Monday, December 27, 2010

Join.me is Brilliant

As the Chief Information Officer for my family and friends, I'm always looking for easy ways to get onto their computers to help them fix whatever is broken. I've been a HUGE fan of LogMeIn.com for years now but even getting that client software installed on their machines over the phone can be difficult sometimes :) To the rescue is the remote access site https://join.me/

This service is brilliant, and free. You tell the person that wants to share their screen to navigate to https://join.me/ and click on the "Share" button. They download a 1mb client and as soon as it runs it brings up a link that they can copy and email to you. Or they can just read the code to you and you punch it into the same join.me interface under the "Join" option. It's that simple. There is even chat and remote control in the free version.

My only gripe is that it does not work with Linux. I tried running it with wine and it runs but I cant see the Linux desktop. However, as long as you're not trying to share a Linux desktop it should work just fine to view either Windows or Mac computer. Bravo to the LogMeIn folks, this service is great!

Friday, December 24, 2010

Ubuntu Wont Let Me Login?

I was minutes a way from reinstalling Ubuntu on my home machine because it wouldn't let me log in all of a sudden. I saw the GNOME login screen which looked different than normal but all my user accounts were still in the list. I tried every account and their passwords but none of them would let me in. The login screen would go away like it wanted to log in but then just bring me back to my login screen, like it was caught in a loop. I never got the incorrect password prompt so I figured maybe I had to reset the password.

My grub menu screen wouldn't come up during boot so I instead booted from the Ubuntu installation media and followed this tutorial which worked great except when I rebooted I had the same problem. Ugh. I was still able to log into the terminal with CTRL+ALT+F1 and could see that all my data was there. Strange. Maybe a problem with the nvidia drivers or ubuntu desktop? I tried reinstalling all of that, same exact problem.

Then it dawned on me that maybe the hard drive was full? Not likely, but possible. A  df -h from the terminal showed me that there was 0% available on my HD. I removed a couple large folders and viola, back in business on a reboot.

Tuesday, December 14, 2010

Offensive Security Certified Professional

For the last 70ish days I've been actively hacking away in a lab environment, preparing for the Offensive Security Certified Professional (OSCP) exam. This was one of the hardest, yet most rewarding things I've ever done both academically and professionally. This course is not for the faint of heart and requires a lot of self discipline, perseverance and a very understanding wife. I highly recommend it if you're interested in penetration testing or would like to understand how the bad guys think. With this new way of thinking, you can begin to understand how to protect your network.

If you're wondering if the OSCP is for you, let me give you a little of my background. I've been in network/systems administration for about 10 years. I have in depth knowledge of protocols/routing/switching/enterprise applications and TCP/IP in general. My Windows skills are advanced but my Linux skills going into the course were weak. I run Linux at home and have had some exposure to different flavors but by no means, was I an expert in Linux. I am a terrible programmer, but can understand some C and enough scripting languages to get by. You need to bring all these skills and more to the course because you wont be taught these things - you will be expected to use them while you're hacking the lab and practicing the new concepts that "mutts" teaches you.

I have always been interested in security but outside of general metasploit usage, I wasn't very well versed in any of the popular open source security tools. This isn't a necessity because you will be come a whiz at them as you work the course. The course can be taught live or online. I chose the online portion and was given a set of videos and a 300 page lab guide. The videos are incredibly useful and extremely well put together. The lab guide is equally as useful. I will continue to reference both of these resources in the future. These two guides are simply that, they teach you the concepts but you really have to teach yourself how to apply them. You need to be able creatively think about applications, networks and protocols to understand how to apply the concepts you've learned.

This is where the perseverance and hard work comes in. No one is going to show you what to do in the labs, the administrators are not helpful and the IRC channel is full of people who just brag or talk about other things not related to the course. Do not assume you'll receive outside help when you get stuck. I believe this was done by design, it teaches you to be self sufficient and resourceful. The idea is that if you cant help yourself you wont ever be good at this. There are options for help, you just have to find them. There were many times where I would hit a wall, thought I couldn't penetrate any more servers and thought I hit my technical abilities but stepping away or reading additional resources would often help.

The lab consists of numerous hosts that are also connected to other networks. There are very easy servers and very difficult servers. As you start to penetrate these networks you run into fun things like fake bank databases, usernames/passwords and often the Offensive Security guys taunting you through funny website graphics or smiley faces. These "nuggets" made it fun to work the labs.

They sell the course in blocks of time. I highly, highly recommend getting at LEAST 60 days in the lab. The progress I made throughout the process was a roller coaster. I would go a week without any progress and then get on a hot streak and nail 5 servers in a night. Looking back, my knowledge at 30 days was not even half of what I ended up learning after the 75 days (I bought an additional 15 days). The more time in the labs, the better.

You're required to pass the "exam challenge" to obtain your certification. The exam is a new lab that you've never seen before and you have 24 hours to exploit the servers in that lab. My test started at 7am and I finished about 14 hours later. You have to submit all your documentation to them within 24 hours of the end of your exam. I read horror stories about this exam, people taking all 24 hours to complete the exam, others taking the exam 3 and 4 times. I believe with my additional lab time, I was better tuned to take the exam. I put an incredible amount of time into this, probably an additional 30-40 hours a week in addition to my full time job. It wasn't like work though, it was extremely fun.

I took the exam on Saturday and have been anxiously awaiting my results. Today I found out that I passed the exam and received my OSCP.

If you're interested in what you'll learn, check out the course syllabus here.

Bravo to the Offensive Security crew for a brilliant course. I learned more than I ever thought possible.
*******
UPDATE:
After 4 months - I decided to take the OSCE challenge and documented that here.