Month: December 2019

Posted in Uncategorized

2019 – A Quick Reflection

Posted on by Steph

It is the end of 2019 and like most I want to take a moment to reflect on all the things that I actually have accomplished this year. Sometimes we can think too much about where we aren’t that we don’t focus on where we actually are and how far we have come. At the beginning of this year I had just changed careers and I was a little unsure of where or if I actually fit in. Now, I’m more self-assured and confident in my ability to learn and retain new things and the “rightness” of this course .

Accomplishments

  • Passed Network+
  • Passed Security+
  • Participated in First CTF (Individual and Group)
  • Started a Blog
  • Delved more into Cryptography
  • Cracked a Password
  • Finished my First Year in a Cybersecurity Position
  • Attended my first Cybersecurity Conference (Hacker Halted in Atlanta)
  • Finished Undergrad work (Only have my Capstone left)

But, it’s also good to look back at how we might have failed because epic-ly failing is how we level-up epic-ly.

Failures

  • My First CTF was a Bull in a China Shop Scenario
  • The Group work was worse; most of my group work across categories was kind of a bust (Pen-testing Methodology for a Class was the 1 exception)
  • Really buckling down and learning Linux…

 ”Self-awareness gives you the capacity to learn from your mistakes as well as your successes.”

Lawrence Bossidy

Upcoming….

  • CYSA+ (Taking the Beta in a few days…[crossed fingers])
  • Linux+ (Voucher has already been purchased)
  • Finish Undergrad and move directly onto Graduate Coursework
  • Build out Security Lab
  • Put a Dent in My InfoSec Book Collection
  • Get Better at Networking…

“The future rewards those who press on. I don’t have time to feel sorry for myself. I don’t have time to complain. I’m going to press on. “

Barack Obama

Posted in Flashback Friday

Flashback Friday – 12/2019

Posted on by Steph

“It’s not too late to start! Start right now anyway. Set goals and take action. Have courage to fall, fail and suffer. Don’t quit. Persist with courage. Success will achieve anyway and be yours 100% guaranteed.”

― Lord Robin

I started really getting into tech when I was working overseas. I had soooo much time and needed something to stimulate myself. Also, I knew that the work I was doing was temporary and I needed to make a way so that when I came back I wouldn’t have to go back to my previous position. The first steps I took was trying to learn to code/program So many of my first resources are geared towards that.

First Resources

Posted in Labs

Build A Lab With Me… (#1)

Posted on by Steph

Adventures in VirtualBox

By far the easiest method of getting a cyber lab up and running is using virtualbox or vmware. I’m partial to virtualbox because it’s free and my pockets love free. Using virtualbox one can build out a connected network that is separate from their actual machine (connection-wise). Using one or more of the vulnerable VMs on Vulnhub they can also test out and learn how to conduct a penetration test/hack a machine. They say the best way to learn is by doing. So, my first cyber lab has been through virtual machines.
There are a number of good/great youtube tutorials on how to set-up VMs for a cyber lab so, I’m not going to rehash that. I will link to a couple that I found particularly helpful with this iteration of my lab:

The reasons I went in this direction for my first cyber lab is because it’s cost effective and easy to set-up, maintain, and ultimately breakdown. Making snapshots make making mistakes (it happens and crashing a lab and having to start all over is the worst) not as nerve-wrecking as it would be if you infected and crashed you actual machine. A virtual lab allows for a user to test networking, penetration testing, monitoring , and more without having to buy a lab. I would definitely recommend as a starting point if someone was trying to find a way to sharpen/grow their skills.

Recommended Virtual Machines

  • Kali Linux
  • Parrot OS
  • Metasploitable 2 (Great Beginner machine to hack)
  • A Windows Machine (7 or Better) [Available from Microsoft]

Minimum System Requirements:

  • Windows Vista or Higher (I’d recommend at least 7) or
  • Apple OS X (at least 10.9) or
  • The Most current update for the Linux Distro of your choice
  • RAM depends on the number of VMs running (16 GB is a good number)
  • Storage is based on the number of VMs running (30 MB for Virtualbox; At least 10GB per VM)
Posted in Uncategorized

All Brute Force, No Finesse…

Posted on by Steph

Thoughts on My First National Cyber League/Capture the Flag Experience.

I’m a finesse pitcher without the finesse.

David Cone

It’s a month removed from competing in Skyline’s National Cyber League Capture the Flag (CTF) This was my first time and really I did it kind of on a lark, like I was interested in doing CTFs, but I never had so I was also a bit intimidated. I got an email from school about competing on their team with the cost covered, all experience levels welcome and did it. |
The competition was intense, because I always want to do my best and really for the individual and team portions you only have a weekend to do each. The craziest part is the team portion fell on the same week as midterms so extra stressors. That was added on to the fact that only 2 of us out of the 4 person team actually did any work (isn’t that just typical of group work?).
All in all it was a great experience though because it kind of showed me my strengths and weaknesses and also because the competitive nature of the games spoke to my Aries nature. I always want to be my best, not necessarily THE best, but MY best.
I’m actually pretty excited to try my hand again in the Spring. Maybe then I’ll have a better accuracy score instead of butting my head against the problems until I solve them through sheer determination and force.

unsplash-logoCaspar Camille Rubin

Individual Game 2019
National Rank: 718/4,149
Score: 1, 205

Posted in Uncategorized, What I've Used

What I’ve Used 12/2019

Posted on by Steph

CompTIA CSA+ Study Guide

By: Mike Chapple and David Seidl
Published by: Sybex, Inc.

The thing I like most about this particular guide is that it has Labs for each chapter, I think this is important as it gives the reader/learner a hands on approach to learning. This type of hands-on can possibly help them when taking the exam because CompTIA exams always have a few scenario questions.
The version of the book I used for studying was the pre-release before the name of the exam was changed to CYSA+, but that is because this newer test has fewer options for study materials than older exams such as Network+ and Security+.
I’m taking the beta test in the first week of January, so wish me luck. (3.6/4)