Thursday, July 30, 2009

A Bad Month!

July has been a really crazy month. It started off with my wife nagging me to follow through on my New Years Resolution to get 2 certifications this year. I love to make resolutions like this but then I get playing with MetaSploit, Maltego and Powershell and everything else gets forgotten.

So the beginning of the month was gearing up for the Security+. To tell the truth it was a pretty easy exam but I'm glad I did it. I would love to work in the security field one day and I guess this shows an understanding of the fundamentals. Then I was planning to take a Citrix certification but I figured a CCNA seemed so much more fun so I went with that instead. So hear I am with my head buried in Cisco books and an old router and switch being configured six ways to Sunday! I definately have a new found respect for the guys out there with their Cisco certs, this stuff is pretty hardcore when you get your hands dirty!

Anyway, back to the point. I know I intended to get a post a week out as I have in the past but things just got on top of me. I will try harder for August and get back on track. Thanks to everyone who has sent me encouraging comments and emails.

Looking forward to August.



g3k said...

I'm surprised to see that you AREN'T in the security field already. Your posts are 100% pro, I look forward to every one.

How did you feel the Security+ test did vs the study material? I just got done with my Network+ and I'm working my way over to Security+ and then maybe on to SSCP.

Keep the posts coming!

mneis said...

hey Syn,
have been looking forward to another post from you. Well, times go strange sometimes, but bear up. You do great work in here.

Do you intend to take the "Pentesting with Backtrack" course and get the OSCP? I think it's becoming more and more important.

regards, Markus

Anonymous said...

Welcome back ... I thought you'd fallen from the mortal conveyor belt!

I've been toying with the idea of doing Security+ but, as you say, there are lots of other things to play with. Are you doing the CCNA under your own steam or going to a class? I finished mine about 3 months ago and got the ticket. I'm looking for something else to flex my brain now.

SynJunkie said...
This comment has been removed by the author.
SynJunkie said...

G3K - Hey thanks.

I thought the Sec+ was okay I used the Sybex training books. I would say there were a few inacuracies (like my grammar) here and there especially around the wireless chapters but I must admit I should have checked there sites for updates.

SSCP looks interesting. Maybe next year though!

mneis - I think at the moment the OSCP is one of those that is a way off for me. I would really want to improve my coding ... let me rephrase that... get some coding and RE skills.

Anonymous - Cheers, I nearly did!

I have done all my certs (CEH, Sec+ and hopefully CCNA) under my own steam. I really love this stuff and I find that aiming for a cert gives me motivation and direction. I want to get a better understandig of networking and I thought I would try to kill 2 birds with one stone and get the CCNA as well.

How did you fid the CCNA?

Anonymous said...

Good luck. When you finish, check out the CCNA security specialization (IINS 640-553).

TAPE said...

Have been missing your posts ! As mentioned above, never crossed my mind that you werent in the security bit ! Love your posts.

Good news on the certification, grats !

Nice to hear you enjoying Maltego, thats something I would love to see a post or two on :)

SynJunkie said...

Anonymous - IINS 640-553 sounds like an interesting option. The trouble is there are so many security exams out there its hard to know which to do, especially when it's self funded. But saying that, I always view anything such as books and courses as in investment in myself.

I really want to aim for certs that are challenging and meaningful rather than open book exams that in my opinion are just plain wrong.

TAPE - Thanks for the comment. My role is that of a Sys Admin and I do get a few security tasks passed on to me as I let it be known that I'm keen as hell about security stuff and I'm prepared to do anything that's security related.

My long term goal is to get a job that is entirely security related. So I'm preparing my skill set to make myself as employable in that area as I can. For my current job I try to tune it to what I enjoy but it seems that it's not that easy when the specialisation I love isn't taken seriously by those in charge. I think I'll leave it at that.

Dave said...

Hey Syn

I did my CCNA in a day release class which was run in a workshop scenario. There were about 20 students at various stages of the course. The tutor was there to offer advice if we got stuck but there was never any full class tutorials etc. because we were all at different stages. The only advantages that I saw (compared with hitting the books at home) was that we had a fair amount of kit to play with and we (students) could bounce ideas and problems from each other. All in all, it was an interesting course which led to a well-recognised qualification. It wasn't easy though!


Dave (previously "Anonymous")

SynJunkie said...

Dave, it sounds like a good setup you had there. I have a couple of bits of old kit (2950 and a 800 series router) that i have scrounged but I also have a virtual lab set up using GNS3 and some IOS images i stumbled across.

I have heard from a mate at work that the CCNA is pretty tough, and that's exactly what I wanted. I can't tell you how dissapointed I was at the quality of the CEH course and exam that I did. I think after this one I will feel a good sense of achievement.

andi said...

Thanks for this useful post, I have listened that OSCP certification is beneficial for any company in the purpose of security.