-
Determ replied to the topic niche pen testing in the forum Network Pen Testing 8 years, 11 months ago
Exactly what Maxe point out … for example, reading RFCs and being expert in one or few protocols is my point of topic. I have done some team-work pen tests and what I can say is, that there are a lot of basics, working with out-of-box tools, using msf, core impcat, nessus. I think those tools should be used by security engineers inside…[Read more]
-
Determ replied to the topic device/system selection in the forum Hardware 9 years, 1 month ago
@chrisj wrote:
If I understand that right, you want the traffic needing to be watched to go out over the exiting WAN connection without going through the existing border router? can you create down time to set things up?
Yes.
Also I have time to set-up things, it’s not continuous process 24/7. For the beginning would be ok, if the device (tap)…[Read more]
-
Determ replied to the topic device/system selection in the forum Hardware 9 years, 1 month ago
@mambru wrote:
Have you tried a tap?
Yes, inline aggregating tap with filter option is needed, but do I get a device with router capabilities. Traffic should be send over WAN, but without intervention to existing (primary) router.
-
Determ replied to the topic Information Gathering in the forum General Certification 10 years, 3 months ago
I have tried Maltego V3, great tool.
One questions: Is it possible to get a good book which will teach python from basic, but has to be focused more on python scripting for data, text and web mining?
-
Determ replied to the topic Does Mobile Security Deserve New Board? in the forum Wireless 10 years, 3 months ago
When do you think, will courses/tutorials/reviews go forward with wireless security?
I still see a lot of contents about WEP cracking and easy bluetooth trick. I think that today to much people use WPA2 and producer’s added protections.
There are more and more apps for mobile phones, mobile OS, business wireless technologies etc. Maybe I’m wrong…[Read more]
-
Determ replied to the topic Information Gathering in the forum General Certification 10 years, 3 months ago
Googling with “Open Source IG” has given me lots of results. It kept me busy for weekend. 8)
Before posting I was wondering how to go “beyond” information gathering, since I’m doing OSCP and already saw Chris Gates presentation.
So thanks for replies, they have given me more to work on.
-
Determ replied to the topic [Article]-Hacking: The Art of Exploitation 2nd Edition in the forum Book Reviews 10 years, 4 months ago
Does anyone know when will 3rd edition be released?
-
Determ replied to the topic Honeypot and IDS in the forum Network Pen Testing 10 years, 5 months ago
I think about protecting on Operator Work station and HMI Web/DB server level. I believe (but i don’t know yet) that Operator Work station isn’t segregated from corporate network at small local plants in my area.
-
Determ replied to the topic OSCP exam in 1 week – Advice? in the forum OSCP – Offensive Security Certified Professional 10 years, 5 months ago
Is metasploit banned at OSCP exam? I find metasploit auxiliary scanners quite useful.
-
Determ replied to the topic Honeypot and IDS in the forum Network Pen Testing 10 years, 5 months ago
I have heard lot about Suricata…Maybe they should set up web forum for users and those who want to give it a try. Also some tutorials would be great.
I plan to start with OSSIM in next two months. I will need to buy one used machine for that purpose. Otherwise I always read documentation first and look for some good tutorial or reviews.
One…[Read more]
-
Determ replied to the topic Most in-demand certifications in the forum General Certification 10 years, 6 months ago
What do you think about ISO/IEC 27001:2005 ? After passing final exams, participants receive accredited certification with title “Information Security Manager” and “Information Security Auditor”.
-
Determ replied to the topic Penetration Testing certification in Europe in the forum General Certification 10 years, 6 months ago
Thank you both for advice.
I decided to take PWB online course. I have read some topics about PWB online course and all things were so positive. I haven’t had any experience with online learning. So it will be something new.
I have one basic question about pre-made Backtrack VMware image. Do I have to use it, or can I use my already installed…[Read more]
-
Determ replied to the topic Penetration Testing certification in Europe in the forum General Certification 10 years, 6 months ago
It looks like PWB-online from offensive security is the best option. I agree, courses in our area are overpriced. I would like to take one of available courses which could show me, how to made depth pentest on network with 20-30 hosts with fail/smtp server from start to end.
-
Determ replied to the topic Penetration Testing certification in Europe in the forum General Certification 10 years, 6 months ago
I forgot to mention that I’m interested for “live” course with tutor in the room. I’m looking for course which will take place in Austria/Germany/Italy.
If I took a course from offensive-security online, I would take “PWN”. This one also looks good: http://www.ssr-i.com/courses/certified_penetration_testing_consultant.html
-
Determ replied to the topic Honeypot and IDS in the forum Network Pen Testing 10 years, 6 months ago
Thanks for response. Yesterday I set up Ossec HIDS, but I’m not sure if it is useful. Modern internet security programs have some kind of “hids” already built in. And I think that HIDS is only useful for client host.
I also played with HoneyBOT, and it is cool, but to easy in some way. Do you know any european producer of modern honeypots and…[Read more]