Full Disclosure mailing list archives
Re: Training & Certifications
From: <id3nt () hush com>
Date: Sun, 4 Apr 2004 08:21:37 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Letters after a name are just that, letters. Anybody can take tests, spend countless hours in a classroom but at the end of the day not retain a single thread of information. We'll use Curt as the example here as he seems to have a lot of letters. Curt, you didn't define the case scenario for the first thing you do on a windows box. One would hate to reboot a box and lose any valuable evidence of an intruder or otherwise incriminating material. Depending on the circumstances: One might, make a complete copy of the the system Unplug it from the network Curt, it sounds like you come from an extensive background in computer building and repair. Just look at the letters after your name, MCSE+I, CNE, CCDA .... While I've never actually attempted the following "only because the guys in the company don't give me the authority to do so" Setup a system with vulnerabilites known to you only. When interviewing potential Security Experts, Hackers or thiefs ask them to either A. Penatrate the box B. Secure the Box C. Perform Digital Forensics D. Throw it out the window Don't limit interviews to an hour or two when hiring for the above mentioned positions. And finally, try networksthatknow.com fuckcisco.com This has been a public service announcement from your friendly .................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
Like the ones behind my name ;) Actually the one I've always wanted,
CCIE, I'll likely never get because of the time and resources you need to dedicate to it."What is thefirst thing you do with a Windows box and the last thing you do with a *NIX box when you have trouble?" Answer: reboot.In the real world, rebooting a Windows box isn't the first thing you should be doing.Oh contraire, the first thing we do when we go onsite to work on windows box is ask my client to reboot it first, particularly if it is a server,
as occassionally they they do not come back up, and we do not want to be blamed just because the OS is unstable (we have never had a problem with *NIX or Netware, or AS/400 for that matter). Also 90% of the time, that simple rebooting fixes the problem they had (again attributal to a flaky OS). Of course if this is a production that is still online and working, we arrange to do this off-hours. This is the reason all our in-house servers are UNIX and Netware and 90% of our desktops are Linux (I prefer SuSe from a security standpoint.) Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- White House cybersecurity adviser Richard Clarke _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
-----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.3 wkYEARECAAYFAkBwUiQACgkQIgPmhDwqbfQkJACgmYTbaC+WW4rrAtqSTBBQDIEDdYMA oI/p64QT6hWvt1/07cCwjRZFvCYn =WU3X -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger https://www.hushmail.com/services.php?subloc=messenger&l=434 Promote security and make money with the Hushmail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Training & Certifications, (continued)
- Re: Training & Certifications Exibar (Apr 05)
- RE: Training & Certifications Laura Taylor (Apr 06)
- Re: Training & Certifications Exibar (Apr 06)
- RE: Training & Certifications Bojan Zdrnja (Apr 05)
- Re: Training & Certifications Valdis . Kletnieks (Apr 05)
- RE: [inbox] Re: Training & Certifications Exibar (Apr 05)
- Re: Training & Certifications Dave Aitel (Apr 03)
- RE: [inbox] Re: Training & Certifications Curt Purdy (Apr 04)
- Re: Training & Certifications John Sage (Apr 05)