InfoSec Quest

I've been busy

2011-10-12T10:54:00.001-04:00

Things picked up at the new job and school did as well. I realize I haven't posted on here in a little bit. Well here is what's been going on.

- I have been working towards CCNP:S (SECURE) and I plan to take it next month
- I joined a group started by Joe Mccray called Security Rookies. We are working towards enhancing out infosec knowledge
- I have really been getting into packet analysis and although I have dropped my WCNA plans, I have really enjoyed the book
- My next steps are CCNP:S and Linux+ (hopefully done by March or so)
- I lost 20lbs (yay!) and I want to lose 30 more by the end of the year.

That's it in a nutshell. Since I am getting close to SECURE (November 15th or so) I want to make sure I start posting labs and notes.

Cisco Anyconnect VPN Client

2011-07-29T10:17:00.001-04:00

Does anyone use this client at all? I have to set it up for internal access and it would seem the documentation was very sparse. I found some guides on how to do it from the Cisco Configuration Pro:

http://www.cisco.com/en/US/products/ps5855/products_configuration_example09186a0080af314a.shtml

But since I was doing this from the CLI, I basically read the bottom of it and went for it. Also make sure you pick the right package to download to the router. Not all packages are meant for all situations. I will probably post a eradicated version of my config later today.

IPSEC VPN ISSUES

2011-07-29T10:14:00.000-04:00

A couple of days ago a customer was having an issue with an ipsec vpn tunnel between a cisco and a sonicwall device. Every 8 hours or so, the vpn connection would just die and wouldn't comeback up for another 8 hours or so. Also during that time, he would get an error in his event log stating that ESP versions were different. Turns out that by default cisco goes to 3600 seconds for phase 2 negotiation and sonicwall goes to 28800 (about 8 hours). What I didn't know that you could change the time globally and per policy on the cisco device: Here is the command to change it per policy:

set security-association idle-time seconds

Here is the command to change it globally:

crypto ipsec security-association idle-time

More information can be found here:
http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ftsaidle.html

Next up CWNA

2011-07-25T00:38:00.000-04:00

My next cert goal is CWNA. I want to try to get it done before the August 30 cut off date for free retakes. I have started reading the CWNA guide and I plan to use it, some labbing and the CBT nuggets. Stay tuned.

Updates

2011-07-04T12:02:00.001-04:00

Starting tomorrow, I will be working at a new company in a networking engineering position. In response to that my goal is to get the CCNP done at the end of the year. I am still on for the Wireshark Exam at the end of the month. The company is heavily involved with Wireless so I am also going to be working on CWNA/CWSP but I don't have a date set for that. WCNA/CCNP are my immediate goals with the CCNA:Wireless being possible as well. I also will make sure I bake security into everything I do and do some more stuff on pfsense and linux. I plan to at least do two updates a week on here so I can get some decent content lol. Stay tuned.

Also I am doing something called the tough mudder in March so I started a new blog for that. Check it out if you want. There is no content now but I will be adding some soon:

http://kmstoughmudder.blogspot.com/

Protecting the castle - Firewalls

2011-05-01T01:57:00.000-04:00

As IT pros, we have a responsibility to protect ourselves and family from Internet threats as best as we can. Often times we are asked "What should I do to protect myself from threats on the internet?" That's a loaded question obviously. That's like saying "How can I protect myself from home invasions?" Well this is the first post in a series of post on personal internet security. What better place to start than the WAN (or I should say the WAN enclave)?

My chosen firewall platform if Pfsense More information can be found here: http://www.pfsense.org/ and here:http://forum.pfsense.org/ I choose this firewall because it is based on a secure os (freebsd), it is easy to use, very mature, has tons of features and it very good documentation including a book that recently came out: http://www.amazon.com/pfSense-Definitive-Christopher-M-Buechler/dp/0979034280/ref=sr_1_1?ie=UTF8&qid=1304227840&sr=8-1

I have installed it already and have configured my ISPs info. So the next question is what do we do from here. Pfsense is very secure by default but there are a few things that I live to add.

Country Blocking:

Country Blocking does just that, block ips based on their physical location. For most people in the US, there is nothing that any of us need (internet wise) in another country and there is nothing others in other country need from us (if you are running a web server at home, that might be different but I digress). To get the country block package, you can go to system>packages and then find the coutnry block package and install it by clicking the plus next to the package name (I already have it installed as seen here):

You can then go on the firewall>country block to configure any settings you wish. If you are truly hardcore you can block all countries (note, if you do this, make sure you do not block your own country. you will lock yourself out of your firewall lol)

You can even block incoming and outgoing by selection the option on settings tab.

My next post will be about enabling snort on pfsense, tuning it and monitoring the results.

CCDA

2011-04-27T05:32:00.000-04:00

Well I picked up the CCDA guide after finding out that it is the expiration date was extended. Due to some scheduling issues, my plan to get this done by the end of May. As it stands right now it is

CCDA - May
WCNA- June

Get er done.

Elearnsecurity Course

2011-04-09T18:15:00.000-04:00

I started the elearnsecurity course today. I plan to use the material along with the Hackers:AOE, Web App Hackers Handbook and Hacking Exposed 6. Hopefully it will be a worthwhile purchase.

SSCP in May

2011-03-31T09:55:00.000-04:00

First of all, I am not dead lol. Second sorry about not posting much. Third, the title says it all, I am going for the SSCP in May. I think it will be a decent amount of studying but I should be able to git er done. I actually think I have quite a bit more quality experience from when I did the Security+ and I think that is going to bleed over and help me get this test done. Wish me luck. And yes I will blog about it lol.

RANT

2011-03-12T17:04:00.000-05:00

After spending the last 6 months preparing to do an upgrade on a 1million (1,000,000) application I honestly feel worn out and spent (the upgrade went great btw). I go to certain sites (like Tech Exams: http://www.techexams.net/index.shtml) and see how people progress towards their goals and it makes me feel like I am not moving at all. I don't feel like I am "growing" like I would like. It's hard to explain but I feel like I am treading water. I know where I want to go (sort of) and a SOC (security operations center) seems like my goal. I want to run my businesses security expertly but it seems like there is always something but not enough time in the day. The days seem to just blend into each other with no real purpose. Work>School>Home rinse and repeat. Plus I am not doing as well in school as I would like. Sigh it just seems like I need to make a change. My wife and mom think I need to stop comparing myself to everyone else but I don't know what else to do. How else do you measure growth?

Sigh. I whine too much lol.

February Reading List

2011-02-02T01:04:00.001-05:00

I haven't posted much (sorry). I am making my way through Practical Guide to Linux commands and Hackers: THE Art of exploitation. I will try to make one post about each of these every week. At any rate, here is my reading list right now:

Practical Guide to Linux:0.07 % -1034pgs
Hackers: Art of exploitation: 0.125% -454pgs
Network Security Bible: 0.034% -846pgs
Wireshark Network Analyst: 0% -738pgs
NMAP Network Scanning: 0% -422pgs

Realistically speaking, If I can finish the practical guide to linux, NMAP and Hackers books I will be happy.

2011 Reading Room

2011-01-09T15:29:00.002-05:00

I am making this post to keep track of all the books and documentation that I read this year. This will be the place where I will document my 11K in 2K11 trek. I need to hit about 800 pages a month. Shouldn't be too hard to do.

IT:

Security:

Programming:

Linux:

Windows:

Non/IT:

Religious:

Finance:

Business:

School:

Happy New Year: The Road to 1337

2011-01-08T13:06:00.001-05:00

Well I guess I will make my first post of the new year. Let me start off by saying that I didn't sit the SSCP today. More than likely I will sit that bad boy in May, if I sit it at all.. A person on a forum I am a member of ( http://socialbit.net/forum) has expressed interest in going to compete in Defcon. Still being a noob I will have a lot of catching up to do but I will do everything in my power to learn as much as I can. That said I have decided to use this blog to log my studies and finding. For those of you interested, My first books will be the Web Application Hackers Handbook and Hacking the art of exploitation.

I am going to challenge the GPEN and GCIA this year :). So it is looking like this is my goal:

LPIC-1/Linux+ - March
CEH - May
Elearnsecurity ecPPT Quarter 2
GPEN Quarter 3
GCIA Quarter 4

Unless someone makes me change my mind, this is what I want to go for.

Change of plans: SSCP Jan 8th and some other stuff

2010-11-27T22:57:00.000-05:00

Well guys I have decided to change my plans up. As some of you probably know I first planned to go for the SSCP on March 12, when the ISC2 exam is being offered in Cleveland. Well that is kind of far and I would probably have to get a hotel plus it would be during finals for school. I went onto the site and found out that there will be a offering on Jan 8th (42 days away). Some people say it is cutting a close but I am not in school right now (winter break) and I could dedicate 3-4 hours a day (if I stick to it) during the week and probably 6 hours during the weekend. I talked it over with my wife and I am going to go for it. So here is my current material:

Books/Guides
Network Security Bible
Security Plus (get certified, get ahead)
Preplogic Mega Guide
Preplogic 15 minute guide

Video/Audio
Preplogic MP3's SSCP
SSCP CBT Nuggets

Plan Purchases:
SSCP CBK 2007 and possibly 2010

The one thing I cannot find is some practice test but I might have to go without on this one. My main focus from here on our is layers 3-7 (and 8) security. I think that is where I want to focus my security studies for the next few months. I'll keep track of my SSCP studies. I am also studying WebappSec and I am installing DVWA soon. I'll keep track of those studies here as well.

Where have you been for the past month?

2010-11-25T01:59:00.000-05:00

I wish I could tell you man lol. Thinks have just been crazy. I have barely made a scratch in my LPIC stuff, I will be configuring a server 2k8(server core) box as an IIS server within the next few weeks and I will be attempting to learn a little web development. Things and work have come up so I haven't been able to finish the new firewall but that should be ready to rock shortly. But such is life. I am out of school for the next month (didn't do as well as I'd hoped) so I need to think about my next move as far as that is concerned and I want to start a raw food fast on December fast because I want to lose 8-10lbs before the end of the month. Sigh...

So my new short term goal as far as certs go is to get half of the LPIC-1 done by the eoy and finish it up in January. I changed my overall cert scheme as well. In short, I probably won't be doing GSEC and GCIA. $900 is too much. I figure I am going to do (after LPIC-1) SSCP, WCNA, C|EH, ITILV3 foundations and probably just play it by ear after that. There are also two betas I'd like to do, Comptia Advanced Security Professional and Storage+. We will have to see about those.

School is something that I just hate but I know I need to get it done. I am going to make the deans list for the next few quarters that I am at Sinclair.

As far as God, I went to church a few weeks ago and honestly it feels like my spirit is just mourning sometimes. As if my very being is wasting away. I have to get in my word and get in a church. I can feel it. I plan to go through the new testament in 30 days or so.

On a similar note I have to lose this cussing weight (that was a Fantastic Mr Fox joke- Great Movie). Besides going on a diet the wife and I are going to get into the gym more.

Basically I am going to use period as a time of reflection, planning and self improvement. Maybe I can finally start posting some notes up here lol. I'll post my IIS notes and finding and my LPIC studying up here. Until next time.

LPIC starts today and some other stuff.

2010-10-19T03:14:00.000-04:00

Last week was tiring and I didn't get my LPIC Linux certification in a Nutshell book until today so I am officially starting today. If you don't follow me on Techexams, here is my official study materials:

Practical Guide to Linux Commands
Linux Admins Beginnners Guide
LPIC in a Nutshell (ordering today)
Sed and Awk

As I said on Tech Exams I know the Sed and Awk guide will be way overkill for the exam. I also know that the Practical guide to linux commands will be as well but the goal is to learn linux with passing the LPIC-1 as an afterthought. I am not liking the environment of TE as of late so I will do almost all of my updates on here (which is not what I did for Security+).

I also have a few more books in the mail over the last few days:

Hacking the art of exploitation - C|EH, SSCP, GSEC and general studies
Wireshark Guide - WCNA and General Studies
Group Policy Guide - For work and GSEC

I need to work my way through Network Warrior and Routing TCP/IP as well. I have a Windows Server 2003 book on the way and I will pick up a 2008 book as well. I want to be a security analyst so I need to broaden my scope of knowledge. I read somewhere on Tech exams where someone said that you need to be an expert in one OS and have working knowledge of the other. I think he is right although I want my chosen OS to be linux/bsd/unix and even Solaros and have working knowledge of Windows. At any rate I will try to post on my studies (including my quest to get my cisco chops back up to snuff) a couple of times a week. Happy Studying!

update

2010-10-10T13:34:00.000-04:00

Well guys I passed the Security+ yesterday. I don't feel any real accomplishment other than getting the very boring test out of my life. Now for new business. Here are my official plans, copied from a forum post I made.

Q4 2010 (few days): Security+ - COMPLETED
Q4 2010: LPIC-1 (November-December)
Jan Q1 2011: C|EH
Q2: 2011: WCNA
Q2: GSEC, A.A.S Network Engineering
Q3: A.A.S Software development (maybe)
Q3:: Possibly GCIA and/or start CCXP
Q4: ????

I just completed the S+ yesterday and I am now working on LPIC-1. I think I want to squeeze the SSCP in there somewhere even though someone told me it was useless lol. CCN(S)P is something I want to do, but I want to be able to focus on it completely. I am ordering the CCNP self study guides however and I am starting to build a lab for the NP/SP. If I switch jobs and get into a role that uses ASAs and such I will start after going after that as well. Basically if I can get GSEC, C|EH and WCNA before I graduate with my A.A.S in Network Engineering I will be very happy. I will be done with that at the end of next summer. I think it is doable. I'd like to be able to squeeze in ITIL foundations in there for resume candy but I might not get to it. I am also playing around with the idea of doing LPIC-2. I don't want to put that to paper yet though. Not until I knock out some of these other certs.

So my goals are actually much lower this time around compared to last time:

Quote:
Originally Posted by Bl8ckr0uter View Post
This is the last time I swear.

2010:
MS:MCP, MCTS, MCSA MCSA:S
Comptia: Sec+ L+
Cisco: SNRS (CCSP), possibly CCNA:V
Lol I probably changed that stuff around 3 times just for me not to meet like 75 percent of that. I am ok with that though. At the time I didn't have CCNA:Security so I did that. I did the Security+ (finally lol) and I will do the Linux+. I at least now have more career direction. I think that is something I was lacking from those months. I didn't really know what I wanted to do. Well that isn't true. I didn't know that I could do what I want to do without having a ton of certs. Instead of MCSA:S/MCSE:S I am aiming for GSEC. It isn't as many "checkboxes" but it is to the point. Anywho I think that my mentality of doing more with less will help me because I hate not meeting my goals and I love going above and beyond. It will also help keep me focused despite what certain recruiters say. I have a bunch of non cert goals such as scripting, learning pki and different parts of security. I am also strongly considering going to the hacking dojo and/or the elearnsecurity training to help build my chops.

So there it is, my plans between now at July/August 2011. Has anyone else thought about what they want to do?

So there it is. Now it is just time to get it done.

Plans -2010-2011

2010-09-26T22:42:00.003-04:00

As promised this is my plan thread. I am putting this out here so I can have something concrete to look at. This started off as a response on one of the forums that I am a member of: http://www.techexams.net/forums/security-certifications/58374-q4-2010-2011-security-cert-objectives.html

I have been tormented for a few months about what I want to do next. My heart was telling me one thing and my head was telling me another. Well I told them both to shut it and I am now going with my gut. My gut is telling me that I want to be different from Joe IT out there and I need to think differently and study differently. As many of you know, I want to be a security engineer and although I currently hold the title Network Security Admin I feel like I am not as l33t as I want to be. So I am thought long and hard about what I want to do to get myskills up and this is what I have come up with. I will start off with my cert goals and then work to my non cert goals:

Cert Goals

Security+ - October 9th 2010
- I want to complete this test so that I can round out my basic security knowledge and work towards building a firm foundation in security.
LPIC-1 (November/December) 2010
- Sharpen my *nix ninja skills
SSCP
- The reason why I want to do this test is two fold. The first is to further strengthen my core security knowledge. The second is that this will help reduced the amount of time required for the CISSP. I also think it will be good review for the GSEC

ITIL
- This one is for HR people and because I need to understand more of the service and business side of IT.

C|EH
- I may drop this test if I need to save the money. I want this test to validate my basic pen testing knowledge. The elearnsecurity looks pretty good so I am thinking about dropping this and going for that instead. It would have to be after the SSCP (passing and endorsement) since I can get 40 cpe credits for doing it (which that along almost makes it worth it).

GSEC
- This test represents a mini goal of mine. First I want it simply because of the weight that SANS certs carry in the IT community. Second I feel that this will be the basic knowledge I must obtain in order to feel a little more comfortable with my OS security knowledge. I want to know more but this test is sort of a baseline for how much I want to grow at least in that area. If I don't obtain this level of knowledge I will be pretty pissed off.

GCIA
- This is the exam I really want. This test represents what I'd really like to do (network analysis and so on). I want to have this level of TCP/IP knowledge and so on before the end of next year. I am willing to cut down a few other test in order to be able to afford the GSEC and GCIA because both of them are $900 to challenge. Studying is a must for both. I plan at least 2-3 months of dedicated study for the GSEC and 3-4 for the GCIA.

Possible:

Start the new CCNP Security track
- This is also an option I may do as it will be much more affordable to do than the SANS certs. If I do, I'd really like to do the new SNRS (which will now be called SECURE)

Cert Goals

There is a bunch of non cert goals I have but I will try to keep my scope to an IT nature:

Learn perl, python
Learn Windows/Linux security
- I have much more interest in Linux so I just want to learn about the essentials of Windows related administration and security
Get to LPIC-2 level of linux knowledge
Learn IPv6 (and IPv6 security) well enough for enterprise deployment
Read 25000 pages
Graduate A.A.S in Network Engineering and Software development w/ Honors
Enroll in an BS program
Join 2-4 professional groups

I have a feeling that the cert goals are going to be difficult to keep especially the SANS certs due to $$$ and all but we will see. My first objective is to keep my family feed and our budget in order. Courtney in a ninja when it comes to the number so I know that if I give her my plan she will make it happen. I just need to stick to my goal and try not to change it so much. If it comes down to it, the ones I really want are GCIA and GSEC. I am on the fence about C|EH. I want SSCP but not as much as GSEC. If I drop SSCP I might drop C|EH as well and fill my time with GSEC, GCIA, ITIL and maybe LPIC-2 or something else. I just need to look at the dollars and cents.

These list will grow and shrink as I add things and check things off. Stay tuned!

update

2010-09-26T13:38:00.000-04:00

Ok now that I have had my time to [be a] bitch. I have my Security+ booked for OCT 9 3pm. I am going to track my studies here. I will also publish my official cert goals for now - EOY 2011 in a few hours. Next up, finish some homework and study crypto.

Lets talk about me for a moment

2010-09-11T04:07:00.000-04:00

Dream until your dreams come true- Aerosmith

This could turn into a long post so feel free to skip it. This is a very strange time in my life. I have two life changing events that happened/happening this week. The first is I started school again after being out for the summer quarter. I can see the finish line, just three more to go and I can be out of Sinclair which would be awesome. The second which has some good and bad mixed with it is I am working my final two days at my weekend job. On the plus side, I get to have a weekend again (yea!!!!) on the downside is the fact that we will no longer have that money. I am all about a dollar (like 4 quarters) so that bothers me. Probably after what happened early this year I am very cautious and worried. My wife says she doesn't think I rest when I sleep. She's right. Worry is worring me all of the time. It is really hard to explain. It is sort of like the feeling when you think someone is watching you or when you feel something behind you but nothing is there. It is like a blanketing shadow to clings on to your thoughts and sticks to your soul. It is very difficult to get rid of.

Another thing. I wanted to get the security plus done on the 30th of last month. Well it didn't happen. I haven't sat the exam yet. I haven't sat an exam since Feb and honestly I am a little rusty. I honestly don't feel like doing it. I want to feel like doing it, but I don't. The worst thing about it is I know that I need to do it, I know it have (some) value in my career but I just don't feel up to it. I want to kill that thing before the end of the month but lately it seems like things are just so crazy, I just want to get through the day and go to sleep. I will get done with it soon because I feel like doing the LPIC-1.

I am a dreamer and a big picture guy. Truthfully I would be best served as an executive or an owner of a company. Sometimes when you are a dreamer it becomes hard to bring that into reality. I have huge dreams, things I don't even want to share with anyone because it would be so hard to even get them to believe me. Dreams that are bigger than IT. But sometimes my dreams change and morph into something even bigger or different making it harder and harder to walk the path to get to them. I am a big picture guy like I said and the dream is so vivid and bright that the glare hides the details, the steps, the path. Like staring into the sun and then trying to plot a path. It is blinding and madding. Sometimes I wonder if what I am seeing is really nothing more than a reflection of what I think my dreams should be and if I cannot see my true path because I am transfixed on someone else's Sun. Who knows. Vision's are a dime a dozen but truth and clarity is hard to find.

In Dream On, there are words that go, "Dream until your dreams come true". This is a load of bull. Dreaming doesn't produce anything but more dreams. You actually have to act and acting is difficult. Cole (hey Cole!!!) said she tries to make 90 day plans. I did make some as well but I don't think that will work for me. I think I need to think short term like 30 days tops. Too far out and my imagination gets the best of me and I become disappointed when I cannot live up to the dream of what I should be. Take this security plus for an example. Even though I don't feel like doing it, it truly bothers me that I don't have it. When I started this year off I had huge plans: MCSE:Security, CCNP, all sorts of stuff but I so far have only done 1 cert this year (CCNA:Security) and that bothers me. I am a member of this forum called Tech Exams and I see these guys (and girls-like Cole) murder certs all the time. It bothers me on a fundamental level that I am not as far ahead as some of them. It shakes my roots and hurts my core. Why? Because in my mind I should be bigger than superman and I know I can be. So when I am not living up to my potential it bothers me. When I am eating fattening food it bothers me because I feel like I should look like superman too (minus the whole being white thing). Whenever I don't do my very very best it makes me feel like I didn't do anything at all.

Sorry guys just venting and such. So yea at any rate. No more dreaming, time to act. Security Plus before the end of the month. LPIC-1 before the end of the year and I will bring my sexy back for next swimsuit season because I will be rocking a speedo. Haters get at me!!!

Well man life is just crazy.

Security+ - August 28th

2010-08-19T07:19:00.000-04:00

So I have decided to go ahead and sign up for the 28th as my test date. I have 9 days to go over the 5 domains of the exam. I am purchasing selftest today and I will be going over Darril's book again as well as continuing through the reading Network Security Bible and reading the Security+ Mega guide. I will make a few more notes and post them. Hopefully this will be enough to get me over the hump. It has been ahwile since I went for a cert (February) and I honestly feel a little rusty. I don't plan on failing, and if I am not getting 85-90 percent on the test next Thursday, I might move it back a week, but I plan on killing this thing on the 28th!

This week: DROID+EXCHANGE=Please the CEO

2010-08-15T05:16:00.000-04:00

Last week, my boss came to me and said her boss wants to use a DROID 2 as his work phone. Since we are moving to Verizon as our main carrier we should be able to get DROID 2s soon. This just leaves me with the task of testing our activesync profiles on it. I don't know much about exchange so this will be an interesting week. I will post my findings later.

WCNA, Packet Capture, and Ubuntu

2010-08-12T10:04:00.001-04:00

I am in the middle of doing a network analysis at my job. Since this has never been done before and I need to do it for the IDS anyway I figured I'd use Wireshark. I have used it before but I will admit that my understanding is at script kiddie level. Well I found out something new a few days ago. Wireshark has problems capturing large files. I sat it on the edge of my network (reading traffic from a spare laptop plugged into my tap) during our peak times and it crashed, stating it had ran out of memory. This is a known issue. http://wiki.wireshark.org/KnownBugs/OutOfMemory I was a little pissed but I still need this information. So I decided to try to find a solution. TCPdump seems to be the answer for this. It was even recommended by Laura Chappell herself on her own twitter page.

I installed it on my ubuntu box. I still needed to find out a few basic commands and stuff. I found this site which has helped me get going. http://openmaniak.com/tcpdump.php It even mentions how to read the log with wireshark (which is what I plan to do). Make sure you run this program as sudo because it will not work otherwise. Packet life also has cheat sheets on both apps here: http://packetlife.net/library/cheat-sheets/

Which leads me to the second part of my post: WCNA. For those of you that don't know, there is a new certification based around Network Analysis and Wireshark. The Wireshark Certified Network Analyst is a new cert which to be honest looks pretty awesome. On several forums I am a member of as well as twitter, there has been talk of it. IT officially went live yesterday. I think I want it myself and it looks like a good 2011 project. How about you guys? What do you think? Here is a link for more information:

http://www.wiresharktraining.com/certification.html

Blackberry

2010-08-06T10:37:00.001-04:00

So my boss came to me and said her phone wasn't working. After troubleshooting I determined that we needed to just wipe enterprise activate it again. I have wiped a device before and I have also enterprise activated the device, but I have never done both at the same time, nor have I actually administered a blackberry so this is a first.

The first thing I did was wipe the device. Most of the company is on 8520's so you can do a security wipe as it is described here: http://freeblackberryweb.com/how-to-reset-blackberry-curve-8520-to-factory-settings/

While that was going I logged onto the BES server (with a BES account, this is important!) and log into Blackberry Manager (we are using 4.1). I then clicked on the users tab and found her name. I then right clicked her account and clicked "Generate and Email activation password". The password as emailed to her and I retrieved it. I then went onto her device and went into options and selected Enterprise activation. I put in her email address and clicked activate now. Several days later, it finished lol. Testing the device involved looking at her calendar, doing a look up to see if it was hitting exchange, then finally sending her an email.

We are going to be doing a roll out of 25 new phones which will give me some much needed BES exposure so stay tuned!

Update

2010-07-25T04:17:00.000-04:00

So I am moving on Monday. I have started reading the Network Security Bible in preparation for the S+ and SSCP. So far the book has been mostly review of Darrils Security+ book. I think I won't get to the meat for a few chapters. At any rate I have a few things that I need to do at work and at home. I promise this blog will finally get more technical soon lol.

Fun Times!!!

2010-07-08T12:34:00.000-04:00

Well this isn't IT related but we got the apartment and will be moving in 2 weeks! I am going to pick up the S+ next month and I am still trying to fit in at the new place. I am pretty excited.

update

2010-07-03T04:26:00.001-04:00

Well I am probably going to have to put the S+ do hold for at least a month. My wife and I are moving and we are going to save every single penny so we can make our big move. I am still going to study for the S+ and the LPIC-1. I should be able to get them done.

update

2010-06-29T09:08:00.000-04:00

Well I finished the Security+ book. I have a book by sybex call the Security+ Review guide which I am going to start later on today. Hopefully this, along with my Security+ notes and independent research will be enough to get me over the hump. I have basically 12 days to study up for this thing. I feel pretty confident that I can do it. As promised I will make these notes available on my blog.

In other news, I finally got the config for the companies pix so I now need to map out what each item does. The config is over 19 pages long! I am relying on google and network warrior since I have never configured a pix. I need to do the same thing for our gateway router and our switches. That will probably take me most of the day. Fun times.

Sec+ Notes

2010-06-26T08:06:00.000-04:00

I guess i will start by posting the objectives here first and build off of them:

CompTIA Security+ (2008 Edition) Exam Objectives 1 of 11
Copyright 2008 by the Computing Technology Industry Association. All rights reserved.
The CompTIA Security+ (2008 Edition) Exam Objectives are subject to change without notice.
CompTIA Security+ (2008 Edition) Certification
Examination Objectives
INTRODUCTION
The CompTIA Security+ (2008 Edition) Certification is a vendor neutral credential. The Security+ exam is
an internationally recognized validation of foundation-level security skills and knowledge, and is used by
organizations and security professionals around the globe.
The skills and knowledge measured by this examination are derived from an industry-wide Job Task
Analysis (JTA) and were validated through a global survey in Q4, 2007. The results of this survey were
used to validate the content of the domains and objectives and the overall domain weightings, ensuring the
relative importance of the content.
The CompTIA Security+ (2008 Edition) Certification is aimed at an IT security professional who has:
A minimum of 2 years experience in network administration with a focus on security
Day to day technical information security experience
Broad knowledge of security concerns and implementation including the topics in the
domain list below
The table below lists the domain areas measured by this examination and the approximate extent
to which they are represented in the examination:
Domain % of Examination
1.0 Systems Security 21%
2.0 Network Infrastructure 20%
3.0 Access Control 17%
4.0 Assessments & Audits 15%
5.0 Cryptography 15%
6.0 Organizational Security 12%
Total 100%
**Note: The lists of examples provided in bulleted format below each objective are not exhaustive
lists. Other examples of technologies, processes or tasks pertaining to each objective may also
be included on the exam although not listed or covered in this objectives document.
(A list of acronyms used in these Objectives appears at the end of this document.)
CompTIA Security+ (2008 Edition) Exam Objectives 2 of 11
Copyright 2008 by the Computing Technology Industry Association. All rights reserved.
The CompTIA Security+ (2008 Edition) Exam Objectives are subject to change without notice.
Objectives in italics are those objectives that contain content that has changed since the
last version of the Security+ exam (2002 Objectives).
1.0 Systems Security
1.1 Differentiate among various systems security threats.
• Privilege escalation
• Virus
• Worm
• Trojan
• Spyware
• Spam
• Adware
• Rootkits
• Botnets
• Logic bomb
1.2 Explain the security risks pertaining to system hardware and peripherals.
• BIOS
• USB devices
• Cell phones
• Removable storage
• Network attached storage
1.3 Implement OS hardening practices and procedures to achieve workstation and
server security.
• Hotfixes
• Service packs
• Patches
• Patch management
• Group policies
• Security templates
• Configuration baselines
1.4 Carry out the appropriate procedures to establish application security.
• ActiveX
• Java
• Scripting
• Browser
• Buffer overflows
• Cookies
• SMTP open relays
• Instant messaging
• P2P
• Input validation
• Cross-site scripting (XSS)
1.5 Implement security applications.
• HIDS
• Personal software firewalls
• Antivirus
• Anti-spam
CompTIA Security+ (2008 Edition) Exam Objectives 3 of 11
Copyright 2008 by the Computing Technology Industry Association. All rights reserved.
The CompTIA Security+ (2008 Edition) Exam Objectives are subject to change without notice.
• Popup blockers
1.6 Explain the purpose and application of virtualization technology.
2.0 Network Infrastructure
2.1 Differentiate between the different ports & protocols, their respective threats
and mitigation techniques.
• Antiquated protocols
• TCP/IP hijacking
• Null sessions
• Spoofing
• Man-in-the-middle
• Replay
• DOS
• DDOS
• Domain Name Kiting
• DNS poisoning
• ARP poisoning
2.2 Distinguish between network design elements and components.
• DMZ
• VLAN
• NAT
• Network interconnections
• NAC
• Subnetting
• Telephony
2.3 Determine the appropriate use of network security tools to facilitate network
security.
• NIDS
• NIPS
• Firewalls
• Proxy servers
• Honeypot
• Internet content filters
• Protocol analyzers
2.4 Apply the appropriate network tools to facilitate network security.
• NIDS
• Firewalls
• Proxy servers
• Internet content filters
• Protocol analyzers
2.5 Explain the vulnerabilities and mitigations associated with network devices.
• Privilege escalation
• Weak passwords
• Back doors
• Default accounts
• DOS
CompTIA Security+ (2008 Edition) Exam Objectives 4 of 11
Copyright 2008 by the Computing Technology Industry Association. All rights reserved.
The CompTIA Security+ (2008 Edition) Exam Objectives are subject to change without notice.
2.6 Explain the vulnerabilities and mitigations associated with various
transmission media.
• Vampire taps
2.7 Explain the vulnerabilities and implement mitigations associated with wireless
networking.
• Data emanation
• War driving
• SSID broadcast
• Blue jacking
• Bluesnarfing
• Rogue access points
• Weak encryption
3.0 Access Control
3.1 Identify and apply industry best practices for access control methods.
• Implicit deny
• Least privilege
• Separation of duties
• Job rotation
3.2 Explain common access control models and the differences between each.
• MAC
• DAC
• Role & Rule based access control
3.3 Organize users and computers into appropriate security groups and roles
while distinguishing between appropriate rights and privileges.
3.4 Apply appropriate security controls to file and print resources.
3.5 Compare and implement logical access control methods.
• ACL
• Group policies
• Password policy
• Domain password policy
• User names and passwords
• Time of day restrictions
• Account expiration
• Logical tokens
3.6 Summarize the various authentication models and identify the components of
each.
• One, two and three-factor authentication
• Single sign-on
3.7 Deploy various authentication models and identify the components of each.
• Biometric reader
• RADIUS
• RAS
CompTIA Security+ (2008 Edition) Exam Objectives 5 of 11
Copyright 2008 by the Computing Technology Industry Association. All rights reserved.
The CompTIA Security+ (2008 Edition) Exam Objectives are subject to change without notice.
• LDAP
• Remote access policies
• Remote authentication
• VPN
• Kerberos
• CHAP
• PAP
• Mutual
• 802.1x
• TACACS
3.8 Explain the difference between identification and authentication (identity
proofing).
3.9 Explain and apply physical access security methods.
• Physical access logs/lists
• Hardware locks
• Physical access control – ID badges
• Door access systems
• Man-trap
• Physical tokens
• Video surveillance – camera types and positioning
4.0 Assessments & Audits
4.1 Conduct risk assessments and implement risk mitigation.
4.2 Carry out vulnerability assessments using common tools.
• Port scanners
• Vulnerability scanners
• Protocol analyzers
• OVAL
• Password crackers
• Network mappers
4.3 Within the realm of vulnerability assessments, explain the proper use of
penetration testing versus vulnerability scanning.
4.4 Use monitoring tools on systems and networks and detect security-related
anomalies.
• Performance monitor
• Systems monitor
• Performance baseline
• Protocol analyzers
4.5 Compare and contrast various types of monitoring methodologies.
• Behavior-based
• Signature-based
• Anomaly-based
4.6 Execute proper logging procedures and evaluate the results.
• Security application
CompTIA Security+ (2008 Edition) Exam Objectives 6 of 11
Copyright 2008 by the Computing Technology Industry Association. All rights reserved.
The CompTIA Security+ (2008 Edition) Exam Objectives are subject to change without notice.
• DNS
• System
• Performance
• Access
• Firewall
• Antivirus
4.7 Conduct periodic audits of system security settings.
• User access and rights review
• Storage and retention policies
• Group policies
5.0 Cryptography
5.1 Explain general cryptography concepts.
• Key management
• Steganography
• Symmetric key
• Asymmetric key
• Confidentiality
• Integrity and availability
• Non-repudiation
• Comparative strength of algorithms
• Digital signatures
• Whole disk encryption
• Trusted Platform Module (TPM)
• Single vs. Dual sided certificates
• Use of proven technologies
5.2 Explain basic hashing concepts and map various algorithms to appropriate
applications.
• SHA
• MD5
• LANMAN
• NTLM
5.3 Explain basic encryption concepts and map various algorithms to appropriate
applications.
• DES
• 3DES
• RSA
• PGP
• Elliptic curve
• AES
• AES256
• One time pad
• Transmission encryption (WEP TKIP, etc)
5.4 Explain and implement protocols.
• SSL/TLS
• S/MIME
• PPTP
CompTIA Security+ (2008 Edition) Exam Objectives 7 of 11
Copyright 2008 by the Computing Technology Industry Association. All rights reserved.
The CompTIA Security+ (2008 Edition) Exam Objectives are subject to change without notice.
• HTTP vs. HTTPS vs. SHTTP
• L2TP
• IPSEC
• SSH
5.5 Explain core concepts of public key cryptography.
• Public Key Infrastructure (PKI)
• Recovery agent
• Public key
• Private keys
• Certificate Authority (CA)
• Registration
• Key escrow
• Certificate Revocation List (CRL)
• Trust models
5.6 Implement PKI and certificate management.
• Public Key Infrastructure (PKI)
• Recovery agent
• Public key
• Private keys
• Certificate Authority (CA)
• Registration
• Key escrow
• Certificate Revocation List (CRL)
6.0 Organizational Security
6.1 Explain redundancy planning and its components.
• Hot site
• Cold site
• Warm site
• Backup generator
• Single point of failure
• RAID
• Spare parts
• Redundant servers
• Redundant ISP
• UPS
• Redundant connections
6.2 Implement disaster recovery procedures.
• Planning
• Disaster recovery exercises
• Backup techniques and practices – storage
• Schemes
• Restoration
6.3 Differentiate between and execute appropriate incident response procedures.
• Forensics
• Chain of custody
• First responders
• Damage and loss control
CompTIA Security+ (2008 Edition) Exam Objectives 8 of 11
Copyright 2008 by the Computing Technology Industry Association. All rights reserved.
The CompTIA Security+ (2008 Edition) Exam Objectives are subject to change without notice.
• Reporting – disclosure of
6.4 Identify and explain applicable legislation and organizational policies.
• Secure disposal of computers
• Acceptable use policies
• Password complexity
• Change management
• Classification of information
• Mandatory vacations
• Personally Identifiable Information (PII)
• Due care
• Due diligence
• Due process
• SLA
• Security-related HR policy
• User education and awareness training
6.5 Explain the importance of environmental controls.
• Fire suppression
• HVAC
• Shielding
6.6 Explain the concept of and how to reduce the risks of social engineering.
• Phishing
• Hoaxes
• Shoulder surfing
• Dumpster diving
• User education and awareness training
CompTIA Security+ (2008 Edition) Exam Objectives 9 of 11
Copyright 2008 by the Computing Technology Industry Association. All rights reserved.
The CompTIA Security+ (2008 Edition) Exam Objectives are subject to change without notice.
SECURITY+ ACRONYMS
3DES – Triple Digital Encryption Standard
ACL – Access Control List
AES - Advanced Encryption Standard
AES256 – Advanced Encryption Standards 256bit
AH - Authentication Header
ALE - Annualized Loss Expectancy
ARO - Annualized Rate of Occurrence
ARP - Address Resolution Protocol
AUP - Acceptable Use Policy
BIOS – Basic Input / Output System
BOTS – Network Robots
CA – Certificate Authority
CAN - Controller Area Network
CCTV - Closed-circuit television
CHAP – Challenge Handshake Authentication Protocol
CRL – Certification Revocation List
DAC – Discretionary Access Control
DDOS – Distributed Denial of Service
DES – Digital Encryption Standard
DHCP – Dynamic Host Configuration Protocol
DLL - Dynamic Link Library
DMZ – Demilitarized Zone
DNS – Domain Name Service (Server)
DOS – Denial of Service
EAP - Extensible Authentication Protocol
ECC - Elliptic Curve Cryptography
FTP – File Transfer Protocol
GRE - Generic Routing Encapsulation
HIDS – Host Based Intrusion Detection System
HIPS – Host Based Intrusion Prevention System
HTTP – Hypertext Transfer Protocol
HTTPS – Hypertext Transfer Protocol over SSL
HVAC – Heating, Ventilation Air Conditioning
ICMP - Internet Control Message Protocol
ID – Identification
IM - Instant messaging
IMAP4 - Internet Message Access Protocol v4
IP - Internet Protocol
CompTIA Security+ (2008 Edition) Exam Objectives 10 of 11
Copyright 2008 by the Computing Technology Industry Association. All rights reserved.
The CompTIA Security+ (2008 Edition) Exam Objectives are subject to change without notice.
IPSEC – Internet Protocol Security
IRC - Internet Relay Chat
ISP – Internet Service Provider
KDC - Key Distribution Center
L2TP – Layer 2 Tunneling Protocol
LANMAN – Local Area Network Manager
LDAP – Lightweight Directory Access Protocol
MAC – Mandatory Access Control / Media Access Control
MAC - Message Authentication Code
MAN - Metropolitan Area Network
MD5 – Message Digest 5
MSCHAP – Microsoft Challenge Handshake Authentication
Protocol
MTU - Maximum Transmission Unit
NAC – Network Access Control
NAT – Network Address Translation
NIDS – Network Based Intrusion Detection System
NIPS – Network Based Intrusion Prevention System
NOS – Network Operating System
NTFS - New Technology File System
NTLM – New Technology LANMAN
NTP - Network Time Protocol
OS – Operating System
OVAL – Open Vulnerability Assessment Language
PAP – Password Authentication Protocol
PAT - Port Address Translation
PBX – Private Branch Exchange
PGP – Pretty Good Privacy
PII – Personally Identifiable Information
PKI – Public Key Infrastructure
PPP - Point-to-point Protocol
PPTP – Point to Point Tunneling Protocol
RAD - Rapid application development
RADIUS – Remote Authentication Dial-in User Server
RAID – Redundant Array of Inexpensive Disks
RAS – Remote Access Server
RBAC – Role Based Access Control
RBAC – Rule Based Access Control
RSA – Rivest, Shamir, & Adleman
S/MIME – Secure / Multipurpose internet Mail Extensions
SCSI - Small Computer System Interface
SHA – Secure Hashing Algorithm
SHTTP – Secure Hypertext Transfer Protocol
CompTIA Security+ (2008 Edition) Exam Objectives 11 of 11
Copyright 2008 by the Computing Technology Industry Association. All rights reserved.
The CompTIA Security+ (2008 Edition) Exam Objectives are subject to change without notice.
SLA – Service Level Agreement
SLE - Single Loss Expectancy
SMTP – Simple Mail Transfer Protocol
SNMP - Simple Network Management Protocol
SPIM - Spam over Internet Messaging
SSH – Secure Shell
SSL – Secure Sockets Layer
SSO – Single Sign On
STP – Shielded Twisted Pair
TACACS – Terminal Access Controller Access Control System
TCP/IP – Transmission Control Protocol / Internet Protocol
TKIP - Temporal Key Integrity Protocol
TKIP – Temporal Key Interchange Protocol
TLS – Transport Layer Security
TPM – Trusted Platform Module
UPS - Uninterruptable Power Supply
URL - Universal Resource Locator
USB – Universal Serial Bus
UTP – Unshielded Twisted Pair
VLAN – Virtual Local Area Network
VoIP - Voice over IP
VPN – Virtual Private Network
WEP – Wired Equivalent Privacy
WPA – Wi-Fi Protected Access

Studies

2010-06-20T00:51:00.000-04:00

Haven't posted in a few days because I've been studying and working. I am almost finish with the S+ guide. I have made a few notes (which I will make available soon) and I am starting to do some research on certain topics.

Both jobs are going well but it is draining my energy. I am going to try to up the amount of post I make here, moreso for me than anyone else.

Starting Security+ today

2010-06-11T02:32:00.000-04:00

Well I have decided to pull the trigger on this. I have had Security+ (get certified get ahead - google it) for a while now but I haven't really been able to get started with it (due to the personal issues listed on my other post). Starting today I am going to study for it and hope to complete it with 3-4 weeks. I will post notes and updates and when I'm close to being done, hopefully I will be able to post a decent sized PDF of my notes which maybe useful to me and others studying for the test.

My real target date is July 3rd but I really want to have it done by July 10th. Lets get it! :)

2/2

2010-06-06T22:02:00.000-04:00

Oh I guess I didn't post this but I got the job. Starting a week from Tuesday, I will be a Network Security Admin focusing on FOSS software, *nix and cisco which means I will be focusing on studying Squid web proxy later on this week after finals and learning VOIP. After Security+ and LPIC-1 I will probably go after CCNA voice and CCNP. Since I probably won't be in school for the remainder of the year, I will probably have plenty of time to do it. Hopefully I can get this blog back on a technical track very soon.

Busy Week

2010-05-29T02:59:00.000-04:00

Well I have done the final interview for the Network Security position. They called my references and yesterday asked for my SSN so they could run a background check. If they like what they see hopefully I will get an offer by the middle of next week. I told them my salary range and they didn't bat an eye at it. I also told them my start date, which they also didn't have a problem with. This would be such a good move for my career.....

I also worked my first two days at my weekend job. I have been doing training during the week so I can get up to speed. The datacenter is sexy! I mean, I was seeing equipment that I could only read about. I actually touched a 500k switch. It was incredible. I want to learn more about DCs so I am going to go through the DataCenter Fundamentals book http://www.amazon.com/Data-Center-Fundamentals-Mauricio-Arregoces/dp/1587050234/ref=sr_1_1?ie=UTF8&s=books&qid=1275116611&sr=8-1 and the APC datacenter university program. Hopefully these will bring me up to speed about DCs as a whole.

If everything works out, I should be moving to Cincy in a month or two. These next few months should be exciting. I want to move, complete the Security+ and LPIC-1 and start my new life in a new city. This blog should get pretty interesting. Stay tuned!

2010-05-23T16:01:00.000-04:00

Well I got offered another job on Friday. I really want to take it but the pay isn't enough and the hours wouldn't be guaranteed. I am going to give the guy a call later today and see if he will let me work on his cisco/linux stuff when he needs the help. Things are starting to look up. I had a few interviews last week and I am hoping the job I really want comes though.

work situation

2010-05-18T14:25:00.001-04:00

Oh yea I should post that I have a new job. I will be working as a Network Support Associate for a local data center company starting next week. The job is a weekend job (Friday and Saturday) but I will do my training starting next Monday. It will be pretty cool.

All in all I am still trying to find something new for weekdays. My current job does NOT pay enough and I really need some benefits. I have an interview for a computer tech position at a local credit union that I really want. If possible, I would like to walk out of that room with the job but we will see. My plans for the Summer are to work 7 days a week. 60-65 hours weeks sounds like a lot but I have done it before. We really need to catch up on our bills.

My other plans are Security+, LPIC-1, MCP, and maybe a CCDA. My overall goal is to refine my skill to a high level and study my butt off before fall quarter.

Interviews

2010-05-18T14:22:00.000-04:00

I went on the first of 4 interviews this week. I think it went pretty well. The place is for a small outsourcing IT company the primary works with small businesses. I would get exposed to a variety of different systems (including linux and cisco). IT seemed ok. I got a good vibe from the guy I was working with.

I have 3 more interviews this week. Its funny, I feel like the interviews are representations of my past, present and future. One is with a Help Desk (past), one is a Computer Technician for a large credit union (present, this is the job I really want) and one is for a Network Security Admin (future). Lets see how this all plays out in this coming week. I really want the Computer Tech job so that I can learn my craft better and sharpen my security knowledge. I want to park it somewhere for a little while. My true IT job stints have all been (execpt for 1) for about 8 months max (due to contracts and stuff) so I would really like to sit somewhere for at least a year and learn some things. There is only so much you can lab out you know?

updates yet again

2010-05-12T00:35:00.000-04:00

This is becoming a very depressing blog.

Well I found out yesterday that I missed out on 2 jobs. The first was for a Network Engineer and the second was for a backup admin. Both were with different parts of the same recruiting company. Both said they wanted someone with more experience. This is getting old. How the fuck am I suppose to get experience without a real IT job? I mean seriously, if no one will hire you, how is it suppose to happen? Whose dick/pussy do you have to suck/lick around here to get gainful employment? Fuck..... My piece of shit job I am working will not schedule me for calls and I haven't been able to find anything better. Well tomorrow I am suppose to meet with this VP for a weekend job but it is only going to pay about 150 dollars more a week than unemployment so I will HAVE to find an additional job.

I have been in a really bad mood for obvious reasons these last couple of days. This is starting to take a real toll on my sainity. I see people posting to me, "Stay positive and move forward" or "hang in there" and I feel like telling them to go fuck themselves. Not because I am mad at them but because its like , you have no advice for me and no answers so I don't want to hear it. I want a job bad. And no not just any job, an IT job and I think I deserve it as well. Its funny the structure that employment brings to your life. Stupid things like having to get up at a certain time or having to be somewhere at a certain time help make sense of the 24 hours in a day. I find myself missing the job that I hated so much. I don't know what to do anymore. Its like I feel myself losing my grip, my structure, like a play doh falling out of its container. Like I am slowly but surely falling out of my mold and I don't know how to stop it. I wasn't build for this at all.

I have been seriously thinking about the army and I think my wife is coming around about it. Guess I better hit the weights and start running again. Who knows, in a year I might be on Active Duty, that is, if the army will have me.

I am going to go try to talk to his recruiter at Accenture about a position in Cincy. To be honest, I am just going to walk in there and say hey, who is recruiting for this job because I want it (not in those words). What have I got to lose anyway, my prides nothing more than a stain on the floor, a space once occupied now empty and almost gone.

Same old, same old...

2010-05-07T13:48:00.000-04:00

Well its the same old bullshit as last time. Applying for jobs, nothing materializing. I actually went on two interviews, one job I didn't get, and one job no one knows what's going on. I continue to apply but I feel like, what's the point. They want experience I don't have, certifications I can't get because I don't have any money for them, and ultimately it seems hopeless. I have strongly considered the military as a way out and now I am starting to think it is the only way out. Why oh why didn't I just do Microsoft certifications instead of Cisco. My CCNA and CCNA Security mean nothing to anyone because they want the CCNP or CCIE or they want a CCNP and MCSE. I am starting to feel fucked beyond belief and that I cannot live up to the promise I made to my father in law, to take care of his daughter.

The thing that makes me so pissed is that I am not looking for a handout. I am not an idiot and I am willing to work hard anywhere I work but no one is willing to give me a chance. No one is willing to hire me. No one. Its like when you growing up, people say work hard and go to school and you will go far but they never mentioned what happens if no one is willing to give you the chance to work hard. This job market is utter bullshit and I thought that "IT" is a growing field. I am not some guy fresh out of Tech Cert School looking for a 80K job. I have work experience. I have put in time but no one gives even half of a fuck. When did it get this way? When did entry level positions require 4-5 years of experience and 6-7 high level certifications and knowledge? When did companies decided to stop investing in employees? When did benefits stop being standard?

I don't know what else to do honestly and I am willing to put my life on the line to make sure she stays fed. So yea, I am probably going to go to some branch of the military, most likely Army or Air Force. The Army has a program that I am interested in call the 25n (basically networking and linux) under communications. I am about to go running now, with conviction.

updates

2010-05-02T12:18:00.000-04:00

Well I went on two interviews last week. Still no word back from either one. In the mean time, I have been seriously considering the Army Reserves, Air Force Reserves, or National Guard. I am thinking about going for a 25N (a networking position). I looked at the standards for the fitness and I know that I would need to get back into my high school wrestling shape. I have decided to develop a program that will do this for me.
I want to implement this over the next four months, starting tomorrow.

Step 1: Reduce caloric intake to 1700 max
- I know I have been eating much more than this but I want to basically eat a very protein rich diet, raise veggies, meat, and fruit, and reduce breads and sugars to nearly nothing at all (unless it is naturally occurring). I want to try to cut all of the bad fats out of my diet.

Step 2: Run
- I am going to do the couch to 5 k program, but I am going to double it (once during the day and once at night).

Step 3: Pushups/Situps/
- I plan to start with a lower number and slowly build myself up to doing 200 pushups and 600 situps a day.

Step 4: Lifting
- Two days a week I am going to bench, curl, leg press, and preachers curl my brains out. I have a bench and weights in my house so I should be able to do this easily.

Step 5: Weigh ins/Check ins
- For my ideal height and weight, to get the most points on the physical exam, I would need to do about 75 pushups in 2 minutes, 80 situps in 2 minutes, and run 2 miles in 13 minutes. Naturally my goals are 90 pushups, 90 situps and run the 2 miles in 12:30. So that is what I am working towards and why. I will be sure to keep everyone posted.

update

2010-04-22T02:48:00.001-04:00

Haven't posted in awhile. Not really a whole lot to say. I abandoned the MCSE and MS certifications and I want to focus on Networking, Security and Linux. I have had some let downs as some positions that I thought would come through didn't. I had an interview this week for a Network Support position (part time, weekends) and I was called in for an interview for a Network Engineer position later on today. I am going to try something different so lets see how that goes.

I can't sleep. I have been thinking of all the people along the way who have put a title on me: Tech, Helpdesk Agent, Customer Support, Senior Tech, Noc Tech, Line worker, Dishroom support, Son, Brother, Husband, and it occurred to me that I have never put a title on myself. I have always been given these titles. It bothers me, I feel like I have no control of my life. Even now to the state I am a name, an allotted amount of money and an address. I have never really stopped to think Why am I here, and what I am suppose to do in this world. I like IT. I think it is exciting but I don't know if I could remove virus' from machines or replace broken parts for the rest of my working life. I know I don't want to leave IT but lately I have just felt so, small. IDK maybe something will help me gain some perspective. I honestly don't even know how to pray anymore. I am starting this walk through New Testament in 90 days program either today or Sunday because I am looking for something, something to help me make sense of it all.

. . .

2010-04-11T23:17:00.000-04:00

As some of you know I am working for a company doing project based IT support. It is wearing on my car, my stress level, and wasting my time. I am still trying to find something stable and I haven't had much luck. I think that I can try to turn it around this week. I am tired of this, it is beginning to feel like I can make a change. I need to move into a different state - mentally, IT wise, spiritually, physically, and financially. I feel like it is time and I am willing to take that leap of faith to get where I need to. I am going to do some things this week I have never done (job wise) and I hope to reap a reward. We will see.

Change again and this time its final

2010-04-10T16:08:00.000-04:00

I think. I want to get these things done by July 2011:

CCNA:S(done) MCSA:S S+, LPIC-1 SNRS(CCSP), C|EH OCA ITILv3F and graduate (3.5 gpa). I should at least be able to get my Network Engineering degree done by July, I might need an extra quarter for the Software Development one but we will see. I want to get the MCSA and S+ done within the next few months followed by the MCSA:S, LPIC-1 and SNRS shortly after that. So I am fully on board for my future security studies

290 April 30th

2010-04-08T22:31:00.000-04:00

The title says it all. I am going to use this area to put notes and stuff for my 290 attempt in 3 weeks. Wish me luck!

Chapter 2 Notes (290 student guide):
- MMC.exe is the shortcut to Microsoft Management Console
- Snap ins can be used in Author mode or User mode
- Snap ins are either standalone or extensions
-
- By default WinSev 2003 boxes are configured to allow TS connections from members of the Admin group.

- Term Services use TCP/UDP port number 3389 by default

- Remote Assistance uses TCP port 3389

Chapter 3 Notes:

Update

2010-04-03T01:10:00.000-04:00

Wow it has been awhile since I posted. I regret to say I haven't been studying as much as I should have, mostly because these last few weeks have been crazy. I picked up a job as a contracted pc support "tech" which is a fun as it sounds. I am back in school at nights and I am still trying to pick up a full time job. I have a few leads and I am in pursuit. I still want to do the MCSA Sec and S+ but (depending on what happens with these jobs) I could be picking up MCSA Messaging or an MCTS in SQL Server, Sharepoint and .Net OR CCNA V and starting the CCNP track. I am still keeping my eyes open and I plan to start posing my 290 studies on here as well. Oh and I also got a temp job doing tech reviewing for a CCNP Switch guide. Busy busy busy. Hopefully things will slow down and I will be able to focus in on work, school, and certs. Stay tuned!

Life Happens

2010-03-11T22:14:00.001-05:00

Well it has been about a month since I last posted and I will explain why. I was recently working a contract job but that contract came to an end. I have been looking for a job since last month. I have had several different phone interviews and I actually had an interview a few weeks ago for an Associate Network Engineer position. It didn't pan out (I was told I was one of the last people left but I lost out to someone with a degree). I had an interview for a network analysis position yesterday with a local company which seems like a very good fit for me. I am also talking with a local company about a job working at the Air Force base. The last few weeks have been very rough for me mentally and I have had a very hard time trying to get back on the study horse. I started to pray about it and I have come out of my dark place and I want to study and grow more. At any rate I changed my cert plan for the year and this time I think it is pretty finalized

Microsoft: MCP MCTS MCSA MCSA:S
Comptia: Security+ Linux+
Cisco: SNRS (CCSP)

I think this is going to be pretty stable from here on out (it could change but I don't think it will). At any rate I need to start my 290 studies and I will chronicle my studies for the 290 (starting saturday). I will also chronicle my network studies as well so for those who actual read this thing, this blog should start getting interesting and hopefully educational.

10k Page Challenge

2010-02-18T05:34:00.000-05:00

Inspired by another Tech Exams member and blogger, I wanted to post what books I am reading (IT and otherwise). The goal is to get to 10K pages within a year. I will post the books on after I have finished them (completely).

IT:

Authorized Self-Study Guide Implementing Cisco IOS Network Security (600)
CCNA Self Study Guide (965)
CCNA Security Lab Manual (288)

Others:

Total:
1840

Update

2010-02-14T18:39:00.000-05:00

I have an interview coming up for an Associate Network Engineer coming up in a few days. I think I am going to get it (God is good). At any rate I also have been doing some thinking about what I want to do in these next few years (between now and when I am done with school). I think this is it ( pulled from my sig at tech exams)

Networking: CCNA:V,W, DA, CCNP CCSP maybe JNCIA:ER, JNCIS:SEC
Linux: L+
MS: If I need to: MCITP:EA/SA
Security/Others: S+, SSCP, ITIL foundations possibly checkpoint CCSA/CCSE

More than likely S+, L+ CCNA:V CCNA:W and Route will be done this year. IF I need to, I can squeeze in an MCTS for MCITP:EA but that will be a big IF. The rest will be spread out across 2011 and 2012. It will probably take me 5-7 quarters to complete my degrees and since I won't be back until Fall 2010/Winter 2011 I think that gives me more than enough time to get er done. So I guess all that's left is to do it. I hope I can make this blog useful to all of those who come across it.

Update

2010-02-11T13:46:00.000-05:00

Sorry I haven't updated this in a while. Well the good news is that I passed the CCNA:S, the bad news is that while I was on my way to work (in a blizzard mind you) my boss decided to tell me that my contract has ended and I will be no longer employed. Sigh guess my cert goals are now on hold and my next thing is to find a job (locally and hopefully non-contract).

Layer 2 Security (CCNA:S)

2010-01-19T17:15:00.002-05:00

These are some of my Layer 2 Security Notes:

Vlan Threats:
Vlan Hopping: Traffic can be sent by attacker to one vlan from another without going through a Layer 3 device.
http://en.wikipedia.org/wiki/VLAN_hopping

Methods:
Switch spoofing (an attacking host acts as if it is a switch).
- To mitigate make sure auto trunking is off on all ports. Turn off DTP and manually set ports

Double Tagging (an attacker encapsulates a dot1q frame inside of another dot1q frame)
- Make different Native Vlans for Trunks and Access ports.
- Disable unused ports

Important Commands:

Switchport mode trunk - Sets a port as a trunk
Switchport nonegotiate - Turns off DTP frames
Switchport trunk Native Vlan vlan number - Sets the native Vlan

Additional information:
http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml

STP Threats:
An attacker can send out false BPDUs to force an STP recalculation and thusly make itself the Root Bridge.

Mitigation Techniques:

BPDU Guard: Blocks BPDUs on ports that shouldn't recieve them (best used on access ports)
BPDU Filter: Stops ports from sending BPDUs that should send them
Root Guard: Limits the ports which the root bridge can be negotiated

Spanning-Tree Portfast Bpduguard default : Enables BPDU guard on ports with portfast
Spanning-Tree BpduFilter Enables BPDU filter
Spanning-Tree group root - Enables Root Guard
Show spanning-tree summary - Shows valuable spanning tree information

Cam Attacks, Mac spoofing and other things are best covered by this article:

http://articles.techrepublic.com.com/5100-10878_11-6154589.html

Layer 2 Security (CCNA:S)

2010-01-19T17:15:00.001-05:00

Oh yea maybe I should define this.. Blog 2010 Charter Woot!!!!

2010-01-18T19:47:00.000-05:00

Well I have finalized my 2010 plans, they are as follows:

School:

3.5 gpa in both my Network Engineering and Software Development tracks.

Certs*:

Cisco: CCNA Security and CCDA.
Microsoft: MCP MCTS, MCSA and MCSA:Security
Comptia: Security+ and Linux+

Working towards: MCITP:EA/SA, LPIC-1 , CCNA Voice

Learning (non-certs)

Basics: Perl, C/C++, X-SQL, RegEx

Basics+ Intermediate: *nix, MS server/technologies networking IPv6, LAMP and Virtualization

So that is it. My blog maybe all over the place but I will make sure to put the subject area in the title.

*(If time and money permit)

Jan 30th is the Big Day

2010-01-18T19:43:00.000-05:00

Welp I am making my final push towards the CCNA:S. My overall plan is to study between 4-6 hours week day (so about 45-54 hours) and 8 hours on my 3 day weekend (24 hours). I will post any notes I think that will be important to review between now and then and I will give a full right up after the exam. Wish me luck!!!!

AAA Notes

2010-01-13T18:48:00.000-05:00

AAA: Authentication , Authorization, Accounting.

Authentication: Who you are.
Authorization: What you can do.
Accounting: What you did.

Modes of operation:

Character Mode: Used with things that can configure the device
- Vty lines, Aux lines, Con ports, etc

Packet Mode: Used for things that allow the device to connect to another device/network
- Async, BRI, PRI, Serial ports, etc

RADIUS:

- Defined in RFC 2865 http://www.faqs.org/rfcs/rfc2865.html
- Open standard
-UDP port 1645 (default on cisco routers)
- Encrypts only password
- Combines authentication and authorization
- Does not support all protocols:
- Apple Talk Remote Access Protocol (ARA)
- NetBios Frame Protocol Control Protocol
- Novell Asynchronous Services Interface (NASI)
- X. 25 DAD connections

TACACS:
- Cisco defined
- Defined in RFC 1492 http://www.faqs.org/rfcs/rfc1492.html
- Encrypts entire packet
- Seperates authentication and authorization
- Multiprotocol support

Important Commands

AAA new-model - Starts AAA
Radius-server host - Sets Radius Server
Tacacs-server host - Sets Tacacs Server
Debug AAA Authentication - Shows Authentication Events
Debug AAA Authorization - Shows Authorization Events
Debug AAA Accounting - Shows Accounting Events
Debug Tacacs - Shows Tacacs information
Debug Radius - Shows Radius information

Change of Plans

2010-01-12T21:41:00.000-05:00

Welp, life changes so fast. New year, new me, new plans! I have scaled my plans back drastically for 2010 and it is now down to this (certification wise) (in order): CCNA:S (JAN) Security+ (FEB) Linux+(MARCH) JNCIA:ER (SPRING or SUMMER) and ASA Specialist (FALL or WINTER) or CCNA:Voice (or both if I can afford it this year). The first three are fixed (since I want to get them done before I go back to school in April) but the last 2 are not. I am currently working towards finishing the CCNA:S so the next few post are going to be about that. My CCNA:S test is on Jan 30th. Wish me luck!!!

Welcome to my humble blog

2009-12-10T16:35:00.000-05:00

Greetings All:

Welcome to Knwminus' journey to greatness. I will use this blog to track my progress through CCNA:S, Security+, Linux+,SCSA, SCNA, SCSECA, CCNP, CCSP, RHCE, RHCSS, GCUX and finally CCIE:S as well as 2 A.A.S' (Network Engineering and Software Development) and a BS in Computer Science over the next few years. I hope to complete this journey by the year 2013. I currently have the A+, Network+, and the CCNA certifications. I work as a Tier II NOC Tech with a local managed services provider. I have been into computers since the 7th grade when I was building SQL apps with ASP front ins at a local class/competition. I am not an expert at anything and I will make mistakes along the way but I hope this will help someone who is working on their own goals. Feel free to comment, ask questions, ask for more info and correct me. I cannot say that I will update this everyday but once a week will be its average (maybe more if I feel like it).

Thanks,

Knwminus