September 20, 2017

Almost there and Road Maps

I am still working my way through the OSCP. It's really tough to achieve any certification while you're working full-time. And it's tough to afford any certification when you're not.

The material is not that tough. Getting through the exercises is grueling. It's a lot of work and not as fun as working the lab and compromising machines. But it's worth 40 hrs of CPE credits and 10 points on the exam if you write up and submit the exercises and lab pentest. I'm sure those extra 10 points are going to be helpful and I'm going to thank myself for pushing through this when I sit in front of the computer at test time.

From previous self-study - I know when I'm not yet ready. And at this point, I'm not yet ready. Another benefit of my study experience is that I know how to detect my weak areas. I have two weak areas where I need more practice and I am facing and accepting it. Now I need to find the motivation to work hard at those areas and build strength. I will never tell anyone it's easy - because it's not. But it is worth it. That will have to do.

So to motivate myself a bit, I decided to finally get another tattoo. As a reward for plowing through this course, I am going to get a Kali Linux Dragon...

I'm thinking of getting it on my upper arm. Not too radical. Simple in design. And signifies an accomplishment.
So now I HAVE TO pass that test...

The scooter is doing well and I'm riding it all over. I've only had it for 2 months and I've already put over 200 miles on it. As the Starks say, "Winter is coming." So I'm riding now before it gets too cold. It's a joy and it really does get about 120 miles to the gallon. Saving a lot of gas with short trips around town (that's my excuse and I'm sticking to it).

And about the road map... Since my background is in networking, I've recently been asked a number of questions (from security folks) about authentication, authorization and accounting on network devices. It made me realize that not all security people know about network devices. So I spun up a short PowerPoint presentation on the topic. Hopefully this may be useful to someone. It's short (11 slides total) and doesn't go into too much detail, but gives an overview of the topic and can at least guide you enough to ask the right questions. Enjoy.

Posted by BlueWolf on September 20, 2017

August 17, 2017

OSCP Update and other FUN

I'm still working on the OSCP. Yes, it's very fun. Well, getting a shell is fun. But I also want the 40 credits for this course - so I have to complete all the exercises and submit them with a pentest report for the lab. AND I will have to write and submit a pentest report for the exam. That is a lot of work.

The exercises are really good. They force you to learn things (if you don't already know them) in order to complete the exercises. And - the information you obtain in those exercises is needed to exploit the devices. So you're going to have to do the work anyway - it just takes more time to document it.

Do not expect to be spoon-fed. They really just "introduce" you to the tools. You have to do a lot on your own in some cases to really learn how to use the tool well. And in many cases, you just have to practice to get good.

It IS an expensive course. And it can be more expensive than necessary if you try to do this while working full time. I wish I had taken this course between jobs. But when you're not working, it's difficult to justify the expense. And when you're working, it's difficult to find the time.

Now for the other fun... I bought a scooter!

It is so much fun. It's not the motorcycle that I wanted.... but I still don't have a place to put that motorcycle. So for now I'm riding my scooter. Yes, I'm wearing a helmet. And I already took a motorcycle safety course. It doesn't go over 35, so I won't be going on any highways. And it gets absolutely fantastic mileage!!!

In case you're wondering - you don't need a motorcycle license to ride it. You do need a regular driver's license. And you need insurance to get tags. And because you have tags, you are allowed on the road. Legally. Speaking of legal - in RI only the passenger is required to use a helmet. I still use one. And this is a one-person scooter. No passengers. So I don't have to worry about whether or not I'm comfortable with it - it's already a "no" by design.

As far as the scooter itself - it's really easy to ride. It's an automatic, so I don't have to worry about shifting. And the takeoff is really gentle. No quick jerking forward on takeoff. I finally re-filled the gas tank yesterday. It took 0.5 gal (and I had already gone about 65 miles). The specs say the tank holds about 1.5 gal > so when it says E don't panic, you still have a way to go... I re-filled as soon as it got close to E because that's what I do with my car.

There's a lot of room under the seat for storage. And you can put stuff on the back rack. If that's not enough, there's also a hook to hang a bag on (but that will limit your foot space). Oh, and don't forget the little pocket for a water bottle. So if you use this for errands, it can handle quite a bit. I find I'm doing quite a few errands lately. As I'm out getting experience - since I'm going in this direction, I might as well....(fill in the blank). Got my watch battery replaced, picked up milk, groceries, etc.


Posted by BlueWolf on August 17, 2017

May 19, 2017

OMG What fun!

So now I've been in the course/lab for a little bit and I have to admit it's pretty fun. I'm learning a lot more on the keyboard than 10 books combined. It's like giving an archeologist their own dig site. It's a great place to practice, practice, practice. Explore, test and document in a place that was built specifically for that purpose.

So here's what I can tell you about what I've learned. Don't worry about the amount of time you buy. You will probably get to a certain point - and then schedule the exam. And if you would happen to pass, you don't "lose" the lab time. It's still yours to use. So why would you use it? Because it's FUN... it's a challenge. Apparently there are a few devices that are particularly difficult. The exam challenges you to a certain level. The lab is practice to prepare you for the exam. And you don't have to get all the devices to get to the level that you need to pass the exam. So from what I'm hearing - you will probably take the exam with some devices still not compromised.

This course does make you THINK. It's definitely not a "spoon-fed" type of class. They will lead you to the tools and you have to figure out how to adapt them to your situation. The videos are really good. They don't cover everything that you will encounter, but what they do cover is well done. He makes it look and sound soooo easy. And in reality, it is that easy (once you know how).

Posted by BlueWolf on May 19, 2017

May 06, 2017

The Excitement Builds

OMG - today is the day! This evening I finally get the email that gets me into the OSCP Pentesting with Kali course. I have been wanting to take this course for years. When I first saw it, it was "Pentesting with Backtrack" - so that tells you that this has been on my wish list for some time.

It was the delay in CCIE Security materials that really pushed this one to the top of the list. I had planned to take it after the written and before the lab. Now, I'm just going to go for it. By the time I finish, more materials will be available for the CCIE (I hope).

When you sign up for this, be aware that it's going to take some time before your class starts. Yes, you sign up for a specific "class" - and I use this term in the programming sense of the word rather than the educational sense. This is apparently based on the number of people in each lab group. You really have to keep up with this - since links are only available for a limited amount of time.

When I clicked on the buttons to register, I got an email to click another link to "continue" registration. It was only valid for 72 hours. [I'm guessing this is to validate the email address used for registration.] Once I continued my registration, I was emailed a link to download the components of the connectivity test and quite a bit of information about the course. "Your seat will be confirmed and scheduled after payment has been received." Yeah, you would think that you can just click and pay. Not so fast. "Before submitting the course fees, please be sure to test the connectivity to our labs to see that the connection is satisfactory and that your response time is reasonable." That part now seems pretty funny. The only way to get to the payment page is through the vpn connection. Also note that you have only 48 hours to complete this testing and submit your payment.

And then you wait.

Now the waiting is over. I'm really excited about this - it sounds like fun. Basically, there are some videos on each topic - along with some lab exercises. I'm very familiar with a remote lab environment which I have been using at INE for CCIE studies. Labs are fun. I wasn't really sure about what kind of time I was going to need for this. Most people are saying they needed 60 days. But then again, most people taking this are early in their IT careers. And I'm not sure how my life/obligations are going to allow me adequate time for lab practice. So I signed up for the 30 day lab. I think by the first two or three weeks, I should know if I need to extend it for 30, 60 or 90 days. The cost savings for grabbing 60 days initially versus 30 days were not that large. My excitement may be adequate to get me through this quickly.

Not that I'm rushing. And not that I'm thinking this should be easy. It's supposed to be tough. And I'm hoping to learn quite a bit from this. And, no, I'm not wanting (at this point) to go into PenTesting as a career move. I'm actually wanting to take this so I can more fully participate in CTF exercises. And if you're taking this thinking that you're going to get CPEs from it - you have to submit the pentesting reports or pass the pentesting exam to get those points. I'm already prepared and set up to submit the lab and exam reports. Now just to add the exploit details and submit...

Posted by BlueWolf on May 06, 2017

May 04, 2017

More Free Training

OMG I love free training. Granted, I spend some serious $$$ on a number of various training sites. So when I can grab some training for free, I jump on it. And this one is open to everyone!

The free training is on the Qualys site. You can use your favorite search engine to find it. There are some caveats to this training, so I thought I would share.

When you go to their training site, you can click on a choice of:
VM - Vulnerability Management
PC - Policy Compliance
WAS - Web Application Scanning
AV TP - AssetView & ThreatPROTECT

(Note VM is a pre-requisite for AV TP)

It's pretty obvious that you click on the Enroll button. And that brings you to a page where you can download the slide deck and lab exercises. The enrollment is supposed to kick off an email for access to the lab area. It's not that reliable (especially if you use your work email address - it could be filtered or go astray). Writing to the training address does produce results - they respond within a reasonable time frame.

So the first thing I ran into is that there are no videos there! You see mention of the videos, but it took a while for me to find them. They are actually in the "Qualys Community" section:

Once you watch the videos, read through the slide deck, and practice the lab exercises, you can take the exam.

These exams are open book exams. You can have multiple browsers open and there is no time limit. There are 30 questions, no time limit and you are allowed 5 attempts at each exam. The passing score is 75%. Once you pass the exam, you get a downloadable (.pdf) certificate. The course is worth 8 hours (for those needing CPEs).

You may need multiple attempts at the exam. They "claim" that there is no time limit, but I have found that the testing engine is quite unreliable. One attempt at the exam - I got to the last question, clicked "submit," and received a "Maintenance" page. [Okay, so it was late on a weekend night.] Once you submit a question, you can't go back - so when I got the Maintenance page, it wasted an attempt (and my time). I tried again the next day (when the site was back up) and got to question 29 - I clicked "submit" and got an "ooops, we can't find that page" error message. Yet another attempt wasted. And the questions I had answered to that point were never scored. It was frustrating. However, I stuck with it and took the test again. That time it worked (and I made sure I didn't dawdle on any of the questions).

So now I'm Qualys certified in Vulnerability Management and Web Application Scanning. (Two down, two to go.)
For free.

If you're not the type to self-study, they also have in-person and online web classes that you can take. They are in multiple time zones and countries around the world. Good luck and keep studying. This time for free!

Posted by BlueWolf on May 04, 2017