idr0p

Forum Replies Created

Viewing 14 reply threads
  • Author
    Posts
    • #47263
      idr0p
      Participant

      You can use SCCM to do patch management. There is also Dell Kace and other tools where a “agent” on the system will issue the updates accordingly.

    • #45789
      idr0p
      Participant

      Good books for this cert
      Malware: Fighting Malicious Code – Made by Course Writer Lenny Z. and Other Sans Instructor Ed S.

      Malware Analysts Cookbook

      and this book and you will be all set.

    • #46897
      idr0p
      Participant

      Amazon.com – Forensics Books

      Tools to use:

      Try some live CDs:
      SIFT Kit from SANs sans.org

      CAINE http://www.caine-live.net/

      Resources online – google for these sites
      Security Tube
      Forensic Focus
      Forensic Wiki

    • #46240
      idr0p
      Participant

      Rapid7
      Dell SecureWorks
      IBM ISS

    • #45966
      idr0p
      Participant

      Ordered!!! thanks!

    • #44963
      idr0p
      Participant

      This also brings the question, if you deploy a honeypot are you “leaving your doors unlocked” so to speak. Meaning you would be unable to charge the intruder for trespassing on your network as you invited them in.

    • #44959
      idr0p
      Participant

      Yes, i think the direction i am going with this is not introducing new malware, but analyzing a current sample of malware to “see what it does”, if that code does something harmful to others are you liable for the damages it caused.

    • #44555
      idr0p
      Participant

      I have changed up my 2012,

      I am not going for GCFA, I will be taking a digital forensics masters course instead

      I want to go for CISA, CISSP and GSEC (to get GSE)

    • #42221
      idr0p
      Participant

      p0et, Look into some MSSPs such as ISS, Google, Secureworks, Verizon, Trustwave. They all have entry level security positions where if you do your time they have consulting and research jobs you can move up into.

    • #43176
      idr0p
      Participant

      Do you need to make one specifically or can you just use one already out there, there are many.

      SIFT Kit
      Helix
      Sleuth kit
      Backtrack
      etc…

    • #42219
      idr0p
      Participant

      Here are some titles to search for,

      Security Analyst
      Jr. Penetration Tester
      Information Security Associate/Analyst

    • #43123
      idr0p
      Participant

      GSEC, even though i havent taken it… yet, looks like it has some good stuff in it. I think it is a step up from the Sec+ and the main thing about SANs tests is you want to get a feel for them it is a good cert to start with in general.

      On a side note the GPEN does cover python, but no too deep. OSCP is where you will need the py skills more.

    • #43150
      idr0p
      Participant

      I posted the the other forum also, but B.S. definitely

    • #43041
      idr0p
      Participant

      My guess if you look at captures.

      you are scanning

      x.0, x.1,x.2,x.3,x.4

      nmap scans
      x.1 – gets response
      x.2 – gets response
      x.3 – gets response
      x.4 – gets response
      x.0 – (network scan) gets response from x.1,x.2,x.3,x.4
      Nmap now goes.. oohh more things to play with so it scans all the ips that respond.
      x.1 – gets response
      x.2 – gets response
      x.3 – gets response
      x.4 – gets response

      = 9 instances.

    • #43121
      idr0p
      Participant

      YuckTheFankees,

      If you want to take a SAN course, GSEC or GCIH would be good to start out and get your foot in the SEC door.

Viewing 14 reply threads

Copyright ©2022 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?