-
oleDB replied to the topic What would you expect out of an intern? in the forum Career Central 9 years, 8 months ago
For me personally, I want to see two things from an intern. The capability to learn things quickly and a passion for security. Often times I will ask them to learn about a question they missed and discuss it intelligently on the 2nd interview. I also like to see that they like to read technical books and tinker around with a home lab setup. Those…[Read more]
-
oleDB replied to the topic "Breaking In" Pentest Sitcom in the forum Mass Media 9 years, 8 months ago
I think the cancellation was a given, it was marginally funny with a heavy dose of geek humor and weak tech sauce. Whats more shocking to me is the cancellation of HT and Chicago Code. I thought they were good shows.
-
oleDB replied to the topic SANS course question recommendation in the forum Security 9 years, 8 months ago
Hey VashTS,
You pretty much run into one of the most common themes in IT Security today. Mgmt doesn’t care or is ignorant of the security threatscape. That ends up going back on us as security minded individuals to show them the risk in terms they understand. Business terms, lame powerpoints, green and red metrics …. but I digress.
So I would…[Read more] -
oleDB replied to the topic H*Commerce Web Film Series in the forum Links to cool sites. 11 years, 4 months ago
Wow that’s something really useful McAfee has put together. Thanks for the link, looks like some awesome security awareness content there.
-
oleDB replied to the topic IPS Location in the Network in the forum Hardware 12 years, 3 months ago
My preference is for the stand alone IPS to die and become a fully integrated module in your firewall. Similar to the Netscreen IDP, but with the quality of Tipping Point.
-
oleDB replied to the topic Q&A for Pen Testing Perfect Storm Webcast Series: Part I in the forum Special Events 12 years, 3 months ago
I have a general question for all 3 guys. I’m sure its an infrequent occurrence that you find a network you cannot hack. However in that rare occasion, what are some of the things that present the biggest obstacles to your pen test?
I’m interested in learning about when companies get security right. And not necessarily even certain technologies…[Read more]
-
oleDB replied to the topic Rainbow Tables in the forum Network Pen Testing 12 years, 3 months ago
Thats really weird because typically the last half of the password is cracked first, not the first half.
If your only using an alphanum table and just the first half is cracked then most likely the second half has a special character(s), alt-xxx, or is non-existent. You will need to create a bigger table with more character space using rtgen or…[Read more]
-
oleDB replied to the topic [Article]-The Pen Testing Perfect Storm Webcast Series with Skoudis, Wright, Johnson in the forum News Items and General Discussion About EH-Net 12 years, 3 months ago
All registered, should be awesome just like the last series. Also, great idea Don to have them show up on the forum for Q&A afterwards.
-
oleDB replied to the topic [Article]-The IDA Pro Book in the forum Book Reviews 12 years, 3 months ago
Excellent review Ryan. I will definitely buy this book. I’m glad there is an alternative to the crap that Syngress publishes.
-
oleDB replied to the topic Security Incident and Event Management (SIEM) in the forum Incident Response 12 years, 3 months ago
I personally did not like Q1 for the simple fact that it doesn’t track by hostname. So essentially everything is IP based and stateless. So you can’t add notes to a host so when the event reoccurs other analysts will not see the work you already did. Yes you can whitelist events so that they don’t reoccur, but there was also a bug with that as…[Read more]
-
oleDB replied to the topic Helix 3 Released in the forum Tools 12 years, 3 months ago
sweet, thx for the heads up, downloading asap
-
oleDB replied to the topic Network Perimeter Security (FTP) in the forum Network Pen Testing 12 years, 4 months ago
There is not much you can do, if whitelisting the approved netblocks isn’t feasible with your business. By that I mean permitting only the people you want to FTP on your server through the fw/router. Blacklisting becomes unmanageable, because you will continually be adding addresses, as I’m sure you’ve already seen. I would start with what you’ve…[Read more]
-
oleDB replied to the topic Best firewall for a reasonable price? in the forum Hardware 12 years, 4 months ago
-
oleDB replied to the topic Blank Canvas looking for advice in the forum General Certification 12 years, 4 months ago
Rather then let you CCNA expire, I would just take one test on the pro tracks like you said. That’s what I do, and the tests rarely take longer then a month to prepare for depending on your available time.
-
oleDB replied to the topic [Article]-What the Splunk? in the forum /root 12 years, 4 months ago
Excellent write up BillV
Anyone in this forum have experience running splunk against 25-50 TBs of log data? I’m just wondering if it can handle that and how many separate servers you might have to spin up.
-
oleDB replied to the topic Information Security Superstars – Cert advice in the forum General Certification 12 years, 4 months ago
The most important point of the article: If you think a cert will make you a star you are 100% wrong. I agree with silxp that the focus should be on learning the content well and not what a cert gets you. Also another point I like, which was kinda hinted at. Don’t make your certification selection based on trendiness or job boards, you should…[Read more]
-
oleDB replied to the topic CREA Certified Reverse Engineering Analyst in the forum General Certification 12 years, 4 months ago
I think there is definitely interest, but since this is an already crowded niche for certification, it may just be that nobody has taken the course yet. I know the SANS and Mandiant courses are very popular in this area.
-
oleDB replied to the topic The greatest Hackers? in the forum Opinions 12 years, 4 months ago
that quote is hilarious!
-
oleDB replied to the topic Chrome – Google Enters the Browser Wars in the forum Other 12 years, 4 months ago
Just what we need another piece of beta software running on the interweb ….
No seriously, why can’t ANY developer deliver a browser that runs in a complete sandbox with a normal browsing experience. For some reason, they designed web content with need to access your system either with user privileges or system privileges that most 3rd party…[Read more] -
oleDB replied to the topic Pen Testing as a business in the forum Other 12 years, 4 months ago
NO DOUBT, there are tons of “legit” companies walking around simply running a va scan and handing them a stock report. What a joke and nobody knows any better. As long as the box gets checked. I once had some idiot at an unamed company tell me that their pentest was only running firewalk from the outside. Apparently firewalk was their magic bullet…[Read more]
- Load More