hell_razor

Forum Replies Created

Viewing 14 reply threads
  • Author
    Posts
    • #50136
      hell_razor
      Participant

      Why not take an image of the recovery partition and then encrypt the whole drive?  In the grand scheme of things, I don’t think it will matter much whether you encrypt the whole drive or just the system drive. Most recovery partitions are marked hidden, and if someone has hooks into your machine such that they can manipulate your hidden partition, you are sunk anyway.

    • #48907
      hell_razor
      Participant

      BT upgrades can be tedious at best, nightmarish otherwise.  I have not had any upgrades go particularly well until some time after launch.  Let others set the bugs worked out.  I typically run BT in a VM of some sort, so I typically set up a second drive for data and can then attach it to whichever other distro I need.  I always keep the old versions around, but it seems best to do a clean install in my experience.

    • #48320
      hell_razor
      Participant

      I would guess a second interview may be more interpersonal than technical.  I would be prepared for questions about your work ethic, attitude, and knowledge about the company rather than even deeper security questions.

    • #47808
      hell_razor
      Participant

      Yeah, something is definitely going bonkers…you can always do an apt-get remove set –purge and then apt-get install set and set-update…you can do the same to metasploit, but it may be more cantankerous.

    • #47802
      hell_razor
      Participant

      It should be /pentest/exploits/framework (they dropped the 3) or
      /opt/metasploit/msf3

    • #47737
      hell_razor
      Participant

      I probably read AP a little too literally, was thinking a simple AP rather than a router with a hub bridged on it…will blame it on being Friday…

    • #47735
      hell_razor
      Participant

      802.11 is a broadcast medium.  You can capture all packets, up to the bandwidth of your capture device, freely.  The potential issue is being able to decrypt all of the packets, which should also not be a problem if you have the appropriate keys to the data (PSK hopefully).

    • #46322
      hell_razor
      Participant

      If you don’t have AV you (or your help desk) will get eaten alive by nuisance viruses.  They will cover many of the script kiddies out there.  However, in a very targeted attack, you are right, AV is probably only one layer of defense and should not be counted on exclusively.

    • #46282
      hell_razor
      Participant

      Not knowing your background, it is hard to really give sage advice.  However, I think it very difficult to land a job as a pentester (even junior) straight away from training.  I would recommend trying to land a job in security on the defensive side first and gain a few years of experience (I know, easier said than done sometimes, but keep at it).  It is easy enough to run through tools referenced in the CEH materials, but it is much harder to understand infrastructure and methodologies if you have spent all of your time on offensive certs, IMHO.  In my experience, the best pentesters come from areas of administration who worked their way into offensive skills by defending against them (sys admins, net admins, etc.).  Wish I could help directly, but IIRC you are in the UK, right?

    • #45995
      hell_razor
      Participant

      Another thought that applies to many security professionals, SANS is DoD compliant in much of their coursework, and I am not so sure OffSec will help you there.  I am not saying SANS is better, just perhaps better represented in the govt.

    • #45761
      hell_razor
      Participant

      Are you running command prompt as admin (right click, run as administrator)?

    • #45346
      hell_razor
      Participant

      nmap -sS -p 445 –script=smb-os-discovery.nse target_ip

    • #44148
      hell_razor
      Participant

      Without specifically recommending one over another, I would strongly encourage you to get one with a 256gb ssd and a larger internal drive so you can keep host based stuff and VM based stuff on separated.  I find drive contention is the biggest issue on my laptop when running multiple VMs.  I know Dell is offering this configuration on the precision line, but really have not kept up on hardware in the last year or two.

    • #43580
      hell_razor
      Participant

      Just keep it away from network cables and make sure it and the rack are grounded when possible and you will be fine.  I would put it on the bottom with some cable management. I think we used Tripp-Lites at my last gig, but they were over the $50 mark.

      http://www.tripplite.com/en/products/model.cfm?txtSeriesID=754&txtModelID=2004

    • #43577
      hell_razor
      Participant

      If you have to worry about that, something else is going way wrong.  🙂  It should not be a problem.

Viewing 14 reply threads

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?