-
partek replied to the topic Harsh Words for Professional Infosec Certification in the forum General Certification 10 years, 4 months ago
Most of the problem with certification is that the tests primarily consist of multiple-choice tests that merely test your book knowledge or very basic reasoning skills. For example one could likely pass the CISSP or CEH with very little technical knowledge by simply reading the materials and perhaps participating in lab exercises. There of course…[Read more]
-
partek replied to the topic Professional Penetration Testing – Book problems? in the forum Other 10 years, 6 months ago
I’m having a problem just like this with a book I bought. I figured it was from the heat and humidity of reading it on the beach, but maybe Amazon is getting some bad books?
-
partek replied to the topic Perm to contracting, Security avenue in the forum Career Central 10 years, 6 months ago
@H1t M0nk3y wrote:
BTW, the hardest thing for my as a contractor now is training. I used to have 1 week a year of paid training/conference. Now, I obviously pay everything myself. For example, a SANS course at roughly $4000 + travel $1200 + lost in revenue of $4000 = $9200 for a week long course!!! It used to be free…
Loss of revenue when…[Read more]
-
partek replied to the topic Black Hat USA 2010 in the forum Calendar Of Events 10 years, 6 months ago
If anyone is interested I just received a discount code dropping this to $295:
BHUL443
-
partek replied to the topic Black Hat USA 2010 in the forum Calendar Of Events 10 years, 6 months ago
I got an email about BlackHat USA 2010 Uplink where it appears they will be streaming parts of Blackhat live this year.
At $395 it sounds like a decent deal.
Does anyone have any thoughts about it?
-
partek replied to the topic OSCP Walkthrough in the forum OSCP – Offensive Security Certified Professional 10 years, 6 months ago
OSCP is a tough course and really forces you to come up with some interesting and unorthodox solutions. I remember spending many a late night trying to break into the lab boxes. It’s very frustrating, but is definitely the most rewarding course I’ve ever taken.
-
partek replied to the topic Security related projects in the forum Network Pen Testing 10 years, 6 months ago
@yatz wrote:
I need to come up with some projects for the 2010-2011 year. The projects should be something with a scope of a few months. I will research/deploy/test/etc. some kind of technology or process that benefits the company.
Anyone got any ideas??? Maybe something fun you have done in the past?
;D ???
Unfortunately as fun as it ma…[Read more]
-
partek replied to the topic What's the big deal with Cloud Security in the forum Opinions 10 years, 6 months ago
@Ketchup wrote:
I can’t stand this buzzword, “cloud computing.”
I totally agree. I have seen the term “cloud computing” mean so many different things. Honestly the “cloud” should really only reference real on-demand offerings like those of SaaS, PaaS, and IaaS. All too often I’m seeing this term applied to generic virtualization in the…[Read more]
-
partek replied to the topic Experience with technical recruiters in the forum Looking For Work 10 years, 10 months ago
@chrisj wrote:
Even then I question if the recruiters do as much as they claim. I worked with a local one in December. After 2 weeks, they said the company wasn’t interested in me. A week later, the internal HR guy for said company called me asking if I was interested.
I would bet there was lack of feedback from HR to the recruiter and that’s…[Read more]
-
partek replied to the topic OSCP V3.0 certificaton available! in the forum OSCP – Offensive Security Certified Professional 10 years, 10 months ago
@MarcusW wrote:
If it’s any issue, I’ve been warned that Core Impact won’t be installed in the new Version 3 XP boxes, which implies it may have been dropped from the syllabus.
I don’t think it will really be missed if it is dropped from the course. The course really only gave an overview of it as a pentesting framework.
-
partek replied to the topic Question for current certified C|EHs in the forum CEH – Certified Ethical Hacker 10 years, 10 months ago
I earned my CEH about 2 years ago and I think it’s a great cert. It really does teach you to think like an attacker and gives a very good introduction to the process of penetration testing/ethical hacking.
If you do earn the cert, I would recommend following it up with the Pentesting with Backtrack and the OSCP certification. I feel like the CEH…[Read more]
-
partek replied to the topic How paranoid has your information security career made you? in the forum Other 10 years, 10 months ago
The more I learn, the more paranoid I become I think. I just finished PWB and learning just how easy client side attacks are really kicked up the paranoia a bit..
-
partek replied to the topic Question about buffer overflow example. in the forum Programming 10 years, 11 months ago
I think what’s being missed here is that you’re not taking input from an external source such as a prompt, a file, or a socket.
The compiler appears to be fixing a logic error for you, which compilers are sometimes good at doing. What a compiler can’t do is protect the program from user input that it knows nothing about if the input isn’t being…[Read more]
-
partek replied to the topic Question about buffer overflow example. in the forum Programming 10 years, 11 months ago
You may not be able to overflow a buffer in code before it is compiled. There’s a good chance that the compiler will try and fix that for you.
Most buffer overflows are triggered by input that comes from an external source such as a prompt on a commandline or commands via a network socket.
When you’re taking input from an external source, if…[Read more]
-
partek replied to the topic Which script language do you prefer? in the forum Programming 10 years, 11 months ago
I typically default to Perl when I need to do something that I can’t do in a simple shell script.
I’ve been been wanting to get a little more into Python and Ruby, but I’m usually in a situation where time is of the essence, so throwing in a new programming language isn’t an option.
I did do a project in Ruby recently and really enjoyed the…[Read more]
-
partek replied to the topic Penetration Testing/Ethical Hacking Labs in the forum Network Pen Testing 10 years, 11 months ago
j0rDy,
Wow, this is a great list. Thanks! I think I’ll start slowly over time building these up.
My labs for PWB expire today(I did the 60 day plan), and really only had 1-3 hours a day at the most(probably skipping a good 15 days) to work on it. If you have at least that much time to devote to it, the 60 day should be fine.
I finished the…[Read more]
-
partek replied to the topic Penetration Testing/Ethical Hacking Labs in the forum Network Pen Testing 10 years, 11 months ago
I definitely wouldn’t expect them to be free. I would totally be willing to spend a little money for the time and effort that someone is spending to maintain a lab.
I’ve seen the de-ice.net/heorot site, and have entertained setting the stuff on there up. I’d just rather spend my limited free time researching, hacking, etc rather than downloading…[Read more]
-
partek replied to the topic [Article]-Review: Penetration Testing with BackTrack by Offensive Security Part 4 in the forum Linn 10 years, 11 months ago
The reviews got me very intrigued with the course so I signed up. I’ve been with the course for 5 weeks now, squeezing in as much time between life and work as I can.
It’s a very interesting course, and has really forced me to think outside the box.
I’m eagerly awaiting the final part of the series so I can have a preview of what to expect from…[Read more]
-
partek replied to the topic Corporate AV Solution in the forum Other 11 years, 3 months ago
We use the McAfee Total Protection Service. Frankly it’s a bit heavy on resources and we’re considering switching to Trend Micro or Panda’s SaaS offering when our McAfee contract is up.
-
partek replied to the topic CCNA Security in the forum General Certification 11 years, 4 months ago
You need to have the CCNA before you can take the CCNA Security. I’m studying for it right now and find that there is a fair amount of basic security knowledge associated with it. It’s mostly covering security architecture and the basics like CIA and risk assessment as well as configuring IOS firewall and using the SDM.
- Load More