Wednesday, November 4, 2009

Ethical Hacking interest

I've started to prepare for Written Exam. I've compared the blueprint with what I've read in the past for the CCSP exams, and seems like I'll repeat 75% of the material. I'll have another post on it, and I'll share the spreadsheet with all the resources that I've used for all the topics.

But I got lazy 2 weeks ago. I'm expressing interest in ethical hacking since 2 years, and I came across this books: Penetration Testing and Network Defense, by Andrew Whitaker and Daniel P. Newman. Very nice, fast read. (There are many screenshots, don't be afraid of the size of the book when you first open it) There are some tools and technics that I haven't heard before. Recommended if you're interested in the "other" side of Security. If you're planning to become an ethical hacker, you need to look into more serious sources. For example, the material for Certified Ethical Hacker will have more then this book.

It took me 2 weeks, spending 2-3 hours per day on it.

CCSP ASA exams

2 months ago I got my CCSP, the last 2 exams were the ASA ones. Materials that I've used:

  1. Cisco Firewall Mentor Video lessons by David Hucaby
  2. Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance, by Jazib Frahim
  3. CCSP SNAF Quick Reference, by Andrew Mason
  4. CCSP SNAA Quick Reference, by Ryan Lindfield
  5. CCIE Professional Development Series Network Security Technologies and Solutions, by Yusuf Bhaiji
  6. Demo Version of ASDM version 6.0.3 - There are several scenarios and different setups. It is a demo but it helped me to be more oriented with the ASDM. In SNAF there a many ASDM questions.

Good Luck on the exams!

Improve knowledge in Cryptography

I would like to share resources that I used to improve my knowledge in cryptography. There are bunch of resources out there, below is the list that I used:

  1. Wikipedia - Probably all of us use it today. I've used it to get high level overview of the protocols.
  2. Video Lectures from University in Washington - - Those guys are incredible. I wish all of my teachers in the past were like them. I've started to do the home works and then stopped on the 2nd lesson. Too tough for me .
  3. The CodeBook from Simon Singh, and his website - You can download the Crypto CD-ROM for free from there. I consider myself pretty old for that CD, but I spent hours trying to break those codes there.
  4. Cryptography and Network Security Principles and Practices, Fourth Edition, By William Stallings - I loved it. It took me 45-50 days to get though it, but I enjoyed every second spent on it.  All those protocols that you'll find in blueprint are explained in details here.

It took me 3 months, but now I feel much more comfortable with all those protocols. It was time well spent.