idr0p

You can use SCCM to do patch management. There is also Dell Kace and other tools where a “agent” on the system will issue the updates accordingly.

Good books for this cert
Malware: Fighting Malicious Code – Made by Course Writer Lenny Z. and Other Sans Instructor Ed S.

Malware Analysts Cookbook

and this book and you will be all set.

Amazon.com – Forensics Books

Tools to use:

Try some live CDs:
SIFT Kit from SANs sans.org

CAINE http://www.caine-live.net/

Resources online – google for these sites
Security Tube
Forensic Focus
Forensic Wiki

Rapid7
Dell SecureWorks
IBM ISS

Ordered!!! thanks!

This also brings the question, if you deploy a honeypot are you “leaving your doors unlocked” so to speak. Meaning you would be unable to charge the intruder for trespassing on your network as you invited them in.

Yes, i think the direction i am going with this is not introducing new malware, but analyzing a current sample of malware to “see what it does”, if that code does something harmful to others are you liable for the damages it caused.

I have changed up my 2012,

I am not going for GCFA, I will be taking a digital forensics masters course instead

I want to go for CISA, CISSP and GSEC (to get GSE)

p0et, Look into some MSSPs such as ISS, Google, Secureworks, Verizon, Trustwave. They all have entry level security positions where if you do your time they have consulting and research jobs you can move up into.

Do you need to make one specifically or can you just use one already out there, there are many.

SIFT Kit
Helix
Sleuth kit
Backtrack
etc…

Here are some titles to search for,

Security Analyst
Jr. Penetration Tester
Information Security Associate/Analyst

GSEC, even though i havent taken it… yet, looks like it has some good stuff in it. I think it is a step up from the Sec+ and the main thing about SANs tests is you want to get a feel for them it is a good cert to start with in general.

On a side note the GPEN does cover python, but no too deep. OSCP is where you will need the py skills more.

I posted the the other forum also, but B.S. definitely

My guess if you look at captures.

you are scanning

x.0, x.1,x.2,x.3,x.4

nmap scans
x.1 – gets response
x.2 – gets response
x.3 – gets response
x.4 – gets response
x.0 – (network scan) gets response from x.1,x.2,x.3,x.4
Nmap now goes.. oohh more things to play with so it scans all the ips that respond.
x.1 – gets response
x.2 – gets response
x.3…[Read more]

YuckTheFankees,

If you want to take a SAN course, GSEC or GCIH would be good to start out and get your foot in the SEC door.

Here are some books to help:

The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws 2nd Edition – Dafydd Stuttard (Author), Marcus Pinto (Author)
^ big book just came out. Helped me alot with my GWAPT certification.

HACKING EXPOSED WEB APPLICATIONS, 3rd Edition by Joel Scambray, Vincent Liu and Caleb Sima
^ Dont know much…[Read more]

One thing to remember is to expect to be derailed. My path has changed sooo much since i started, for example i expected to do the OSCP and CISA among other things by now. Like the greats you must be able to adapt.

My path was the following.

Linux (When i was in H.S.)
Network Security (College Degree)
Learned Python (In College)
I got a Info Sec…[Read more]

Powered on python, I Like it!.

I bet you someone was checking there email on the OP computers.

History of the world part 1, is where that quote is from. Congratz on the training.. saver and bring us back some of that learned stuff 😉