Determ

Forum Replies Created

Viewing 14 reply threads
  • Author
    Posts
    • #45767
      Determ
      Participant

      Exactly what Maxe point out … for example, reading RFCs and being expert in one or few protocols is my point of topic. I have done some team-work pen tests and what I can say is, that there are a lot of basics, working with out-of-box tools, using msf, core impcat, nessus. I think those tools should be used by security engineers inside company.

      @3xban wrote:

      I would think you can specialize in say Wireless communications, this would include Wi-Fi, Bluetooth and RFID.  

      I don’t think so. Wireless communications are much more than Wi-Fi, BT etc. For example, there are some known attacks on GSM and GPRS. You can attack it with available technology but this is not black-box expertises. Being that mean, that you can built your own attacks or slightly diverse current attacks. Both demand great knowledge in cryptography (specially in stream ciphers), cryptanalysis and also sound knowledge in physical quantities.

      @3xban wrote:

      But trying to freelance, it may be much more difficult to get work.

      This can be a matter of discussion. Anyway I think that being black-box http://en.wikipedia.org/wiki/Black_box expert should give you more work as freelancer.

    • #44700
      Determ
      Participant

      @chrisj wrote:

      If I understand that right, you want the traffic needing to be watched to go out over the exiting WAN connection without going through the existing border router? can you create down time to set things up?

      Yes.

      Also I have time to set-up things, it’s not continuous process 24/7. For the beginning would be ok, if the device (tap) could have option to save filtered traffic and send it via smtp on every X hours. In that way the device could be plugged directly in current switch. Ofcourse I don’t know if I get such smart Tap device (having laptop in rack for that is not an option).

    • #44697
      Determ
      Participant

      @mambru wrote:

      Have you tried a tap?

      Yes, inline aggregating tap with filter option is needed, but do I get a device with router capabilities. Traffic should be send over WAN, but without intervention to existing (primary) router.

    • #35507
      Determ
      Participant

      I have tried Maltego V3, great tool.

      One questions: Is it possible to get a good book which will teach python from basic, but has to be focused more on python scripting for data, text and web mining?

    • #34864
      Determ
      Participant

      When do you think, will courses/tutorials/reviews go forward with wireless security?

      I still see a lot of contents about WEP cracking and easy bluetooth trick. I think that today to much people use WPA2 and producer’s added protections.

      There are more and more apps for mobile phones, mobile OS, business wireless technologies etc. Maybe I’m wrong but I think that pentesting on wireless should be more focused on new softare/hardware standards.

    • #35504
      Determ
      Participant

      Googling with “Open Source IG” has given me lots of results. It kept me busy for weekend.  8)

      Before posting I was wondering how to go “beyond” information gathering, since I’m doing OSCP and already saw Chris Gates presentation.

      So thanks for replies, they have given me more to work on.

    • #21043
      Determ
      Participant

      Does anyone know when will 3rd edition be released?

    • #33789
      Determ
      Participant

      I think about protecting on Operator Work station and HMI Web/DB server level. I believe (but i don’t know yet) that Operator Work station isn’t segregated from corporate network at small local plants in my area.

    • #34567
      Determ
      Participant

      Is metasploit banned at OSCP exam? I find metasploit auxiliary scanners quite useful.

    • #33786
      Determ
      Participant

      I have heard lot about Suricata…Maybe they should set up web forum for users and those who want to give it a try. Also some tutorials would be great.

      I plan to start with OSSIM in next two months. I will need to buy one used machine for that purpose. Otherwise I always read documentation first and look for some good tutorial or reviews.

      One more question: Did anyone work on securing SCADA? What I mean is a small scada, which runs in small facilities. It is possible, that I will work on one project about protecting SCADA environtmen. For now I was thinking about implementing Host IDS and remote logs reading.

    • #34022
      Determ
      Participant

      What do you think about ISO/IEC 27001:2005 ? After passing final exams, participants receive accredited certification with title “Information Security Manager” and “Information Security Auditor”.

    • #33887
      Determ
      Participant

      Thank you both for advice.

      I decided to take PWB online course. I have read some topics about PWB online course and all things were so positive. I haven’t had any experience with online learning.  So it will be something new.

      I have one basic question about pre-made Backtrack VMware image. Do I have to use it, or can I use my already installed Backtrack 4 Final Release on my computer?

    • #33884
      Determ
      Participant

      It looks like PWB-online from offensive security is the best option. I agree, courses in our area are overpriced. I would like to take one of available courses which could show me, how to made depth pentest on network with 20-30 hosts with fail/smtp server from start to end.

    • #33882
      Determ
      Participant

      I forgot to mention that I’m interested for “live” course with tutor in the room. I’m looking for course which will take place in Austria/Germany/Italy.

      If I took a course from offensive-security online, I would take “PWN”. This one also looks good: http://www.ssr-i.com/courses/certified_penetration_testing_consultant.html

    • #33783
      Determ
      Participant

      Thanks for response. Yesterday I set up Ossec HIDS, but I’m not sure if it is useful. Modern internet security programs have some kind of “hids” already built in. And I think that HIDS is only useful for client host.
      I also played with HoneyBOT, and it is cool, but to easy in some way. Do you know any european producer of modern honeypots and honeypot’s like IDS software?

      I checked OSSIM. It looks great. If I understood correctly, is all in one platform. But tell me, does make some program settings easier? Or will I have to spend few days configuring different programs which comes with OSSIM?

Viewing 14 reply threads

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?