geekyone

If you just want one to play around with you can get a pwnie cheapish, if you go with a floor model.  They aren’t the latest model but they are much cheaper.

http://pwnieexpress.com/products/pwn-plug-floor-model-v1-1-limited-supply

It amazes me someone with the skill to crack software can’t figure out how to read the title of a web site.  Really it’s not like the “Ethical” part of the web site is hidden.  Duh it’s even in the URL!  LOL

I took the Win32 Exploit Boot Camp by Corelan last year and I will say that the instructor and content was excellent.  The only complaint I had about the course was it had too much content for the two sessions.  The course was obviously designed for 4-5 days and cramming it into two sessions didn’t work well but it was still helpful.  The in…[Read more]

I think you are right hayabusa.  Although, it does show he was last online today.  That could just mean he got a few last hours of gaming in before he got busted.  😉

Let’s hope it isn’t true.

My guess is joke, unless he is playing Counter Strike from jail.  His XFire profile shows he was online less then an hour ago.

http://www.xfire.com/profile/jordylavieren/

Never under estimate the power of Google.

Usually “Bulletproof” hosting doesn’t indicate a high level of security protections in use to prevent hacking.  What the company means by that term is that they will use the legal protections of the hosting country (in this case Sweden) and will not give into pressure from “outside” influences (US Government in this case) to remove the offending…[Read more]

I agree the question is very misleading.  On first reading it I agreed with BillV but after a thorough reading I think Hordakk is right and the correct answer is Bastion Host.  Since the question doesn’t really say it is designed to lure in attackers (although that could be implied in the “fully exposed” statement).

However having said that I k…[Read more]

I read four different books for this exam they all helped on different parts.  I didn’t feel any of the books covered everything I ran into on the exam.  Probably the one that helped the most was File System Forensic Analysis by Brian Carrier.  The other three were:

Forensics Discovery (Dan Farmer)
Read Digital Forensics (Keith J. Jones, Ri…[Read more]

… and its gone!

If (well more likely when) I get more I’ll post them.

With a 90% on the practice test you should be good to go on the actual exam.  I have found that the GIAC practice tests are a very good representation of what you can expect from the actual exam.  On the tests I have taken so far I scored with in a percentage point or two of my last practice test.  I do agree with BillV that the actual test is ha…[Read more]

I copied this from somewhere.  I can’t remember where sorry if I am stepping on some ones IP.  Enjoy!!

You know you’re a computer security professional when:

You not only lock your laptop with a physical cable leash, but you change the combination of the lock when it’s not in use so that it can’t be “compromised”.

Although you have no ill i…

[Read more]

Check out Swordfish .. you just need a bus, a helicopter, lots of weapons and a guy that can type without ever pressing backspace. Then you’ll be all set 🙂

I declare BillV the winner of this thread!!!! 😀

First off I have to caveat this advice with the statement that I am a Reverse Engineering newbie.  I would say based on what you want accomplished “keeping someone from replacing the algorithm” and the complexity of the code in question that successful reverse engineering would depend mostly on your implementation.  Is this algorithm code going t…[Read more]

Looks like the biggest thing they were plugging was their NeXpose vulnerability scanner and some kind of integration with msf.  Qualys does something similar with CORE if that is there aim and they leave the products separate like CORE and Qualys that could be a great improvement.

I took the GPEN challenge.  I thought that Counter Hack Reloaded by Ed Skoudis was a great reference.

Wow you can get to a hacker website but can’t access your porn talk about crappy admins.  Here is what I would do.  Find a buddy who lives close to school.  Pay to hook up an Internet connection to their house and drop a WAP.  Charge all your buddies in school a weekly access fee to access unfiltered wireless Internet.  Rotate the key weekly (thi…[Read more]

Sooooo….what if I create an Open Source Tool and let’s call it GeekyonePwnsCEH.  For the sake of simplicity we will say this tool is a port scanner and everytime it finds an open port it emails Bill Gates.  When it is done I publish it on the web and include the source code.  Now I have authored a “new” open source tool (40 credits to me!).  Now…[Read more]

The comments/suggestions with regard to the existing ECE Delta Credit
System posted by our valuable Certified Members were evaluated by the
Members of the EC-Council Scheme committee. I am glad to announce that
most of the constructive feedback were approved by the Scheme Committee.
Based on the recommendation of the Scheme Committee we have…

[Read more]

It’s been down for weeks for me.  I check it about once a day.  And of course as I start to write this response it comes up again :P.

As far as self studying SANS exams it’s certainly not easy.  You can purchase the official SANS course material and study that.  (See the SANS Self-Study program)  Although  I can tell you that the Self Study program is also a little expensive.  Other then that you just have to pull as much information as you can from the course description and…[Read more]