cd1zz

Forum Replies Created

Viewing 13 posts - 526 through 538 (of 538 total)
  • Author
    Posts
  • #37659
     cd1zz 
    Participant

    n1p

    Which file did that come from?

  • #37649
     cd1zz 
    Participant

    This doesn’t look malicious to me. Why do you think it is?

  • #37616
     cd1zz 
    Participant

    Just depends on the situation but there are some good ideas here: http://nmap.org/book/man-bypass-firewalls-ids.html

  • #37461
     cd1zz 
    Participant

    It really depends on your background. I went straight to the OSCP but I also had 10 years of network admin experience and a casual interest in infosec. I recently finished my OSCP and detailed my experience on my blog. I highly recommend it, it was an unbelievable experience.

    http://networkadminsecrets.blogspot.com/2010/12/offensive-security-certified.html

  • #36755
     cd1zz 
    Participant

    big_fact_hunt

    If I were you, run Ubuntu as your OS but take advantage of Backtrack. Like chrisj said, dont re-invent the wheel. Using their virtual machine you can blow it up and you wont mess up your host machine.

    http://www.backtrack-linux.org/downloads/

    The forums are pretty active so you can always ask questions here but if you’d like my personal email address just send me a private message.

  • #37298
     cd1zz 
    Participant

    If SMB is open, I’ve always found the SMB enumeration modules in Metasploit to be very accurate.

  • #37214
     cd1zz 
    Participant

    Hordakk

    I recently discovered my first bug and was trying to figure this out as well. The bug I found wasn’t very exciting, it impacted an FTP server that can be found on like page 15 of google search results. None the less, I contacted the vendor and they fixed it promptly, within 2 weeks. They were pretty gracious actually. After they fixed it I submitted it to exploit-db.com.

  • #33140
     cd1zz 
    Participant

    tturner – I see your dilemma. If you could do it while you’re at work that would be nice!! Having long blocks of solid time is the best way to to conquer the course…. best of luck.

  • #33137
     cd1zz 
    Participant

    tturner

    I would recommend using the offsec labs. Setting up your own labs gives you an advantage since you know what you installed etc. Using their labs, you’re exposed to things you know nothing about and which you have to figure out. This is half the battle. I blogged about my experience here if you want to know what I think in detail: http://networkadminsecrets.blogspot.com/2010/12/offensive-security-certified.html

  • #36878
     cd1zz 
    Participant

    In regards to language learning….depends what you know right now. Do you have any programming exp? I would say that scripting languages like python and perl are a thousand times easier than assembly and still easier than C but thats just me. As far as exploits go, you’ll need to know a little of everything to get things to work right. I am by now means a good programmer but know how to read it and modify it.

    I dont think that pentesting is just a flat set of skills. It’s really an art form. There are multiple ways to nail a box, just depends how you want to do it and what you’re better or worse at.

  • #36806
     cd1zz 
    Participant

    I don’t think that just because you don’t have that much Linux experience that you shouldn’t take the course. I didn’t have that much linux exp either and I passed on my first try. BUT I did have to work my ass off at it. I had to ramp up my Linux skills really fast and now they’re acceptable. I just passed a couple weeks ago and documented my experience here if you’re interested: http://networkadminsecrets.blogspot.com/2010/12/offensive-security-certified.html

    The bottom line is if you have solid fundamentals, meaning you understand routing/protocols and how an OS works, you could probably get to where you need to be in 60-90 days. Quite frankly if you don’t pass on the first try its not that big of a deal because you can retake for $60. Its not like you have to drop $500 to retake the exam. Put in the hard word and it will pay off.

  • #36934
     cd1zz 
    Participant

    Definitely get at least 60 days for the OSCP. You’ll spend a ton of time in the labs but if you’re enjoying it, it will fly by. As far as the unknown lab situation, that’s half the fun of it. It requires you to hone in on your information gathering skills. It also forces you to be creative because things may or may not work as you expect 🙂 However, if you can nail those machines, you’re going to be in good shape because you’re going to end up being pretty resourceful. I highly recommend the course.

    -c

  • #35606
     cd1zz 
    Participant

    Here we are – 2 months later and I passed the exam. Now I see the light 🙂

    I’ve documented the experience on my blog:
    http://networkadminsecrets.blogspot.com/

    Thanks for everyone’s input.

Viewing 13 posts - 526 through 538 (of 538 total)

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?