@skk - even I struggled with the buffer overflow material of OSCP and wasted most of my lab time.
I finally managed to figure it out when I tested it in my own lab and got a shell on the victim machine. Hence my suggestion, move on with the rest of the course and do not waste your lab time on buffer overflow exploitation. Once your lab time is up, you can focus on testing it locally.
Hey there.. A person with your background will be in demand these days.
If you consider a more managerial cert, you can look at CISM or CISSP. If you consider a technical cert, you could try OSCP. If your company will sponsor your training, attend the SANS 560 course for penetration testing.
I think I have the first question figured out, but the rest of the packet capture is beyond my comprehension.
Thanks for the hint... time to investigate further.
Oh and i loved the scan of the month challenges.
Open up the capture in Wireshark, right click on the first packet and select Follow TCP stream. In the drop down, select the second option, (181875 bytes), save that as a file named "output" If you're on Linux, type: file output to find out what kind of file it is and go from there.