SOCNET

Go Back   SOCNET: The Special Operations Community Network > Areas of Expertise > Technology and Communications

Reply
 
Thread Tools Display Modes
  #101  
Old 6 January 2018, 21:05
MountainBum's Avatar
MountainBum MountainBum is offline
Vivat Fraternitatis
 
Join Date: Apr 2004
Location: OCONUS
Posts: 877
Quote:
Originally Posted by Broadhead View Post
Has anyone here tried out any of the new online training sites? I've recently starting using Udemy's "ethical hacker" course. I got it for $10 and I can't really complain. Just wanted to know if more experienced folks have tried it and what they think
A few years back when I was studying for my Security+, I used a series of videos from a guy called Professor Messer. As a visual learner it helped me out a great deal. CBT Nuggets also has awesome tutorials on Kali Linux / etc.
Reply With Quote
  #102  
Old 7 January 2018, 16:28
Atrax's Avatar
Atrax Atrax is offline
Confirmed User
 
Join Date: Sep 2005
Location: CONUS
Posts: 356
Quote:
Originally Posted by CV View Post

CompTIA Security+: This is considered an entry-level certification, but it provides a really solid foundation that will build into other areas. If you are green to the field, start here. If you have no prior IT knowledge, look at their A+ and Network+ certifications (not required to pass Security+ though).
I would second this for others (like myself) who are very, very new to this stuff. I have no illusions about practical applications of this certification, but studying for/passing the test was a great learning experience for me.
Reply With Quote
  #103  
Old 8 January 2018, 15:21
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
Excellent. Congrats on starting down the path.
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #104  
Old 8 January 2018, 16:53
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
Thumbs up

Quote:
Originally Posted by Atrax View Post
I would second this for others (like myself) who are very, very new to this stuff. I have no illusions about practical applications of this certification, but studying for/passing the test was a great learning experience for me.
To add, while you may not have gained practical experience, I know you can explain to me the difference between symmetric and asymmetric key cryptography, and network protocols that may be insecure. This is a solid start that will help on your journey. Even if you end up in a non-cyber related IT role, you now have a credential that shows you have an understanding of security.
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #105  
Old 10 January 2018, 23:33
SVDuckman SVDuckman is offline
Confirmed User
 
Join Date: Jul 2007
Location: US
Posts: 124
I haven't posted in a long time. If I need to reintroduce myself then I can, just let me know.

I'm currently working as an Air Reserve Technician at my ANG base. I'm an IT asset manager and I'm trying to get into a more technical position. I plan on taking some of the advice in this thread and applying it to get a more technical position.

I also teach at a for-profit school part-time to keep my skills relevant. I talked the school into sponsoring a team for an upcoming CTF in our area. We teach to the Sec+ objectives in our Intro to Network Security Fundamentals course (my current class) and I'm wondering what advice you could give me to as to what to do to prepare these students for the event.

So far we have covered some of the stuff on overthewire.org. Any advice you could give me would be greatly appreciated. Thanks!
Reply With Quote
  #106  
Old 11 January 2018, 06:54
Paul85 Paul85 is offline
I am Johan
 
Join Date: Aug 2013
Location: Gdynia, Poland
Posts: 1,270
Nice to read about how our IT security peers from across the pond are fighting with the usual dilemma of certificates, experience, landing a good gig etc. I'm a DLP/MDM/CF guy, BTW.
Reply With Quote
  #107  
Old 11 January 2018, 08:40
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
Quote:
Originally Posted by SVDuckman View Post
...I'm wondering what advice you could give me to as to what to do to prepare these students for the event.
Security+ won't help for a CTF. Pick up some resources for CEH if they are green to offensive-based exercises. They'll want to learn topics such as port scanning and vulnerability identification.
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #108  
Old 11 January 2018, 21:05
SVDuckman SVDuckman is offline
Confirmed User
 
Join Date: Jul 2007
Location: US
Posts: 124
I absolutely agree that Sec+ won't help for a CTF. These students are just beginners and the CTF promises challenges for all levels so we decided to compete. I'm working on some stuff with them now so we'll see how it goes.

Thanks for the info CV!
Reply With Quote
  #109  
Old 11 January 2018, 21:51
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
Quote:
Originally Posted by SVDuckman View Post
I absolutely agree that Sec+ won't help for a CTF. These students are just beginners and the CTF promises challenges for all levels so we decided to compete. I'm working on some stuff with them now so we'll see how it goes.

Thanks for the info CV!
You're a great teacher. I learned more from CTFs than I ever did from a course!
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #110  
Old 29 January 2018, 19:40
SVDuckman SVDuckman is offline
Confirmed User
 
Join Date: Jul 2007
Location: US
Posts: 124
I just figured that I would update how the CTF went this past weekend. We didn't win and we didn't expect to. However, there was stuff that we did during the event that reinforced what I have taught in class (command injection, directory traversal, SQL injection). Then there was stuff that we had no idea what to do so we relied on google quite a bit.

There was quite a bit of collaboration between teams. For example, one of the teams that ended up in the top 10 asked for our help on solving a challenge to find a flag inside an mp3 file. One of my students solved it by remembering an article he read about running a game soundtrack through a spectrometer to unlock easter eggs. He did the same thing to the provided mp3 file and we found the flag that way. My student explained it to the other team and then the other team taught them how to do Linux command injection to solve a challenge.

It was great and it made them hungry to learn even more and that is probably the best thing they got out of the entire weekend!
Reply With Quote
  #111  
Old 29 January 2018, 20:16
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
CTFs are just technical puzzles. They're great at learning the ropes, but also satisfying when you get something to pop. Folks with a background in investigation also find them satisfying. I know a person that has 15 years in Law Enforcement and really does nothing related to technology in the course of his day. He's a cybersecurity hobbyist and attends CTFs for fun.
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #112  
Old 3 February 2018, 15:28
Atrax's Avatar
Atrax Atrax is offline
Confirmed User
 
Join Date: Sep 2005
Location: CONUS
Posts: 356
I'm enjoying OverTheWire so far, but definitely struggling even at Level 5. But it's been a good, kinetic learning experience.
Reply With Quote
  #113  
Old 3 February 2018, 23:50
BOFH's Avatar
BOFH BOFH is offline
I aim to misbehave
 
Join Date: Jul 2004
Location: \\Gibson\garbage
Posts: 4,251
Quote:
Originally Posted by Atrax View Post
I'm enjoying OverTheWire so far, but definitely struggling even at Level 5. But it's been a good, kinetic learning experience.
That's one of the first things I direct people to once they have the basic book knowledge and want to start putting hands on a keyboard.
__________________
"...for those who man the battle line, the bugle whispers low, and freedom has a taste and price the protected never know..."


While true:
Continue
Reply With Quote
  #114  
Old 4 February 2018, 16:02
Atrax's Avatar
Atrax Atrax is offline
Confirmed User
 
Join Date: Sep 2005
Location: CONUS
Posts: 356
Quote:
Originally Posted by BOFH View Post
That's one of the first things I direct people to once they have the basic book knowledge and want to start putting hands on a keyboard.
As per usual, I seem to have gotten that order backwards haha.
Reply With Quote
  #115  
Old 5 February 2018, 23:35
BOFH's Avatar
BOFH BOFH is offline
I aim to misbehave
 
Join Date: Jul 2004
Location: \\Gibson\garbage
Posts: 4,251
Quote:
Originally Posted by Atrax View Post
As per usual, I seem to have gotten that order backwards haha.
Lol...don't take my words for gold, man...it's taken me a decade to get to where I am...so while I think my advice is good, other people's advice could well be far better.
__________________
"...for those who man the battle line, the bugle whispers low, and freedom has a taste and price the protected never know..."


While true:
Continue
Reply With Quote
  #116  
Old 13 February 2018, 19:13
Atrax's Avatar
Atrax Atrax is offline
Confirmed User
 
Join Date: Sep 2005
Location: CONUS
Posts: 356
On that note, any suggestions on a good "book knowledge" source to pair with OTW?
Reply With Quote
  #117  
Old 19 February 2018, 19:29
SVDuckman SVDuckman is offline
Confirmed User
 
Join Date: Jul 2007
Location: US
Posts: 124
Quote:
Originally Posted by Atrax View Post
On that note, any suggestions on a good "book knowledge" source to pair with OTW?
I've only tackled the Bandit and Natas levels but most of those were geared towards the Linux shell. If you don't have a working knowledge of the shell then I would use the "man" pages or watch some YouTube videos.

I just started PicoCTF because a friend of mine recommended it to me. It's geared towards high school students but I have found it to be fun. It is a jeopardy style CTF like the one we just competed in.

On that note I'm looking to get into something more technical. I'm reading this thread and I'm keeping my eyes open but I have the entry level certs (A+ and Sec+).

The school I'm teaching at will buy me a voucher for any CompTIA test. If you were in my shoes, what cert would you recommend next? I'm looking to stay in the realm of cyber security. Any info is appreciated. Thanks!
Reply With Quote
  #118  
Old 19 February 2018, 21:02
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
Quote:
Originally Posted by SVDuckman View Post
On that note I'm looking to get into something more technical. I'm reading this thread and I'm keeping my eyes open but I have the entry level certs (A+ and Sec+).

The school I'm teaching at will buy me a voucher for any CompTIA test. If you were in my shoes, what cert would you recommend next? I'm looking to stay in the realm of cyber security. Any info is appreciated. Thanks!
Go get your CEH. That will give you next step before getting into some of the fairly fun certs for penetration testing and exploitation.
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #119  
Old 19 February 2018, 23:20
SVDuckman SVDuckman is offline
Confirmed User
 
Join Date: Jul 2007
Location: US
Posts: 124
I have a book on the CEH test. How would you recommend going about preparation? Would you try the "bootcamp" style or would you be comfortable self-studying? I'm of the mind that I can learn anything if my google skills are up to snuff. What do you think? I'm going to have to save up for it regardless since the voucher is so expensive.
Reply With Quote
  #120  
Old 20 February 2018, 05:52
HighDragLowSpeed's Avatar
HighDragLowSpeed HighDragLowSpeed is offline
Been There Done That
 
Join Date: Dec 2006
Location: Only Place For Me
Posts: 5,170
Not likely the popular opinion here but....

1. There is a lot more to cyber than pen-testing. Actually, pen testing is just a fairly narrow slice of the pie that answers the question, "can someone get into my network using some set of known tests?". Pen tests don't answer the question, "has the network already been breached?". The results of a pen test only provide a list of things to work on and not a state of compromise of your network. That said, even many pen testers don't understand the difference.

2. Most pen testers suck technically. The majority are good at physical access/social engineering to gain credentials. While still exposing many valid vulnerabilities, this approach is completely antithetical to the far more technically oriented approaches in any of the recent majpr breaches (home depot, Target, OPM, you name it). Pen testers generally succeed because most organizations either are focused on the perimeter, think that adherence to compliance frameworks alone is "good enough", or they just are woefully unprepared.

My opinion is that a pen tester won't be able to add value to a defensive security program until they are able to demonstrate two things (A) the ability to execute a kill chain that doesn't start with social engineering and (B) have a deep understanding of the artifacts/indicators that their activities leave behind both on the machines they compromise and other machines to which they want to laterally move. While it seems obvious in theory, that's a fairly rare find in practice.

My suggestion is understand where pen testing fits and be good at it enough to understand how to take what you know to make tangible technical improvements to a security program. Otherwise, it's just a cert...and, gawd knows, we have a bijillion of those running around.
__________________
"I know of no country in which there is so little independence of mind and real freedom of discussion as in America." - de Tocqueville, 19th century

God made machine language; all the rest is the work of man.

Last edited by HighDragLowSpeed; 20 February 2018 at 06:00.
Reply With Quote
Reply

Thread Tools
Display Modes

Our new posting rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -4. The time now is 01:53.
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2018, vBulletin Solutions Inc.
Socnet.com All Rights Reserved
SOCNET 1996-2018