Re: [nycnetworkers] CCNA Security labs

From: Joaquim N.
Sent on: Wednesday, April 9, 2014 8:57 PM

NICE! I do the same. You never kniw what you're going to get lol. Programming languages  is the big topic of conversation across several forums and the ones i've seen that stick out are python, ruby, javascript, perl, java and C. Does anyone know either ? Or where to start and which is best to beginners ?

On Apr 9,[masked]:49 PM, mayowa ogunbayo <[address removed]> wrote:
Nice one about using a sandbox. My friends and I actually try testing files that we know are infected 
on isolated old boxes with backtrack and forensic tools installed or installed on usb to learn 
as a hobbies. I simply call it the sandbox "The black hole". 

What are the core programing languages you would suggest as must have for a security engineer?  

I heard some say MYSQL because snort uses it and for heuristic pattern matching. 

However, I am not so sure. Anyone have an idea?

Yours 

Mayowa Ogunbayo


On Wed, Apr 9, 2014 at 6:27 PM, Joaquim Nogueira <[address removed]> wrote:

I read an article that stated that Cisco will support open source more then ever. So if I had to take a guess snort will continue to live on and probably will be enhanced. In terms of Kali and backtrack they aren't going anywhere because these two OS's are the primary tools for penetration  and vulnerability testing.

To answer your previous e-mail the more open source tools you know the better. I always see snort as a requirement along with knowing very specific open source tools such as nmap and the ones you mentioned.

In terms of overall security, networking is only scratching the surface. A good security engineer is required to know various coding languages, how to use open source tools aswelll as knowing Linux inside and out .

My next objective is to learn Python, Ruby and JavaScript and gain various ethical hacker and criminal forensics certifications. I feel that will me an edge or at least an interview.

Furthermore, in terms of running unknown or untrusted apps I make it a big deal to run them in a sandbox environment. This way I can guarantee my production environment isn't affected.

On Apr 9,[masked]:35 PM, mayowa ogunbayo <[address removed]> wrote:
Hi All,

Now that Cisco has bought sourcefire (Oct 2013), and the hubula has died down, 
is there a plan to support / contribute to the free open source version  "snort"  
like sourcefire had done in the past? Anyone have an idea? 

I would like to know if I should chuck snort up as part of the tools of the trade retired 
so far, not sure where Kali or Backtrack is heading either. 

Yours Sincerely 

Mayowa Ogunbayo 



On Wed, Apr 9, 2014 at 1:15 PM, Joaquim Nogueira <[address removed]> wrote:

http://blogs.cisco.com/security/openssl-heartbleed-vulnerability-cve-2014-0160-cisco-products-and-mitigations/

http://tools.cisco.com/security/center/mcontent/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed

On Apr 9,[masked]:08 AM, Joaquim Nogueira <[address removed]> wrote:

All:


I apologize for yesterdays comment regarding the keygen. I posted it STRICTLY for educational purposes esp. in GNS3. 

That said, again i apologize for any issues that came up because of it.



On another note, William and I spoke last night regarding setting up a lab for the CCNA and CCNP security route and the question of whether to use physical or virtual hardware came up. Hopefully the below can put you at ease and assist with your decision. 


SECURE Exam

-95% router based and can be done in GNS3 with no issues

-5% on switches dealing with PVLANS, minor port-security and 802.1x (can't be done in GNS3) My advice, learn the concepts and memorize the commands

-The SIM on this exam is implementing zones on a router which can be done in GNS3


FIREWALL EXAM

-Know all the firewall models

-Know the difference between version 8.2 and below and 8.3 and above (only ver 8.3+ can be done in GNS3)

-Know the asdm (unfortunately) this can be done in GNS3

-Access-lists, NATs, objects, object-groups, redundant interfaces and etc can be done in GNS3 but only using the new version. (I only got one question regarding the only version)

-The SIM ( I don't remember off the top of my head)



VPN EXAM

-Heavily based on Anyconnect and clientless VPN

-By default the ASA comes with 2 anyconnect essential licenses 

-Anyconnect premium license is required for the Clientless VPN

-if we can upload the anyconnect image this should be doable in GNS3

-I will find out and report back

-The SIM (I don't remember off the top of my head)



IPS EXAM

-Know the difference models and concepts of how each of them work

-launch the GUI in GNS3 and mess around with the virtual interfaces and the policies that go with it

-This can

-The SIM is creating virtual interface, creating custom policy and applying it


So overall this exam is doable in GNS3, but be mindful that in GNS3 the firewall can be buggy and will lock up on you from time to time. So save your configs to text files frequently. 


if others have more information please feel free to add it, the more information the better.


Furthermore, for those starting in security, i recommend reading and taking the Comptia security+ and Comptia Linux+ books.


Joaquim Nogueira

From: [address removed] <[address removed]> on behalf of mayowa ogunbayo <[address removed]>
Sent: Tuesday, April 8,[masked]:55 PM
To: [address removed]
Subject: Re: [nycnetworkers] CCNA Security labs
 
Hi All, 

I am with you on that Aristide, I will really appreciate someone hosting a CCNA security meetup too.

Mayowa  


On Tue, Apr 8, 2014 at 5:46 PM, Aristide Fredricks <[address removed]> wrote:
I am down for it all when my time permits. Trying the soak it all in. Thanks.

Aristide


On Tue, Apr 8, 2014 at 3:22 PM, William Zambrano <[address removed]> wrote:

Networkers,
I've added on the nycnetworkers.com page a CCNA Security lab with one full blown lab you can try for people who had a CCNA Security or studying for it. I took a look at the calendar for the next month and May and its really packed between other meetups and Cisco Live.

I've noticed alot of people joining the group is asking for either for Security or Datacenter, not R&S. Seeing the demand I'll try to put together more SEC/DC meetups and labs.

I'll post up a "solution" video sometime later, but give it a try and let me know your thoughts on it!

Thanks
WZ
[masked]





--
Please Note: If you hit "REPLY", your message will be sent to everyone on this mailing list ([address removed])
This message was sent by William Zambrano ([address removed]) from NYC/Cisco Networkers.
To learn more about William Zambrano, visit his/her member profile
To report this message or block the sender, please click here
To unsubscribe from special announcements from your Organizer(s), click here

Meetup, POB 4668 #37895 NY NY USA 10163 | [address removed]





--
Please Note: If you hit "REPLY", your message will be sent to everyone on this mailing list ([address removed])
This message was sent by Aristide Fredricks ([address removed]) from NYC/Cisco Networkers.
To learn more about Aristide Fredricks, visit his/her member profile
To report this message or block the sender, please click here
Set my mailing list to email me As they are sent | In one daily email | Don't send me mailing list messages

Meetup, POB 4668 #37895 NY NY USA 10163 | [address removed]



--
Mayowa Ogunbayo
(617)[masked]






--
Please Note: If you hit "REPLY", your message will be sent to everyone on this mailing list ([address removed])
This message was sent by mayowa ogunbayo ([address removed]) from NYC/Cisco Networkers.
To learn more about mayowa ogunbayo, visit his/her member profile
To report this message or block the sender, please click here
Set my mailing list to email me As they are sent | In one daily email | Don't send me mailing list messages

Meetup, POB 4668 #37895 NY NY USA 10163 | [address removed]




--
Please Note: If you hit "REPLY", your message will be sent to everyone on this mailing list ([address removed])
This message was sent by Joaquim Nogueira ([address removed]) from NYC/Cisco Networkers.
To learn more about Joaquim Nogueira, visit his/her member profile
To report this message or block the sender, please click here
Set my mailing list to email me As they are sent | In one daily email | Don't send me mailing list messages

Meetup, POB 4668 #37895 NY NY USA 10163 | [address removed]




--
Please Note: If you hit "REPLY", your message will be sent to everyone on this mailing list ([address removed])
This message was sent by Joaquim Nogueira ([address removed]) from NYC/Cisco Networkers.
To learn more about Joaquim Nogueira, visit his/her member profile
To report this message or block the sender, please click here
Set my mailing list to email me As they are sent | In one daily email | Don't send me mailing list messages

Meetup, POB 4668 #37895 NY NY USA 10163 | [address removed]



--
Mayowa Ogunbayo
(617)[masked]






--
Please Note: If you hit "REPLY", your message will be sent to everyone on this mailing list ([address removed])
This message was sent by mayowa ogunbayo ([address removed]) from NYC/Cisco Networkers.
To learn more about mayowa ogunbayo, visit his/her member profile
To report this message or block the sender, please click here
Set my mailing list to email me As they are sent | In one daily email | Don't send me mailing list messages

Meetup, POB 4668 #37895 NY NY USA 10163 | [address removed]




--
Please Note: If you hit "REPLY", your message will be sent to everyone on this mailing list ([address removed])
This message was sent by Joaquim Nogueira ([address removed]) from NYC/Cisco Networkers.
To learn more about Joaquim Nogueira, visit his/her member profile
To report this message or block the sender, please click here
Set my mailing list to email me As they are sent | In one daily email | Don't send me mailing list messages

Meetup, POB 4668 #37895 NY NY USA 10163 | [address removed]



--
Mayowa Ogunbayo
(617)[masked]






--
Please Note: If you hit "REPLY", your message will be sent to everyone on this mailing list ([address removed])
This message was sent by mayowa ogunbayo ([address removed]) from NYC/Cisco Networkers.
To learn more about mayowa ogunbayo, visit his/her member profile
To report this message or block the sender, please click here
Set my mailing list to email me As they are sent | In one daily email | Don't send me mailing list messages

Meetup, POB 4668 #37895 NY NY USA 10163 | [address removed]

People in this
Meetup are also in:

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy