GIAC Exams – Time Commitment?

To those of you who have a GIAC cert, how long/how many hours did it take you to study up for the exam? I am trying to plan ahead for GSEC, GHIC, and GCFA or GCIA but don't have any study materials yet. Thanks!

Touch here for the full post on Network Security Noblemen tumblr

Advertisements

22 y/o undergrad switching my major from English to CS

It’s been a good 6 months since I’ve been enrolled in school. I had a couple teammates pass away and decided to take a semester off since May of this year and in that time I realized that majoring in English would be unsatisfying knowing that the end goal of it would be me teaching college courses. Now, I have always had a passion for technology, so I did a lot of research on the topic of CS, Engineering, Cyber Sec, etc. and all the different colleges that would be a good area to build my career. After doing all of that and putting a lot of thought into it, I just decided to do a full major/career change to CS (I’ve also already set up a GitHub account, downloaded Python on my Mac, have Xcode installed, and I have Atom all set up on my Mac as well) and wanted to know from all of you in this community, what’s the best way to start coding as a beginner?

Touch here for the full post on Network Security Noblemen tumblr

Cybersecurity major career help

Hello reddit, I am looking for some advice. I am currently attending school full time for cybersecurity network forensics and intrusion investigation at one of the few schools in the country endorsed by NSA, Homeland Security and DC3. I have been unemployed this past year and focusing on school but have also been looking for my next big opportunity. My classes now are online so I can work a day job. I have probably applied to 75+ positions, desktop support, system admin, security analyst etc… My last job was essentially helpdesk and I hated it, being tied to a desk wearing a headset all day was just not for me and I was not utilizing my degree. I am looking for something mid level in the security or admin field. One thing I know is holding me back is not having a security clearance, seems like all the jobs I see posted require it. It also seems like lack of experience holds me back, I know I need experience but taking another helpdesk role will not help me. I want to be challenged and learn not reset passwords and reboot routers. Maybe its my resume, it could also by my geographical area (upstate NY). I have considered moving to a major city for a couple years to gain some experience in the field. I have less than a year left to obtain my degree but didn't think that would deter potential employers since I am pursuing and doing well. I have gotten interviews but they were for entry level help desk roles that did not pay well. I have also thought maybe getting some certs like security+ and network+ would help. Another problem is even though I am 33 I essentially have the same experience of someone 10 years younger than me that has just graduated. Unfortunately I am not in my 20's living home with my parents so I can't afford to take unpaid internships or entry level wages because I do live on my own and have bills. My question is what are the next steps I should take, given all the options I have went over? I am open to any and all advice and will also post a link to my resume if anyone wants to give me some feedback.

https://drive.google.com/file/d/1869o98YGxgPPV06bfc5OvPs-OorzBxtq/view?usp=sharing

Touch here for the full post on Network Security Noblemen tumblr

how to get a job in secops?

ended up taking a job that was a step back in my career. already have a couple system level security certs but not a ton of experience. what are things i should work on to move towards sec ops or sec engineering?

tried looking at job posts but they seem hard to find and all over the place with what they want. i have a few years now in a linux engineering role as well so windows things are out.

Touch here for the full post on Network Security Noblemen tumblr

How much time you spend on a CTF challenge before google’ing write up?

Noob here. Asking this I'm doing a serial CTF (OTW's bandit) as my first steps in the world of CTFs. Should I just crack my head on each one even if it takes me a lot of time? For some it seems just a matter of being familiar with a wide range of UNIX commands, which can sometimes (maybe?) be an inefficient way of making progress, instead of looking for the writeup after reading the CTF, and giving it a 10-15 minutes thought.

Bonus question: do you prefer the man pages or google, as a resource?

Bonus question number 2: how often do you go back to do a CTF you already solved in the pass, just to make sure you remember and understand the 'material'?

Touch here for the full post on Network Security Noblemen tumblr

Is there a service I can use (preferably self-hosted) that can manage the creation of certificate authorities and SSL certs?

I've got several services (bitwarden, sonarr, plex, etc) but whenever I access them for the first time I get a big warning that the certs are self-signed. It's not a big deal but I'd like to be able to get rid of the warnings.

[Edit] Sorry I neglected that these certs will be LAN-only.

Touch here for the full post on Network Security Noblemen tumblr

44 y/o Female Nurse Changing Careers to Cyber Security

Before I graduated from my bachelor's in nursing from UMSL, I was an IT major at Fort Hays State University but switched for different reasons and now I'm stuck in a profession that I have no passion for. I have been reading a lot about the topic (IT, Cyber Security, certifications vs. college education, ageism in the field, etc) and despite I am 100% convinced I want to do this, I kindly ask here about what you all think since I know this community has a lot of valuable knowledge and most people eager to help. Money wise, I will be using my husband's Post 911 GI Bill to afford college. (I have been looking at SNHU New Cyber Degree, Drexel University, and others) What are your thoughts and recommendations for someone my age, no experience in the field, and wanting to make it happen?

Touch here for the full post on Network Security Noblemen tumblr

Building honeypot for when someone Googles you?

Hi there! Is there a way to build a honeypot for when someone is Googling you?

I was thinking about registering a "personal" domain for example, and on visit redirect the visitor to a Linkedin profile you own. Then you can see who visited the profile, for example. You know the profile visitor has googled you.

Are there any other ways & tricks to set up a similar honeypot? 🙂

Touch here for the full post on Network Security Noblemen tumblr

Tool for periodically nmapping 3000+ ips?

I am looking for a tool to scan 3000+ ips on a daily basis and report the diffs (new ports, new active iOS) back to me. I’ve looked at nmap-diff, but found it too cumbersome/not detailed enough. Currently looking at IVRE and Scantron, but I might miss the best tool out there. Any suggestions?

Edit: thanks to everyone for pointing out that you can do this with bash scripts. I know it’s possible, but most of the scripts I’ve found give a short summary between 2 scans, but that isn’t workable over a longer period of time since it will be hard to keep track of the changes (would need to put them into Excel or something). Am I missing something here?

Touch here for the full post on Network Security Noblemen tumblr