What next?

There is no doubt that if you are thinking of going for the GPEN or OSCP, you will have to bring your Linux skills up to date. As for saying wether Linux skills are critical, it really depends of your environment but it's always nice to have when you work in security.

There is so many tools written for Linux in term of hacking, pentesting, security auditing, forensics, .... that you would beneficiate a lot from having a sound linux knowledge.

You will find out that Linux has got "easier" than the last time you used it, I too remember installing it from spanned diskettes and having to modify drivers to get everything (or was it anything?) working

Nowadays, I use Ubuntu mainly because Backtrack is based on it and that is my OS of choice when I do any kind of security audit.

Just download Ubuntu, install it on a VM, and you will able to play with it and see how much more user friendly it is than a few years ago.

Yea, I'd definitely beef up your linux skills. The other day, I made a shell script that went through my gn.map file and did a bunch of banner grabbing for me. Saved me a load of time. While you can definitely do similar things with Windows (and gnuwin32), I'm definitely partial to Linux for that type of thing. I use Windows 7 as my desktop OS and have done 15+ MS exams, so I'm far from being biased towards Linux

I think you'd be selling yourself short if you are trying to be a security professional (especially pen tester) and aren't competent with Linux. You don't need to master every little thing. There are some guys here (whom I really respect) that are masters of configuring Apache, Bind, etc. However, I really don't need to get too in-depth with any of that. Understanding the file system, permissions, users/groups, common configuration files, and common utilities, and basic scripting will take you a long way.

YMMV though; maybe you want to be a Bluehat. It's really up to you to define what your goals are and take the necessary steps to achieve them.

In case you're interested, this has been my favorite Linux book thus far: Amazon.com: Practical Guide to Linux Commands, Editors, and Shell Programming, A (2nd Edition) (9780131367364): Mark G. Sobell: Books

If you don't mind me asking, what was your experience leading up to the CISSP and what did you use to prepare? I'll be taking a stab at it in four months or so.

Edit: Broc you cheater! No GUI allowed while learning!

dynamik wrote: »

Edit: Broc you cheater! No GUI allowed while learning!

hehe, well I was trying to be nice and not discourage him before he even started

dynamik wrote: »

Amazon.com: Practical Guide to Linux Commands, Editors, and Shell Programming, A (2nd Edition) (9780131367364): Mark G. Sobell: Books

Can you tell me a bit more about the content of this book? It could the book I am looking for, I rate my Linux skills as "intermediate" and would really like to become an expert. I have been trying to find a decent book and this one looks interesting. Most Linux books out there are more geared up to the beginner user when I really want to know the inner working from a pentester point of vue. Would you recommend this book for that?

broc wrote: »

hehe, well I was trying to be nice and not discourage him before he even started

He just passed the CISSP! That takes you out of the hand-holding stage in my book

broc wrote: »

Can you tell me a bit more about the content of this book? It could the book I am looking for, I rate my Linux skills as "intermediate" and would really like to become an expert. I have been trying to find a decent book and this one looks interesting. Most Linux books out there are more geared up to the beginner user when I really want to know the inner working from a pentester point of vue. Would you recommend this book for that?

Um, it's got material that's good for beginners, and I'd say it goes into the intermediate or intermediate-advanced ranges. I'm not going to say it's 100% what you're looking for, but it's a fantastic reference, has numerous examples for tons of commands, gives you exercises to challenge yourself, etc. If I could only have one Linux book, it would be that one. After that, you're pretty much stuck with man pages and experimentation

Note: If you're looking for something niche like kernel develop, this isn't what you want.

I've actually seen a lot of Barnes and Nobles carrying these, so stop by and page through one.

dynamik wrote: »

He just passed the CISSP! That takes you out of the hand-holding stage in my book

You've got a point there!

dynamik wrote: »

I've actually seen a lot of Barnes and Nobles carrying these, so stop by and page through one.

It might be a bit of a mission just to check out a book... I do live in the UK at the moment and the closest Barnes and Nobles must be New York

I just read through the review on Amazon and saw that it's a recent release (November 2009) so I might just go for it. I do have to finish reading the pile of MS security books I have on my desk first though...

Edit: thanks for the detailed explanation Dynamik, much appreciated. Does the book come with a pdf version by any chance?

broc wrote: »

It might be a bit of a mission just to check out a book... I do live in the UK at the moment and the closest Barnes and Nobles must be New York

Or equivalent

broc wrote: »

I just read through the review on Amazon and saw that it's a recent release (November 2009) so I might just go for it. I do have to finish reading the pile of MS security books I have on my desk first though...

Edit: thanks for the detailed explanation Dynamik, much appreciated. Does the book come with a pdf version by any chance?

Wow, looks like a second edition just came out. Mine's from 2005.

Mine didn't come with any discs, PDFs, etc., but I'm not sure about this new version.

dynamik wrote: »

Wow, looks like a second edition just came out. Mine's from 2005.

Mine didn't come with any discs, PDFs, etc., but I'm not sure about this new version.

Yep, they updated it which is good as the kernel evolved quite a bit in the last few years and there is a section on Mac OS X Unix... hmm I think I might just get the credit card out and add a book to my reading list!

broc wrote: »

There is no doubt that if you are thinking of going for the GPEN or OSCP, you will have to bring your Linux skills up to date. As for saying wether Linux skills are critical, it really depends of your environment but it's always nice to have when you work in security.

There is so many tools written for Linux in term of hacking, pentesting, security auditing, forensics, .... that you would beneficiate a lot from having a sound linux knowledge.

You will find out that Linux has got "easier" than the last time you used it, I too remember installing it from spanned diskettes and having to modify drivers to get everything (or was it anything?) working

Nowadays, I use Ubuntu mainly because Backtrack is based on it and that is my OS of choice when I do any kind of security audit.

Just download Ubuntu, install it on a VM, and you will able to play with it and see how much more user friendly it is than a few years ago.

Actually I have a couple Dell laptops I was thinking about wiping clean and installing Linux one. One for my "Good" laptop and one for trashing with downloaded toys and tools. If the tool is handy on the trashy one it gets moved to the good laptop so I have it in the field.

dynamik wrote: »

Yea, I'd definitely beef up your linux skills. The other day, I made a shell script that went through my gn.map file and did a bunch of banner grabbing for me. Saved me a load of time. While you can definitely do similar things with Windows (and gnuwin32), I'm definitely partial to Linux for that type of thing. I use Windows 7 as my desktop OS and have done 15+ MS exams, so I'm far from being biased towards Linux

I think you'd be selling yourself short if you are trying to be a security professional (especially pen tester) and aren't competent with Linux. You don't need to master every little thing. There are some guys here (whom I really respect) that are masters of configuring Apache, Bind, etc. However, I really don't need to get too in-depth with any of that. Understanding the file system, permissions, users/groups, common configuration files, and common utilities, and basic scripting will take you a long way.

YMMV though; maybe you want to be a Bluehat. It's really up to you to define what your goals are and take the necessary steps to achieve them.

In case you're interested, this has been my favorite Linux book thus far: Amazon.com: Practical Guide to Linux Commands, Editors, and Shell Programming, A (2nd Edition) (9780131367364): Mark G. Sobell: Books

If you don't mind me asking, what was your experience leading up to the CISSP and what did you use to prepare? I'll be taking a stab at it in four months or so.

Edit: Broc you cheater! No GUI allowed while learning!

Oh some of it is still laying around out there in the dusty back corners of my brain. "chmod 777 *" if I remember right worked wonders when you were trying to get the thing to go.

Like I said I used it back when an IBM PC AT cost about $6000 without a hard drive and a 20 MB drive had a Western Digital controller card distinct from the hard drive. I did however use/install it every day for three years I am sure a lot of it will come back once I knock the dust off.

broc wrote: »

hehe, well I was trying to be nice and not discourage him before he even started

Oh I think I will be ok. I figured it out once from the manuals (and not very good ones at that) and it was all command line back then. There was no GUI in XENIX.

Anyone remember "debug g=c800:5" ???

Maybe I am dating myself but my first modem was a 125 baud modem for my C64.

The command line is my friend!

dynamik wrote: »

If you don't mind me asking, what was your experience leading up to the CISSP and what did you use to prepare? I'll be taking a stab at it in four months or so.

Edit: Broc you cheater! No GUI allowed while learning!

Well from zero to test day was about 5 weeks. I hate to admit it but I used the "CISSP for Dummies" as my intro to the 10 domains. Then I used the All in One book and testing to fill in gaps.

I have a pretty broad IT background (20 years give or take) so a lot of it was stuff I had at least a passing relationship with (not the Crypto though, that was almost all new). Not to the depth needed but I understood the major topics and I was filling in a lot of gaps

I would read the Dummies chapter on domain X without taking notes, then take the test in study mode. Every time I hit a question I didn't think I knew and understood I stopped and looked it up in the AIO book and read about it until I felt I understood it. Sometimes I would jump out to the net and Google something or another but mostly AIO.

I then would move on to another domain and start again with Dummies/test/AIO cycle.

I did wait a few days after each domain and go back again and take the test again to reinforce what I knew and "tweak" the stuff that had not sunk in.

I went back and forth between the tests and the AIO book until I got a 90 on each one of the domain tests. Then the last day before the test I took them all again, going back to AIO to refresh (by that time nothing was really "new") and re-enforce topics.

It is amazing how you get ready for answering a lot of test questions after doing maybe 1500 questions four or five times each, the 250 on the test seemed like a small subset.

Thanks, I greatly appreciate the feedback.

I'm taking a similar course of action. I'm actually about the wrap up the dummies book tonight. Like you, I just wanted a brief overview before I really dive in. I was planning on reading the same domain simultaneously in the official guide an AIO and taking notes as needed.

I've been pleasantly surprised to find that not too much of the material has been new to me. I'm obviously lacking ultra-granular knowledge that I feel is required to pass, but at least there wasn't too many, "Wow, I've never heard of that!" moments.

Were you just using the test questions that came with the AIO book? I'm supplementing the book questions with freepracticetests.org and may purchase the Transcender as well.

How's La Crosse this time of year (sucker)? I just moved from St. Paul