You are limiting yourself to one or another? Why can't you continue working and study at the same time?

I got out of High school and started working full time, I began studying for a CS undergrad in the evenings while my employer paid for the classes. Doubling up on night and weekend courses I completed my undergrad in 2.5 years.

Towards the end of my undergrad I got married and had a child. Once I finished the undergrad I was still working for a company who then payed for me to go to graduate school to obtain a masters in Network Security. That one took a little longer since I had a child and was doing some consulting.

But here I am, 26, Masters, Undergrad, 2 kids now, and I haven't stopped working since I was 17 (technically 13 but I don't count high school jobs.) I only have one certification and that is because my former employer mandated I get it within 6 months of being hired. I don't waste time with certifications for many reasons, the largest one being the waste of time required to study and retest every 3 years.

Many decent employers will at least partially pay for school, so why not find a decent employer and work and study at the same time?

Although those are all great books you listed the teach concepts and I think what you are looking for is language type stuff.

First and foremost, the best way to go is start taking binaries apart and if you don't understand what an instruction does look it up in the intel manuals

http://www.intel.com/products/processor/manuals/

Secondly, Grab a great book

http://www.amazon.com/Assembly-Language-Intel-Based-Computers-Textbook/dp/000501395X/ref=sr_1_6?ie=UTF8&s=books&qid=1268967921&sr=8-6

Get mixed in with an RE community, you will come across some type of code that you've never seen before and you will need the help of someone who knows. Of course, don't ask a question if the answer is contained within the first few pages of google search results.

http://www.openrce.org
http://www.reddit.com/r/reverseEngineering

Another great Assembly guide, more so a quick start than anything else, is the appendix(s) of "Write Great Code", both of which are available for free.

http://nostarch.com/greatcode2.htm

Another resource you will need is on the Debugger you are using, and the disassembler. If you are Using IDA Pro, then hands down Chris Eagles book on IDA is the one to read. If you plan on using Immunity Debugger or Olly Debugger I'd spend some time going through the google pulling out tutorials and learn all you can about the debugger. If you plan on using WinDbg

http://www.amazon.com/Advanced-Windows-Debugging-Mario-Hewardt/dp/0321374460/ref=sr_1_2?ie=UTF8&s=books&qid=1268968251&sr=1-2

Cheers

If someone really wants to RE it and implement it for themselves they will...regardless of what you do to it.

It doesnt stop you from understanding it, but there can be tar pits in some areas.

I RE embedded systems everyday and I pretty much use a handful of things:

Primaries: IDA PRO and GDB

aside from that I use a hand few of custom tools and a lot of python.

There really isnt any book I can give you, and there really isnt an order. First I would read the book "Real time concepts for embedded systems" Then I'd read the book for the microprocessor the device runs on.

Aside from that it just takes a lot of doing and a good support team. There is not much info out there on REing embedded systems so having people to goto for questions is essential.

Keep in mind though, RE work is resource intensive. A single person with 5 years of experience, who works on a small device can take between 3-12 months to RE the device depending on the objectives.

This is going to be really complex, as it's not something you just jump into randomly some day with the expectation of pulling back perfectly readable code. Understanding programming concepts is really important, and understanding low level data structures is even more, but you are wanting to go pretty low level.

The basic answer is you will not get 100% correct human readable code as aspects of the code are lost during compilation. If you really need something analyzed it is best to hire someone who has done reverse engineering on embedded systems before. Windows RE Analysts may work, but only a select few as pulling apart embedded systems and microkernels is much different from pulling apart windows binaries. 

quser /server:<server>

qwinsta /server:<server>

Reading the output the exploit can't bind to the named pipe due to one of many factors, most like it is not there.

Your problem most likely lies with the fact that the Remote Access Connection Manager service is not started by default for all supported Microsoft Windows operating systems with the exception of Microsoft Windows 2000 Service Pack 4.

But this is only a guess as I have no further information regarding your target.

Why not grab the O'reilly book "Learning Python" and "Python Cookbook" and just start hacking code.

Come up with projects to do, even ones that already exist, and convert them into python. Make up a list and start working on them after reading the first 8 chapters of learning python. Use the books as a guide, don't try to read them. Attempting to just read a programming book from cover to cover is not an efficient means to learn a language. Immersing yourself in it, is imho the only way.

Seriously? QBasic? People use delphi and fortran more than they fucking use Qbasic. Not to mention it's useless.

He'd waste time learning it for nothing.

Review:
http://carnal0wnage.blogspot.com/2009/05/gray-hat-python-python-programming-for.html

Assembly Language For Intel Based Computers, Intel Manuals, and Wrox Professional Assembly Language.

strcpy shouldnt be having any issues interpreting the tab character.

However, your bigger issue is working on a fully patched system running XP. If you are just starting out might I suggest using either Windows 2000, or a linux system and disable the stack protection.

Your hinderence is going to be the protections on XP, it's definately not a good "learning overflows" platform.

Books always top my list!

When it comes to books I tend to be cheap, especially at $50-$150 a book for our industry.

I think a far better idea than cold calling companies or asking for price ranges on a message board would be to get a job in the industry. Not only will this give you an idea of how to structure your fee's it will offer (if you take advantage of it) a proper business mindset and insight into the other side of penetration testing.

Just having a certification does not necessarily mean you can go off and start pen testing companies. There are many elements to going off on your own, business development/operation is a quintessential skill. How do you plan on obtaining customers? Do you know people, or do you plan on cold calling? If you plan on cold calling your failure rate will be relatively high, especially if your name is not known. This is where getting a job in the industry and taking advantage of the contacts you make over a year or so comes into play. Aside from that, what Chrisg might charge will be different from what I charge, or what Kev or Don charges. Everyone has a different set of skills and experience that warrants a higher rate. I can tell you how much I charge but it does not do you any good. I'm not a CEH and most likely never will be. I have a single certification, but I've got degrees to include a masters in Information Assurance. On top of that I have years of experience in doing this, tried and true methodologies and a nice sheet of people who have given me quotes saying "He's awesome, hire him!" All of these elements allow me to charge more for what I do.

It's not necessarily a false positive, it's just a lack of understanding of named pipes.


Windows 2000 Null session restrictions has 3 values.

Value 0. No restrictions
Value 1. Prevent direct enumeration of accounts and groups using the samr named pipe.

But... There are 6 hardcoded named pipes in win2k

Value 2. Prevent Null sessions (anonymous connections to the IPC$)

So, To solve your problem change the registry value to 2, and re scan! Your problem should go away