As far as the SANS Cyber Defense Challenge, I'm currently 10th place. Only two points from the top scorer on the board. For those of you who don't know, SANS Challenge scores are ranked on who answers the quickest. So, if two people are tied, the higher ranking goes to the person that answered more quickly. I'm happy with that place though. Each Challenge Day had a different subject.
Day 1 was basic knowledge.
Day 2 features packets. Wireshark will be helpful
Day 3 features password cracking, plus Bro log analysis
Day 4 features Windows event log challenges
Day 5 features crypto and steganography challenges
I'm happy with my placing because I'm not currently working in IT or cyber security. I don't have friends/coworkers here helping me with these problems. I had to start each day at a later time because I'm a moderator for a boot-camp style course. It goes until 7 PM instead of 5 PM like most other SANS courses. I only knew a little bit about John the Ripper-used it in a class before, but no extensive use. I had to install and configure Security Onion on a VM while I was here-so no previous knowledge of Security Onion and bro. I've never examined Windows logs. Remains to be seen about how I will do on crypto and steganography.
I'm not bragging. If there is any advice that I can give to anyone, it's-yes, you have a lot to learn, but don't forget what you've learned so far, and don't underestimate yourself. It's easy to feel like there's always going to be someone that knows more than you do. There always will be. Don't let that discourage you. You can't control what others do, but you can control what you do. How do you handle perceived inadequacies or defeat? Notice I said perceived. You may not think that you're doing well. Doesn't mean that that is true. Even if you really aren't doing well, you can keep trying, even though it may be difficult now, it gets easier over time. Surprise yourself. As long as you keep learning and growing, that's what counts. Don't compare yourself to others. Compare yourself to yourself. Am I doing better than I was 6 months ago? Hopefully you are. Even the top people started somewhere.
Update to the mistakes post: Anyone watching me use a tool for the first time will laugh. I launch a liveCD VM, install it on there, read a little of the manual, and run the tool against the loopback address if I can. Why? When using a liveCD, if you mess up, just shut it down, and it's like a reset button. I'm very careful to limit the networking to the VM only. I get a lot of errors, but eventually figure out what it does. If you can't use a liveCD, you can make use of Snapshots as well.
Update to the mistakes post: Anyone watching me use a tool for the first time will laugh. I launch a liveCD VM, install it on there, read a little of the manual, and run the tool against the loopback address if I can. Why? When using a liveCD, if you mess up, just shut it down, and it's like a reset button. I'm very careful to limit the networking to the VM only. I get a lot of errors, but eventually figure out what it does. If you can't use a liveCD, you can make use of Snapshots as well.
Today is Day 5, crypto and steganography challenges. I'm a little nervous. I know a smidgeon of crypto, but not a lot of steganography. I will be late starting again. I look forward to trying, though.
No comments:
Post a Comment