What90

@What90 wrote:

I’d offer the advice to read up on hex and packets before hand. This will help  avoid the head crushing pain of attempting to read packets in Hex on day two 🙂

Do you have any good resources for this? I’ve gone through the Wireshark book and have several other TCP/IP books, and there’s always the RFCs. I didn’t know if there were…[Read more]

@What90 wrote:

I’m not too worried about the training being on one particular area, topic or even if you don’t get a nice cert for doing it – as long as it’s excellent plus worth the time and effort.

I’m waiting for Assured Exploitation (http://trailofbits.com/2010/02/25/assured-exploitation-training/) to make its way around my part of town. I…[Read more]

@What90 wrote:

Fair enough sil,I’d imagine the people that hire you in a vested interest in proving if their security is working as expected. I’d be interested to know how many companies take the extra step and purchase the full package.

Almost all companies that have met with my managers, etc., almost always (at least 99%) gone through a full…[Read more]

@What90 wrote:

Having all the latest and great tools is way down the list of requirements.

You seem to be pointint to/referring to/and or confusing a risk assessment not a penetration test.

@What90 wrote:

A skilled professional explains how exploits can be chained to achieve to target in terms for non-it folk to comprehend, this beats automated…

[Read more]

@What90 wrote:

You’ll need to work out on your router how to do port forwarding for inbound tcp 80 to your computer with netcat on it.

This does place a certain risk by opening up port 80 to your machine, so make sure your machine is fully patched before trying this.

I think you may want to go with sil’s advice and set this up at home first and…

[Read more]

@chrisj wrote:

@hayabusa wrote:

I was thinking the suggestion came from the voiceover, but that she said it, herself, also…  I’d have to re-watch, as well.

Voice over: … Although Adeanna says she only uses the her skills for good, sometimes she wishes she didn’t posses them

Adeanna: “It ruins any hope for any relationship”

Oh, I nailed…[Read more]

@What90 – I think that, in general, we agree (as does Ketchup)  The logs you refer to, with regards to bots, etc, are exactly that, logs referring to bots and attempts.  The ones I concern myself with are NOT the bots, but rather, the attacks that not only got past the perimeter, but got to data.

Overall, I do understand your thoughts, and a…[Read more]

@What90 – I’m not suggesting that ALL hackers cleanup after themselves.  In fact, the ones who are in a hurry, and really don’t care, probably don’t even think about covering their tracks.  If they just want quickie data extraction / gathering, they may not care. 

However, the point I was making is that, more often than not, if you truly have vu…[Read more]

@What90 wrote:

These tools are really for an insider threat or an attacker that has been on your system for a while and want to make life a real mess. I don’t see a normal attacker deploying these tools. Why would they bother?

I don’t know how you interpret these tools to be for an insider or an attacker that has been around for a while. Quite…[Read more]

@Equix3n- wrote:

I also saw that ad. Haven’t bought the book but checked its contents on amazon. There’s just something about this book that I’m not comfortable with, but that’s just my intuition.

I looked up the author yesterday, “Reformed” Black Hat hacker. But left leery of it too.

Image of the generic download book, author’s background……[Read more]

@What90 wrote:

Avoid the book and just buy the tee-shirts! 😀

Google the author and then make up your own mind whether to buy the book or any of their services.

I’ll avoid this one and get something a bit more realistic.

After looking at the author’s website and watching some of his videos, I am not very impressed. However, the price on the…[Read more]

@What90 the BEFSR41 is a linksys router, without wifi

I’ve had the WRT54G (wifi model), and saw some of the same problems with the external connection getting flooby when doing lots of traffic (downloading Linux DVD over torrent for example) or when getting port scanned by a bot net. Didn’t have as much problem after I flashed the firmware to…[Read more]

@What90 wrote:

Good work folks, these are excellent courses!

I’m looking forward to the review from very luck person the takes the CTP course.

Me too.

@chrisj wrote:

Wow… Thanks. Really… Co-workers came over to ask if I was ok.

Will definitely do write ups for hear and my blog on the course.

lol

@What90 wrote:

Nicely done dynamik!

That a pretty impressive showing on both exams.

As to the 504 I’d imagine you’d do pretty well, as 560 and 504 have significant cross overs on the tools. The mindset and approach to incident response as the key differentiators.

503 is a very different world and a more intense packet beast 🙂 If you get the…

[Read more]

@What90 wrote:

@ChrisJ

The one and, so far, only worm outbreak I’ve had on my watch at my current workplace cost us a massive amount of effort to lock down and clean up. They (the business) learned the hard way malicious software isn’t just something that makes funny pop up appear and rude noises. We cut off large parts of the network to contain…

[Read more]