[Apachebenchmark-sans-t4] RE: LMP Weekly Email

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Looking at the syllabus, we are going to skip the following two chapters
from last week to stay on course -

-4.1.7: Linux Workshop
-4.1.8: Incident Handling Step by Step Guide 

You will want to review the Linux chapter if have not used Linux/Unix
systems before.  This chapter will get you up to speed on using some of the
common Linux commands and some general user info.  If you are well versed in
DOS/commandline mode on Windows, you will pick this up pretty quickly.  You
will just need to pick up some of the command names to accomplish the same
DOS tasks - such as reading a file, moving around through directories,
etc...  Learning this info in NOT mandatory, however it will help you when
we run the Linux Hacker Lab.  Here are a few weblinks to some Unix/Linux
Cheatsheets you might want to print out and bring to class -

- http://www.xminc.com/linux/linuxcheatsheet.pdf
-
http://www.redhat.com/docs/manuals/linux/RHL-7-Manual/getting-started-guide/
ch-doslinux.html
- http://www.rain.org/~mkummel/unix.txt

If you do not plan on using VMware (to install a linux host) or installing
linux as your base OS, I highly suggest that you download and install
Cygwin.  This is the "Unix-like" application which installs onto Windows
systems and provides a Bash shell for you to interact with.  This will
provide you with an environment to get used to using unix commands and
running applications/tools/scripts.  You can download Cygwin here -
http://www.cygwin.com/

I have tested a number of common unix hacker tools from within Cygwin and
the vast majority of them will compile and run.  

As for the IR Step by Step Guide, I do suggest that you review it, but I
would also review the newly release NIST document for Incident Response - 
http://csrc.nist.gov/publications/drafts/draft_sp800-61.pdf

Thanks.

> Most Respectfully,
> Ryan C. Barnett
> SANS: GCFA, GCIH, GCUX, GSEC
> Department of Justice - ATF
> Information Services Division
> Operations Security Team Lead
> Email: Rya...@at...
> Pager: Rya...@sk...
> Phone: 202-927-2913
> 
> 
>  -----Original Message-----
> From: 	Barnett, Ryan C.  
> Sent:	Friday, October 03, 2003 12:34 PM
> To:	'apa...@li...'
> Subject:	LMP Weekly Email
> 
> Greetings everyone,
> I have finally received the syllabus for our class (sorry this is late but
> I just received it).  I have updated it to reflect the correct dates.
> Please note, we will NOT be meeting on Wed. Nov 26th as this is the night
> before Thanksgiving.  We will hold our last class on the following Wed,
> Dec. 3rd.
> 
> I have posted the syllabus on our class website.
> 
> Chapters to review for next week -
> 
> 4.2	Computer and Network Hacker Exploits I	
> 4.2.1	Overview and Reconnaissance	
> 4.2.2	Scanning I - War Driving, War Dialing, and Mapping	
> 4.2.3	Scanning II - Port Scanning, Fingerprinting,  and Firewalking	
> 
> I will be reviewing these chapters as well. Please let me know if you
> would be interested in more presentations/demos for the material (similar
> to the SNARE presentation from this week).  I have also posted the PDF
> from this weeks presentation - Catching Intruders with SNARE.
> 
> Thanks.
> 
> Most Respectfully,
> Ryan C. Barnett
> SANS: GCFA, GCIH, GCUX, GSEC
> Department of Justice - ATF
> Information Services Division
> Operations Security Team Lead
> Email: Rya...@at...
> Phone: 202-927-2913
> 