 |
| |
| |
|
Who's Online |
|
We have 50 guests and 1 member online |
|
| |
|
|
 |
|
EH-Net
|
|
May 24, 2013, 12:36:35 AM
|
Show Posts
|
|
Pages: 1 ... 3 4 [5] 6 7 ... 62
|
|
62
|
Ethical Hacking Discussions and Related Certifications / OSCP - Offensive Security Certified Professional / Re: Finally took the plunge, started 08/05/12
|
on: August 06, 2012, 06:54:18 AM
|
Good luck with the course. From my own experience, try not to get too worried about the buffer overflow section. If it only seems like Japanese you're probably doing alright  . After a couple of run throughs and the hands-on examples everything starts making sense. When I did the final challenge (and (hopefully) without giving too much away from my own challanges) I finished one section, sat back in the chair with a grin on my face, and the question of 'did I really just do that' going through my mind. The material is tough, but you should get there in the end. Although I do agree with you re: offsetting courseware/lab time, I took an extension to get more time in the labs (partly for extra practice, and partly just because the labs are FUN).
|
|
|
|
|
63
|
Resources / Career Central / Re: Becoming a Pentester
|
on: July 31, 2012, 03:27:12 AM
|
|
Hi Sam,
I know a few that went through the Northumbria Uni course (unfortunately I graduated before this course was available), some mixed opinions, but it should provide a good foundation. If you're staying local to the NE, let me know and I can make some introductions/suggestions to the local IT scene if of interest.
Degree aside, I'd definitely take a look at the OSCP course as it provides a good technical foundation across most common tools and attack vectors. After that, the TigerScheme QSTM can build on the basics, whilst providing an accreditation which is valued by employers/clients within the UK market.
Good look going forwards. Andrew
|
|
|
|
|
64
|
Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: please shed some light
|
on: July 23, 2012, 03:03:40 AM
|
When working in a lab, try to ignore that your machines (and the publicly provided targets like De-ICE) are using rfc1918 address space. This is merely for convenience, if you needed public hosting and IP space for a test environment the costs would skyrocket. And it's obviously not sensible to host vulnerable systems on public facing networks. Using De-ICE as an example, the server is built as a (poorly protected) public facing system. It's not uncommon for public systems to have the same ports and services exposed to the wider world, rather than locking down administrative ports for example.
|
|
|
|
|
65
|
Ethical Hacking Discussions and Related Certifications / Other / Re: Security vulnerabilities and a vendor offer
|
on: July 23, 2012, 02:58:28 AM
|
The problem with their approach is that while a fix might be available, they are withholding important information from their clients about why they should patch!
Without more info, I'll come to the vendors defence on this one. Just because a PoC and detailed analysis isn't released doesn't mean end users (who probably wouldn't understand a PoC anyway) can't be provided with information sufficient to tell them why a patch is required. Microsoft (et al.) security bulletins will detail the scope of the effective issue, but rarely provide enough technical information to allow a third party to replicate the issue with further debugging, analysis and reversing. Do you wait or research every update to your own systems before applying? Or accept that the vendor is (supposedly) fixing an identified issue?
|
|
|
|
|
67
|
Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: An Ethical Hacker must have these skills...
|
on: July 22, 2012, 10:24:50 AM
|
I just need someone to help me in setting an enviroment and breaking into there to uinderstand what happens etc
Easiest way to start a test environment is to get a virtualisation playground (either dedicated box, or just from your main machine) and attack some vulnerable virtual systems. Depending on your needs Samurai WTF contains some vulnerable web applications (including DVWA which you mention), and all the tools needed to attack them, all in one handy package. For more information, take a look at section 2 of Metasploit Unleased (and Metasploit Unleashed in it's entirety) and/or Rapid7's article on how to setup a test lab. Both of which also link to some good additional resources for acquiring and setting up intentionally vulnerable targets. HTH, happy hacking 
|
|
|
|
|
69
|
Ethical Hacking Discussions and Related Certifications / Other / Re: Security vulnerabilities and a vendor offer
|
on: July 22, 2012, 09:15:19 AM
|
|
Interesting position to find yourself in, and in some ways I feel for the vendors position as well.
Its not unusual for security professionals to enter into NDA when dealing with a client, and in some cases the vendor can't be 'totally' responsible if users don't update their own systems (but imo it should provide default, auto update facility for a device which is essentially set and forget for most).
Ultimately, I'd say the decision is yours alone, with no real right or wrong answer. Training is expensive, and security practitioners deserve to be paid for their skills and effort. On the other hand it is likely (no offense intended) that other parties are either already aware of the weakness or will be in the future, however I'd also suggest that users that don't apply vendor supplied updates, probably arent reading through the infosec community looking for vulnerabilities in their network either.
If I was in your shoes? You've found a flaw, the vendor has resolved the issue. Hard work is done, time to get paid.
(and if this wasn't the ethical hacker network, I'd int out that coincidences happen, and it's not impossible for an unrelated third party to reverse a patch, identify the flaw fixed and release......)
|
|
|
|
|
71
|
Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: Violating ISP AUP??
|
on: July 21, 2012, 05:40:31 PM
|
I actually had this conversation with SKy when considering switching to them myself. I was informed that authorized testing was 'probably' okay, but from their legal and contractual obligations 'anything' identified as malicious is a violation of contact and potentially result in loss of service. From my knowledge of the ISP market in the UK ( and to a lesser extent, further afield) I'd be surprised if they had monitoring on the connections to this degree (or at least don't act on the information) and any investigation into violation of AUP is likely reactive, if and when a complaint is received. The price point of broadband in the UK doesn't make it cost effective for ISPs to be that proactive. That said, the information that I received from them meant I personally went elsewhere for my network connection. Personally I don't want to have to explain to a client I can't fulfil a contract as agreed because my ISP has cut me off. You're 'probably' safe performing scans over Sky, but if your performing business level assessments and services, then you should be utilizing a business grade connection, the price difference isn't too extreme. Hope this helps, (and let me know if you need a good business ISP  )
|
|
|
|
|
72
|
Resources / Career Central / Re: Hacked off with companies
|
on: April 16, 2011, 05:15:23 AM
|
Does this seem like a bad excuses ?
Seems like a fairly poor excuse to me, but if that is their stance then potentially you've had a lucky escape. As much as you want the job in infosec, the company that you end up working for has to give back in return for your work. If they rejected you based on not being loyal before they offer you a job? Something isn't right somewhere. From my own experience (UK) there are pentest jobs out there, but most are looking for people who are already experienced (standard catch22 scenario). Hope things get better going forward, keep the faith 
|
|
|
|
|
73
|
Resources / Career Central / Re: Question on what I should do.
|
on: April 16, 2011, 05:05:57 AM
|
Hey, welcome  Good career path? Depends on how much you want it. Infosec can be a great career IF you enjoy it enough to be willing to put the required work in without coming to hate the job. Unfortunately I can't really help you too much there, only you can truely answer. I'm from the wrongside of the pond to give a US answer to what you should study but EthicalHack3r/Ryan Dewhurst (also UK based) has just posted about his experiences of 'ethical hacking' degree courses. Hopefully will help you. Finally just learn everything you can, about everything you can whilst you're young and enjoy the learning; and try not to get too focused on where you want to be. At you age I was intending to be an accountant beancounter. Hope this helps
|
|
|
|
|
75
|
Features / Book Reviews / Re: Anyone read your InfoSec books on Kindle?
|
on: April 11, 2011, 03:42:57 AM
|
|
I find the Kindle great for fiction books, but for technical books I've found it unworkable where formatting and/or illustrations are important.
YMMV, but I'm sticking to dead tree versions of technical resources for the time being.
|
|
|
|
|
Loading...
|
|
 |
|