Yup, That'll ruin your day

And if you are on a .mil domain, you can get the full version. I just recomend against letting it do the remediation. If you let it at it, you will have a "secure version" of XP that you can't use. But you are right on there Bill, it does come up with some registry edits.

I like what I have seen of Win 7 so far. The code for the RC is even more refinded than with the beta and it runs smokin'  compaired to eith XP or Vista: At least according to my stop watch during boot up. Good luck.

If you really want to get into the nuts and bolts, then Gentoo may be the way to go. It is not too unfriendly, but is not nearly as friendly as Ubuntu. I run Ubuntu as my alternate desktop and am thrilled to no end that BT4 is debian/ubuntu based. Get a live CD of whatever distro and play around with it. Find what works right for you. There are so many choices it is unreal. Once you find the distro you like, than it comes down to what desktop, kde, gnome, xfc, etc, that you like. Again, you will find no clear consensus on that either. Good luck.

We see that all the time when we do C&A testing as well. More often than not, it is something from Cisco. Chances are that what you are logging into is a web management interface for whatever device. As Katchup said, nmap and nessus work great for figuring out what the web serveer belongs to. Good luck.

If you are looking for what they used to lock it down, look at teh DISA web site. You are looking for the STIGs. If you don't start from the get go with the STIGs you are in for a long haul trying to meet them.

I wasn't trying to suggest that you were a noob. I jusst did not know your background and I would give the same advice to pretty much any one out there. After all, we live in a MS domincated world. Back on topic though, we do pen testing where I work, but it is usually associated with doing certification and accreditation testing. We get contracted to do the vulnerability assesment and then often come back and then do a pen test on the system. What you are seeing is that there are few if any that do nothing but pen tests. My background includes a BS in Software Engineering and a Masters in InfoSec. BEing able to read and write code helps, but I wish that I had more sysadmin experience. So as former33t said, do some non-profit work. Programming will never go away. We are too wired these days. Good luck.

Hang in there. First off, you don't need the degree to get into the field. It helps, but is not the end all be all just as certifications are not. With that said, anything you do will help you out. Pen Testing is not something you just jump right into. Look at a few books out there like "Hacking: the Art of Exploitation" or others. We have all read this or a similar book at some point. Start looking for ways to gain exprience in the general IT world. There are a few good threads on here about the skills that we should have. I wish I had the link handy for you. You need to know a bit about a whole lot of stuff like networking, linux, windows, and some programming (scripting). Just to pick a few. I would suggest trying to find a tech support job with Best Buy or soemthing where you can get soem hands on with various different systems. I did soem part time consulting prior to getting the job I hold now. That let me get into some sys admin and networking experience. take your time and look at what is out there. As far a certs go, look at the net + and security + form CompTia. These are good entry level certs that will open your eyes. Look at using a Linux disto if you have not used linux before. There are live cds that you can use that will not affect your host system. And a last piece of advice, find a mentor that can help guide you. This could be one of your instructors or some one that has been in the IT field for a while. Good luck.

My experience with background checks would suggest that the more honest you are the more likely you are to be granted a clearance. I would be honest about where you liked. I live at where ever while at the university. I was also coutioned for possession. The thought process is that if they have to dig for information that you could easily have given, they may think you were trying to hide something and denie you your clearance. Just a thought though. Good luck.

My first presentation was to an auditorium full of E-8s and E-9s while I was a lowly E-5. Again, the best advice was already given, know what you know and what you don't. They will have far more respect for you if you are honest with them. Getting shnoockered before hand might help too . Good luck.

And don't forget the swiss army knife, netcat. You can always try connectign to the suspected port with nc -v 192.168.1.1 x where x is the port you want to connect to. If its open, you'll know along with its banner. Good luck.

I also noticed that I do get beeter results with Retina if I have credentials. Unfortunately(or furtunately), our cleint will not give us credientials. Happy scanning.

You would be surprised. If you are part of the program, you have pretty much unlimited physical access. With that said, the place is wired out the whazoo with video and other physical security implementations. Yes, the insider is a great threat, but it would be hard to get away with anything there.

On our big contract we regard the insider as the biggest threat to the system if for no other reason than the system is not connected to the internet. With that said, insiders are still a huge threat. Easily half the systems I looked at last week had a boot order that would allow a system to boot from some other media than the first HD. They could also be booted into the BIOS with PWs and had the order changed there. On top of all that, the insider has one thing the outsider doesn't, physical access. We'll see where this goes. Thanks for the news.

They are supposed to preffer small businesses.....