Security Basics mailing list archives
Re: About to start PWB - Any tips?
From: "fl3xu5" <fl3xu5 () gmail com>
Date: Thu, 21 Jun 2012 01:03:23 +0000
PWB is very difficult course but it's very awesome and challenging. The most important thing is you must know the pentest methodology. Because in the course you have to test every machine. The course has many exercises lab. And it's really make you "try harder" :) -----Original Message----- From: Jonathan Leigh <dantevios () gmail com> Sender: listbounce () securityfocus com Date: Wed, 20 Jun 2012 13:02:09 To: Alex Dolan<dolan.alex () gmail com> Cc: <security-basics () securityfocus com> Subject: Re: About to start PWB - Any tips? I have taken this course and what I have to say about it is be prepared. This course is difficult and it is meant to be. Do not expect any help solving anything from anyone. Learn how to do things manually because using automated tools is not allowed (for the most part). The most important advice I have is DO YOUR HOMEWORK. Do the labs. Hack every machine in the lab and make sure you really know what you're doing and how to break into them. There are surprises on the test that you will not anticipate. Surprises that are not taught in the course material that you will have to think on your feet to figure out how to solve them. I will not give away any of the solutions so do not ask for them. Just be prepared to practice, practice, practice and devote a lot of your time to doing some hardcore hands on hacking. Myself and another person I know that is a pentester for a living have both taken the exam and failed. It is not that we're dumb, it is just that the exam is that difficult. I went into this course having done a few capture the flag events and having a computer science degree where I specialized in computer security and I thought it would be a cakewalk given the material gone over in the class. The test is almost as hard as defcon qualifier puzzles, but not as easy as hack.lu capture the flag puzzles. Don't underestimate the people at offensive security. If you want a taste for how devious they can be with their puzzles you can look up the How Strong is your FU? Competition solutions (I have a post about it on my blog http://www.dantevios.com) or the hackers for charity event they did. I hope that this information helps you realize how serious this course is and the work that you will have to do in order to earn the PWB certificate. It is a tough certificate to achieve and I have great respect for those that have earned it. On Wed, Jun 20, 2012 at 3:32 AM, Alex Dolan <dolan.alex () gmail com> wrote:
Hey guys I'm about to embark on the Pentesting With Backtrack course and was after any tips any one can give me. I'm fairly new to hacking and this will be my first training experience with it. I'm pretty self-sufficient with Ubuntu and know my way around Windows okay. Any areas I should be focusing on and brushing up before receiving the study materials? What do you recommend for hardware? Should I use a laptop and keep the same install running with me or will it be fine to move between home and work while I'm doing it and using a service like Dropbox to store my files and stuff? How much space should I allow for the BT5 partition? Thanks for any advice you can give. -Al ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
-- -- Thank you, Jon Leigh ========================================================== GPG/RSA Public Key: http://www.dantevios.com/rsagpg-public-key/ Email: Dantevios () gmail com Website: http://www.dantevios.com Facebook: http://www.facebook.com/dantevios Twitter:http://www.twitter.com/dantevios Gtalk: Dantevios () gmail com ICQ: 577683269 AIM: Dantevios MSN: Dantevios () hotmail com Yahoo: Dantevios () yahoo com Skype User: Dantevios Skype #: 662-524-3653 ========================================================== ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- About to start PWB - Any tips? Alex Dolan (Jun 20)
- RE: About to start PWB - Any tips? Nick Schroedl (Jun 20)
- RE: About to start PWB - Any tips? Jimmy S. Mejia (Jun 20)
- Re: About to start PWB - Any tips? Jonathan Leigh (Jun 20)
- Re: About to start PWB - Any tips? fl3xu5 (Jun 21)
- Message not available
- Re: About to start PWB - Any tips? Alex Dolan (Jun 21)
- Re: About to start PWB - Any tips? Vedantam Sekhar (Jun 21)
- Re: About to start PWB - Any tips? Rob (Jun 21)