however ran Windows [I know...], booted to Backtrack, back to Windows, dead box)
However, with the exception of my box, the system was successfully rolled out to many users without issue. Buyer beware, in this case backups and system restores covered my a$$.
|
|
|
|
|
7
|
Ethical Hacking Discussions and Related Certifications / OSCP - Offensive Security Certified Professional / Re: Next Up OSCP101 v2.0
|
on: October 06, 2008, 09:46:08 AM
|
|
Dark_Knight,
Hope you enjoy the OSCP. From my experience it was a great course and I learned a lot (and confirmed a lot of stuff I 'sort of' knew from other sources). My lab time (took 60 days) finished around a month ago and I have the exam scheduled *soon*.
I'd advise not taking your foot of the gas (as I did) if you start to get through the material quickly. Some of the final challenges and extra miles can be challenging and time consuming. Plus I would have liked to have spent more time 'playing' in the lab after completing the required exercises.
Let us know how you get on, specifically I'd be interested to see how the material compares to the CEH you've already got, as it's on my list of potential 'nexts'....
<Edit> as a side note, any advice from those already passed the exam would be appreciated as I'm starting to get slightly nervous...</Edit>
|
|
|
|
|
9
|
Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: What info can be obtained just from IP
|
on: October 03, 2008, 04:29:57 AM
|
The level of information often depends on the thoroughness of the organisation if they have provider independant (PI) IP space, or the thoroghness of the local internet registrar (LIR) if they have provider aggregated (PA) IP space. From a whois search on the IP you should be able to get valid information for the organisation actually using the IP (this is a requirement made by the regional internet registrars (RIR) [at least in Europe, RIPE's authority]). However often these records are ambiguous or outdated as they are not updated as regularly as they should be. Also some larger LIR routinely assign IP space from a large allocation (typically a /19-/24) and only update the whois records for the parent block. Another useful tool for recon work is myipneighbors/, as it allows you to find other domains using the same IP. This is useful for services running virtual hosts on the same server or shared colocation environments. It's worth noting that the above techniques do not cause any traffic to reach the target from your IP address, so they are silent in that regard. Obviously once you start stepping up a gear with port enumeration and banner grabbing etc. this changes completely. Hope this is some help. |
|
|
|
|
11
|
Resources / Tools / SysInternals Update
|
on: October 02, 2008, 03:55:46 AM
|
Guys, looks like the SysInternals suite has been update. The ISC state it better than I could: Christmas in October!
Frequent contributer Roseman pointed out the release of updates to the free SysInternal's tools. For those of you who regularly use the SysInternals tools to debug and understand Windows you understand when I say this is like an early Christmas. For those of you who are not yet enlightened about SysInternals...you should take a look.
The major change is a update to Process Monitor..."adds real-time TCP and UDP monitoring to its existing process, thread, DLL, file system and registry monitoring."
Get your stocking fillers HERE |
|
|
|
|
12
|
Ethical Hacking Discussions and Related Certifications / Malware / Re: Whitehat rootkits to prevent theft?
|
on: October 02, 2008, 03:23:34 AM
|
NickFnord, just come across this story on Slashdot which may be of interst After his computer was stolen, Jose Caceres used a remote access program to log on every day and watch it being used. The laptop was stolen on Sept. 4, when he left it on top of his car while carrying other things into his home. "It was kind of frustrating because he was mostly using it to watch porn," Caceres said. "I couldn't get any information about him." Last week the thief messed up and registered on a web site with his name and address. Jose alerted the police, who arrested a suspect a few hours later. The moral of the story: never go to a porn site where you have to register. |
|
|
|
|
13
|
Resources / Tools / Re: ServifyThis
|
on: October 01, 2008, 09:51:49 AM
|
Don, nice heads up, my brains boggling with ideas (all of them ethical of course  ....) |
|
|
|
|
14
|
Ethical Hacking Discussions and Related Certifications / Malware / Re: New DOS Attack Is a Killer.. (from Dark Reading)
|
on: October 01, 2008, 09:43:47 AM
|
|
Brian,
I read this over at DarkReading earlier today. I'm hoping it's more hype than substance as this could be fairly nasty if it lives up to billing. Can't see too much point in worrying at the moment though, as there aren't enough details release to the mainstream to work on a defence, and supposedly there are no work arounds at the moment.
Think I might start panicking if future developments on this go sour...
|
|
|
|
|
Loading...
|
Forum 
Malware : New to Computer Exploits
News Items and General Discussion About EH-Net : [Article]-MS Blue Hat Hackers Headline Chicago Security Con
