I'm on the train on the way home from USCC IL. I'm thinking about what I've learned this week. I really appreciate the effort that everyone involved with this program put into it. The material was much the same as it was last year, but the repetitiveness actually reinforces what we learned last year. So, I still feel like it was worth the effort coming here. We're supposed to open the books and study them after the camp, but having someone to ask questions around is nice.
It was nice to see people that I saw last year, and I was happy to meet new people. Considering the boot camp nature of the course, maybe we didn't exactly absorb all we could have last year. I look forward to (hopefully) attending next year.
I was disappointed that there weren't forensics courses per say. They are kind of at the mercy of what instructors are available, and maybe that isn't the target audience of this camp. I don't know much about the inner workings of it. However, I did become better acquainted with how to set up a home lab with VMs. It's nice to know that the way I was taught before was the right way. Also, I didn't pay very good attention to Scapy last year. I tried, but I really haven't studied packets all that much. I learned a little more this year. My brain started going fuzzy right around lab 5 this time around. Not saying that I completely understood everything else, but it was closer than I was last year. Anyway, Scapy can be used to learn a little bit about Intrusion Detection, Monitoring, and Forensics. I learned how to use Scapy to craft pcaps that I could examine so that I can see how those attacks work. I know that there are pcaps everywhere for this purpose, but how do I know which ones to trust? Also, this cuts out some of the extraneous traffic that may hinder analysis to see what it does. I could also monitor traffic while I use the different options in Metasploit to exploit machines. I could probably do the same with the Web App Pen Testing as well, run captures while I'm working with the vulnerable web apps. So, while I didn't directly learn Forensics, I learned a little about how to make stuff to examine. If you are interested in learning, I highly recommend doing the Cyber Quest so that you can potentially be invited to this camp. Even if you don't feel like you can win the ctf, it is well worth your time.
No comments:
Post a Comment