Forum Replies Created
April 6, 2018 at 5:18 pm #138700
May 6, 2016 at 7:18 pm #54276
If you are using Windows take a look at the Microsoft Family Safety/Microsoft Family features (free). It claims to block access to adult content, and you can also configure it to only allow access to specific web sites if you want.
June 10, 2015 at 8:18 pm #54183
@The New LT72884 wrote:
So why is it so vital to know that the server is running vsFTPd2.0.4 or openssh?? to me its just saying that it has ftp and ssh on it. no big deal? what is it about those versions im not aware of?
IIRC, service version is not important (for determining possible exploits), it’s that those services are available to connect to.
June 9, 2015 at 6:21 pm #54180
What is your De-Ice 1.110 Virtual machine guest operating system set to?
If it’s not “Other Linux 2.6.x kernel” try changing it to that.
May 7, 2015 at 7:51 pm #54162
March 26, 2015 at 10:36 pm #54154
January 21, 2015 at 12:22 am #54093
January 7, 2015 at 12:52 am #54072
Take a look at VulnHub and the OWASP Vulnerable Web Applications Directory Project.
January 1, 2015 at 9:02 pm #54061
Congrats SephStorm, well deserved!
A great start to the new year for you.
December 24, 2014 at 10:53 am #54039
I don’t know, but I’m guessing Don maybe referring to the April giveaway.
December 17, 2014 at 11:17 pm #54002
For $3999 you can get access to all 9 of their courses (elite version). Insane deal!
They are also currently offering a Christmas gift card for $150 off of new enrollments into individual courses as well, this also includes a further price reduction for adding additional course’s if purchased at the same time: https://www.elearnsecurity.com/landing/xmas.php
November 26, 2014 at 9:04 pm #54000
The Demo Gods weren’t very kind to Guiseppe, but it was an interesting webinar none the less.
The XXE (XML External Entity) attack demonstrated was something new to me. I haven’t tried this out myself yet, but the XML External Entity Training: A virtual machine image containing a sample XXE vulnerable web app looks like it could be useful for trying it out.
November 20, 2014 at 9:10 pm #54027
Thanks for sharing your thoughts.
I got to play Netwars a few years back, and it was a great experience. I’d love to have a go at CyberCity from an offensive perspective, last years SANS Holiday Challenge was based on CyberCity. If you’re interested it’s still available for download, although it’s focused on analysing the attacks rather than causing them.
Anyhow, Good Luck with the GPEN exam when you take it!
November 20, 2014 at 8:58 pm #53976
November 19, 2014 at 10:34 pm #53974
Opinions aside, both the CISSP and C|EH are both widely recognized from a HR perspective.
Just to elaborate on the CISSP option suggested by rattis:
The CISSP Professional Experience Requirement states that “You must have a minimum of five years of direct full-time security work experience in two or more of these 10 domains of the (ISC)² CISSP CBK®”. However, you can stil do the exam without that experience, and gain Associate status.
“The Associate of (ISC)² CISSP designation “is valid for a maximum of six years from the date (ISC)² notifies you that you have passed the CISSP exam, within which time, you’ll need to obtain the required experience and submit the required endorsement form for certification as a CISSP”.”