So as it’s been a while since I took my hiatus, I need to bring everybody up to speed on what’s been happening the past few months. As I’m getting old and my memory isn’t what it used to be, I’ll try and be brief and expand on certain topics moving forward.

SANS Amsterdam

After some discussions with work we agreed that attending the new SANS 560 “Penetration Testing and Ethical Hacking” class would be a good thing. Well, I convinced myself it would be good, and then.. well you get the clue. The course was held near to the airport in Amsterdam and was great fun on all levels. Although amongst the fun nights on the town, coffee shops and interesting shows, I learned a lot. The course was listed as one of the most technical offered by SANS and although it didn’t seem to technical at the time (thanks to the excellent course material by Ed Skoudis, and the few relaxed and informative presentation by John Strand), however as I begin to renew the topics for the exam, things aren’t as easy as they seemed at the course. That said, I’m sure I’ll do well in the exam, as I’m hoping to do work with SANS again in the future, possibly as a Mentor or as part of the work/learn program.

My first Article

Some people already know that I decided to take a stab at writing something for a magazine a few months back. The process of writing was a little harder than I thought, and I’m sure my girlfriend and parents are happy it’s over. I think I emailed my father at least 4 copies to proof read, most of them changing so quickly that he could never finish reading one before a new draft was ready. Still, things are looking up as Linux Pro Magazine in the US will be running it in the next edition (hopefully). It kind of ran over a little on the word count.. if you ask for a few pages at 800 words a page and get about 5,000 words, then it can be hard to squeeze in 😉 Still look out for a Snort Intrusion Detection article in a shop near you soon…. for those already using Snort or other IDS’s, this was a basic setup article, so no new ground broken for the first article. Maybe next time.

Work, life and everything in-between

It’s nice to live in a country were you can go for a swim in a lake when it’s hot…. nothing nicer than just sitting by a lake and relaying (which I hope to do this weekend if the weather holds). The downside is, I’m English. We just tend to turn bright red, peel and then get pale again. Still, better than always being white eh 😉 Work is challenging as usual. My German skills are (hopefully) getting a little better as time goes past, and learning new things is always a plus. Anyway, enough about work…. Gika (my girlfriend) has just finished University and it’s starting full-time at a web-content provider in the next few weeks. I’m very proud of her, as it’s been tough the last 3 years, dealing with University and me on-top. After all in our relationship I’ve lived in 3 different countries. If that’s not stressful then what is 😉 I like where I’m at now and don’t think I’d be anywhere near this place in my life, career and mind without her.

So expect some technical content coming up soon… it’s been too long since I’ve posted a command-line into this blog. So I’ll leave you with this to keep you busy.

for /F %i IN (hostname.txt) DO @ping -n 1 -w 500 %i | find /I “reply”

for /L %i IN (1,1,255) DO @ping -n 1 -w 500 192.168.0.%i | find /I “reply”

They’re quick and dirty… but if you need a ping sweep quick sharp, it’s tell you what’s up and what’s not. The first will do all hosts listed in a file, single ICMP packet with a timeout of 500ms. The second does the same ping but using all IP addresses from 192.168.0.1~255. The FIND command filters the responses to only inform you of valid replies. For some much better examples you should checkout the Ed Skoudis presentations on command-line kung-fu. Check the SANS website.