+ Reply to Thread
Page 2 of 4 First 12 34 Last
Results 26 to 50 of 90
  1. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,654

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #26
    How are you guys liking the course so far? Does the accent make the videos difficult to listen to?
    Currently working on: Resting
    Reply With Quote Quote  

  2. SS -->
  3. Paper cranes for everyone the_hutch's Avatar
    Join Date
    Dec 2011
    Location
    We all live in a yellow submarine...
    Posts
    804

    Certifications
    BSIT (CNSS 4011, 4012) / Sec+, Net+, CFOI, CEH, ECSA, CHFI, CNDA, CISSP, OSCP
    #27
    Just finished module 3 of 10. Still loving the course. There has not been a single time that I have had difficulting understanding him (and I personally hate dealing with outsourced helpdesks). If anything, it amuses me. I think the part I get the biggest kick out of is that he uses the phrase "curly bracket" (in his indian accent) instead of saying parenthesis.

    First two modules, you don't do much security stuff. Mostly just python fundamentals. But in module three, things have really taken off. Best thing about module three is integrating scapy into python script. This allows you to build and inject packets into a network based on conditional circumstances. I can now write all kinds of scanning tools, man in the middle arp poisoning tools, syn flood tools, smurf and fraggle tools, TCP session hijacking tools, and many others. All of this, based on what I learned in module 3. However, to be clear...he DOES NOT teach you how to program most of the tools that I just mentioned. He teaches you how to integrate packet injection into script. You are going to need a basic understanding of how most packet based attacks work (I learned everything I needed to know here in CEH...and much of it is covered in Sec+ too). Then you have to know how to apply it.

    For example, you need to know that to make a MITM attack, you need to spoof ARP reply packets to your two victims. Or for a syn flood, that you need to select an open TCP port and then continually blast that port with SYN requests from different client addresses, recieve the SYN ACK, but then leave the connection half-open without sending the subsequent ACK reply.

    But once you learn how to inject packets at will, or based on circumstance...the sky is the limit. And once again...I just finished module 3. Can't wait to see what else is in store.
    Last edited by the_hutch; 09-18-2012 at 05:50 PM.
    Reply With Quote Quote  

  4. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,848

    Certifications
    BS-CST CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA CMFF CCO CCPA
    #28
    His accent is actually an advantage I think. It forces him to speak slowly which allows you to follow better then if a native english speaker were giving the course. Or at least that's my opinion anyway.
    WIP:
    MS in Legal Studies - Drexel University
    Mobile Forensics
    Kotlin
    Python
    Reply With Quote Quote  

  5. Member Killj0y's Avatar
    Join Date
    Mar 2010
    Location
    www.agoonie.com
    Posts
    39
    #29
    These are good reviews for the course. I am excited. I am going to sign up in two weeks. I did want to ask and I apologize if this was answered already, what version of python do you guys work in? 2.65, 2.7, 3, 3.1?
    Reply With Quote Quote  

  6. Member datschmo's Avatar
    Join Date
    Feb 2012
    Location
    East Coast
    Posts
    59

    Certifications
    CISSP, Sec+, Net+, A+, MCP & some other usesless certs
    #30
    Quote Originally Posted by Killj0y View Post
    I did want to ask and I apologize if this was answered already, what version of python do you guys work in? 2.65, 2.7, 3, 3.1?
    Suggested environment was 2.7 with some work in 3.
    Reply With Quote Quote  

  7. Member Killj0y's Avatar
    Join Date
    Mar 2010
    Location
    www.agoonie.com
    Posts
    39
    #31
    Thanks for the heads up. That should work.
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Jan 2012
    Posts
    109

    Certifications
    CISSP-ISSMP, CRISC, PMP, GCIH, GCFE, GLEG, CIPM, MCSE, CCNA, C|EH, CNA 5.1, ITIL-F, N+, A+
    #32
    I was thinking about trying this out myself. I am playing around on my own using free resources until I feel comfortable enough with the language and some more free time. I am using 2.7.

    The Python Tutorial — Python v2.7.3 documentation
    Learn Python The Hard Way, 2nd Edition — Learn Python The Hard Way, 2nd Edition

    But after reading this I am excited to get this thing going!

    Thanks!
    Reply With Quote Quote  

  9. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,619
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #33
    I've been looking through the new O'Reilly book Think Python on Safari Books Online. It looks like a very good comprehensive introduction to the Python language and programming mindset for people looking to learn Python from a computer science perspective.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  10. 1337sauce
    Join Date
    Jul 2011
    Location
    Ze South
    Posts
    1,539

    Certifications
    BS, Linux+, Security+, LPIC-1, MCSE Server 2012, MCSE Desktop, MCSA Server 2008, MCTS 70-[415,681], MCTS 74-409, VCA-DCV, Novell CLA/DCTS/CNS, HDI CSR
    #34
    My friend who's a Python/Perl/PHP/everything pro recommended this for Python, he said it's really good:

    Learn Python The Hard Way, 2nd Edition — Learn Python The Hard Way, 2nd Edition

    The HTML version is free. I'm very interested in the SecurityTube course but would like to brush up on Python first.
    Reply With Quote Quote  

  11. Paper cranes for everyone the_hutch's Avatar
    Join Date
    Dec 2011
    Location
    We all live in a yellow submarine...
    Posts
    804

    Certifications
    BSIT (CNSS 4011, 4012) / Sec+, Net+, CFOI, CEH, ECSA, CHFI, CNDA, CISSP, OSCP
    #35
    Yeah, LPTHW is pretty good (excellent for a free resource). I actually used it to supplement my learning with SPSE. But it is by no means a pre-requisite. Vivek's introduction to the basics is very solid.
    Reply With Quote Quote  

  12. Senior Member broli720's Avatar
    Join Date
    Oct 2012
    Location
    Merica
    Posts
    377

    Certifications
    CISSP, CCNA, CCNA:S
    #36
    Hope to start this course after finals in a few weeks. All the reviews I've read have been good and I think this will lay some groundwork for me before I take OSCP. Don't really want to waste my lab time learning python.
    Reply With Quote Quote  

  13. Member
    Join Date
    Mar 2010
    Posts
    90

    Certifications
    Comptia A+, Network+, Security+, CDFE, PDTG-TSS, CISN admin, CSE-TRA, GIAC-GCIH, GMON, SMFE
    #37
    I would like to recommend Violent Python hand book to help with your python scripting course. I have found it to be very useful working with it for the last week. The course is very difficult for me as a beginner programmer. I also did the LPTHW first. This book seems to give me a paper copy of the same code that the instructor uses. It's very handy to watch the videos then look at the book and code. It is virtually the same code but with a few twists. It also has code to download for the book for each tutorial. It also has some serious, serious hacks and security concepts we need to know. Take a look at the table of contents before buying and you will see what I mean.

    So far I am just about at understanding the module 3 marks. I have watched all the videos, but after watching them. I really had to go back to the beginning and start actually learning programming. I have also designed my first text based 20 question and now getting into the loops, threading, sockets and networking ECT. ViVeck has fixed the forums now so they match up. I may have had a part to play in that with some heated venting/Crying.

    I have also purchased an ASUS N66U router to install python on like he describes in module one. I am so excited to get this working. It will be very interesting to program some scripts to run on the router vice the computer.

    Let me know how your course is going.

    Violent Python

    Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers: Amazon.ca: TJ O'Connor: Books
    Reply With Quote Quote  

  14. Paper cranes for everyone the_hutch's Avatar
    Join Date
    Dec 2011
    Location
    We all live in a yellow submarine...
    Posts
    804

    Certifications
    BSIT (CNSS 4011, 4012) / Sec+, Net+, CFOI, CEH, ECSA, CHFI, CNDA, CISSP, OSCP
    #38
    Quote Originally Posted by Jinverar View Post

    I have also purchased an ASUS N66U router to install python on like he describes in module one. I am so excited to get this working. It will be very interesting to program some scripts to run on the router vice the computer.
    You don't need to have a router to connect to Ubuntu Server via SSH (as described in module 1). You can just set up a virtual machine and connect to it with an SSH client like putty.
    Reply With Quote Quote  

  15. Member
    Join Date
    Mar 2010
    Posts
    90

    Certifications
    Comptia A+, Network+, Security+, CDFE, PDTG-TSS, CISN admin, CSE-TRA, GIAC-GCIH, GMON, SMFE
    #39
    You don't need to have a router to connect to Ubuntu Server via SSH (as described in module 1). You can just set up a virtual machine and connect to it with an SSH client like putty.


    the_hutch

    I am not sure if I confused the situation but I know how to connect to ubuntu server via SSH, or any OS for that matter with SSH via putty. What I meant is that I am excited to install python on the router and run my scripts from the router vice computer. I don't think I said anything about SSH and Ubuntu. Can you confirm that’s what he meant? That we can run python on our routers and lets say program our TCP scanners or sniffers to run off the ASUS N66U vice the laptop. Either way I am finally happy I moved from the WRT54G DDWRT to the ASUS. The dark night rises again. The dark night ASUS router I mean haha

    I was mostly trying to recommend the book.

    J:\>
    Reply With Quote Quote  

  16. Paper cranes for everyone the_hutch's Avatar
    Join Date
    Dec 2011
    Location
    We all live in a yellow submarine...
    Posts
    804

    Certifications
    BSIT (CNSS 4011, 4012) / Sec+, Net+, CFOI, CEH, ECSA, CHFI, CNDA, CISSP, OSCP
    #40
    Hmmm...perhaps I should revisit module 1, cause I actually don't recall anything about routing technologies. I just assumed you were referring to the SSH connection because SSH is often used from a remote system. Sorry for the confusion.

    In any case, I just got a copy of Violent Python...haven't gotten a chance to look through it yet, but thanks for the recommendation.
    Reply With Quote Quote  

  17. Junior Member Registered Member
    Join Date
    Dec 2012
    Posts
    4
    #41
    Quote Originally Posted by the_hutch View Post
    Just finished module 3 of 10. Still loving the course. There has not been a single time that I have had difficulting understanding him (and I personally hate dealing with outsourced helpdesks). If anything, it amuses me. I think the part I get the biggest kick out of is that he uses the phrase "curly bracket" (in his indian accent) instead of saying parenthesis. First two modules, you don't do much security stuff. Mostly just python fundamentals. But in module three, things have really taken off. Best thing about module three is integrating scapy into python script. This allows you to build and inject packets into a network based on conditional circumstances. I can now write all kinds of scanning tools, man in the middle arp poisoning tools, syn flood tools, smurf and fraggle tools, TCP session hijacking tools, and many others. All of this, based on what I learned in module 3. However, to be clear...he DOES NOT teach you how to program most of the tools that I just mentioned. He teaches you how to integrate packet injection into script. You are going to need a basic understanding of how most packet based attacks work (I learned everything I needed to know here in CEH...and much of it is covered in Sec+ too). Then you have to know how to apply it.For example, you need to know that to make a MITM attack, you need to spoof ARP reply packets to your two victims. Or for a syn flood, that you need to select an open TCP port and then continually blast that port with SYN requests from different client addresses, recieve the SYN ACK, but then leave the connection half-open without sending the subsequent ACK reply. But once you learn how to inject packets at will, or based on circumstance...the sky is the limit. And once again...I just finished module 3. Can't wait to see what else is in store.
    How much of a security background do you recommend one have before taking the course? I'm fairly new into the IT security / pentesting waters and was thinking that this might be a good/solid intro and foundation. I'm not sure how comprehensive the modules are with regards to explaining the security aspects, but external research would obviously be supplement. Does this sound feasible to you, or would it better to get my feet wet elsewhere (would you recommend having the Sec+ before doing this?) Also, you haven't mentioned the "Online Live Labs' that they list as part of it, have you experienced it yet? It sounds like most of the practice you do is with/against a VM that you set up yourself...? Is there any practice, or place to test the tools you've made, that they provide? (Example: How could you be sure the MITM attack you made actually works?)Thanks for all the current and future info you provide!
    Last edited by Jeordy; 12-25-2012 at 07:10 PM.
    Reply With Quote Quote  

  18. Paper cranes for everyone the_hutch's Avatar
    Join Date
    Dec 2011
    Location
    We all live in a yellow submarine...
    Posts
    804

    Certifications
    BSIT (CNSS 4011, 4012) / Sec+, Net+, CFOI, CEH, ECSA, CHFI, CNDA, CISSP, OSCP
    #42
    Quote Originally Posted by Jeordy View Post
    How much of a security background do you recommend one have before taking the course? I'm fairly new into the IT security / pentesting waters and was thinking that this might be a good/solid intro and foundation. I'm not sure how comprehensive the modules are with regards to explaining the security aspects, but external research would obviously be supplement. Does this sound feasible to you, or would it better to get my feet wet elsewhere (would you recommend having the Sec+ before doing this?)
    This course is NOT a good introduction to security. It has a very brief introduction section on the basics of programming in Python, but that is about the extent of the basics it covers. It assumes you have a decent understanding of security concepts already.

    Quote Originally Posted by Jeordy View Post
    Also, you haven't mentioned the "Online Live Labs' that they list as part of it, have you experienced it yet? It sounds like most of the practice you do is with/against a VM that you set up yourself...? Is there any practice, or place to test the tools you've made, that they provide? (Example: How could you be sure the MITM attack you made actually works?)Thanks for all the current and future info you provide!
    I haven't mentioned the live labs because there are none. Perhaps you are thinking of MSFE (Metasploit Framework Expert), which does have live labs. The best way to test your tools is in your own virtual environment. Get on distrowatch.com to download some linux ISOs. Get on technet and download some trial versions of windows operating system ISOs. Then download VMware Player or Oracle VirtualBox and start getting yourself geared up for testing.
    Reply With Quote Quote  

  19. Junior Member Registered Member
    Join Date
    Dec 2012
    Posts
    4
    #43
    Thanks for info, I was thinking it might be a bit too involved for an intro after reading into it a bit more.

    About what "level" do you think would be a good point to be at to do this? The rough roadmap I've gauged from reading around the forum seems to be:

    A+
    Network+
    Security+
    MCSA:S
    MCSE:S
    CEH
    SSCP
    ...

    So do you think inserting this class into the path after Security+ would be a good spot, or...?

    Thanks again!
    Reply With Quote Quote  

  20. Paper cranes for everyone the_hutch's Avatar
    Join Date
    Dec 2011
    Location
    We all live in a yellow submarine...
    Posts
    804

    Certifications
    BSIT (CNSS 4011, 4012) / Sec+, Net+, CFOI, CEH, ECSA, CHFI, CNDA, CISSP, OSCP
    #44
    Assuming you actually get a solid grasp of most of the concepts covered by Security+, I'd say you should be good to start SPSE.

    Also, a side note...your road-map for career progression should be unique to you and your interests. There are very few certs that require others as prerequisites. Pursue what interests you and make your own path. Good luck man.
    Reply With Quote Quote  

  21. Member
    Join Date
    Nov 2011
    Location
    UK
    Posts
    49
    #45
    Hi Guys,

    I have picked this course up over the weekend. Got the link for the forums and download for it today. Excited to start this as I have wanted to learn Python for couple of years now.

    I will be integrating this with my Checkpoint and Juniper training ( work related) in the new year.

    Cheers
    Chard
    Reply With Quote Quote  

  22. Junior Member
    Join Date
    Feb 2010
    Posts
    6
    #46

    Default Spse

    Honestly,

    This is a 'very' tough cert. I have a CCNA, CCNA-Sec, CCNP, CCNP-Sec(secure v1) & have read ccnp firewall, CISSP. This by far is the toughest because its practically starting over from the beginning if you're not a coder. What I have done to get to module 3 and understand what I'm doing, is this.

    1) python the hard way
    2) Python CBT Nuggets
    3) stackoverflow
    4) trial and error (probably would rate this the first)

    If you dont come from a scripting background expect to spend a few months just trying to figure out the mechanics of the language. On module 2 he gets into threading and Queues. For me this was the most complicated thing to figure out. I think once you 'get it' the course becomes a lot easier.



    I'd say the pre-requisites besides understanding basic scripting is probably the security+ cert. He expects you to understand basic concepts such as what a port-scanner, a firewall, man in the middle attacks, tcp/udp is... you know basics of security.


    Regards

    Blake
    Reply With Quote Quote  

  23. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,848

    Certifications
    BS-CST CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA CMFF CCO CCPA
    #47
    I'm jumping back into the course now. I been talking with a buddy at work and realized I haven't done a cert in about four years. Also, with me hating my job a bit more then normal I know I need to get moving on something. This probably won't net me a job, but I need to accomplish something. My time line is to have it complete by April (which is when I start my Masters). I've been working through Code Academy, have LPTHW, and also purchase Violent Python which appears to correspond very well with the course. I figure with all of that and a lot of hard work/side research I can accomplish my goal. From there I plan to delve deeper into Python. I'll keep everyone up to date on my progress!
    WIP:
    MS in Legal Studies - Drexel University
    Mobile Forensics
    Kotlin
    Python
    Reply With Quote Quote  

  24. Paper cranes for everyone the_hutch's Avatar
    Join Date
    Dec 2011
    Location
    We all live in a yellow submarine...
    Posts
    804

    Certifications
    BSIT (CNSS 4011, 4012) / Sec+, Net+, CFOI, CEH, ECSA, CHFI, CNDA, CISSP, OSCP
    #48
    I purchased violent python as well. It helps a lot. I don't know if I'm ever actually going to take the exam for this though. I think I'll probably start OSCP before I ever get comfortable enough with the content to take the exam.
    Reply With Quote Quote  

  25. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,848

    Certifications
    BS-CST CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA CMFF CCO CCPA
    #49
    Violent Python is pretty good, but they do move really really fast. I just finished the first chapter and if it wasn't for the limited programming background I have I would have been lost (coupled with the Python I've already reviewed). I definitely want to take the cert though as I think it will definitely be worth something.
    WIP:
    MS in Legal Studies - Drexel University
    Mobile Forensics
    Kotlin
    Python
    Reply With Quote Quote  

  26. Paper cranes for everyone the_hutch's Avatar
    Join Date
    Dec 2011
    Location
    We all live in a yellow submarine...
    Posts
    804

    Certifications
    BSIT (CNSS 4011, 4012) / Sec+, Net+, CFOI, CEH, ECSA, CHFI, CNDA, CISSP, OSCP
    #50
    I think that it will be worth something in the sense that it is an obscure certification, which makes for a good talking point in an interview...and gives you a good opportunity to sell yourself. But definitely not the type of certification that I would expect many recruiters will be hitting you up for. This may change though, once its had a little more time.
    Reply With Quote Quote  

+ Reply to Thread
Page 2 of 4 First 12 34 Last

Social Networking & Bookmarks